Aruba, a Hewlett Packard Enterprise company, announced two new offerings to help enterprise customers simplify the adoption of IoT. First, Aruba ClearPass Device Insight delivers a single pane of glass for device visibility employing automated device discovery, machine learning (ML) based fingerprinting and identification.
Additionally, Aruba introduced the Aruba 530 and 550 Series access points, an extension to the industry’s most advanced family of 802.11ax (Wi-Fi 6) IoT-ready access points. Together, these solutions allow enterprises to remove IoT security and connectivity barriers, while decreasing associated operational costs and complexities.
When addressing their IoT strategies, organizations globally are faced with new security and connectivity challenges. There are more than 14 million new connected devices being added to the network every day.
The explosion of these vastly different and unpredictable device types renders manual device profiling techniques inadequate and makes automation a key requirement for securing IoT. To add to the complexity, many IoT devices are often connected to disparate overlay networks that typically support only one type of connectivity, such as Wi-Fi, Bluetooth or Zigbee.
IoT security starts with visibility: AI-powered device discovery and profiling
Aruba’s new ClearPass Device Insight uses machine learning and crowdsourcing to automate the discovery and fingerprinting of all connected devices and IoT devices on any wired or Wi-Fi network – regardless of vendor.
Advanced technology from Aruba’s Data Science Laboratory leverages custom-built deep packet inspection (DPI) to create behavioral profiles that enable precision fingerprinting. ClearPass Device Insight’s cloud delivery platform leverages shared community learnings to identify newly-introduced devices.
Used with Aruba ClearPass Policy Manager and Aruba’s Dynamic Segmentation security capabilities, IT teams can automate authentication and policy enforcement down to the device and user level, applying different access policies or rules based on the role designated for the device. If any device exhibits abnormal behavior, ClearPass can automatically quarantine or remove it from the network.
According to Gartner, “line of business, operational technology and building automation networks that were historically air-gapped are converging onto the enterprise infrastructure, adding more IoT devices and more attack opportunities.”
Aruba’s closed-loop approach eliminates blind spots and provides IT teams with an automated and intelligent security solution for visibility into this massive volume and variety of devices to the corporate network, often without IT oversight.
Comprehensive details about each device, including manufacturer, device location, ports and protocols used, application destinations and traffic volume are all available on ClearPass’ single-pane-of-glass management platform for complete IoT visibility and control.
“Being able to easily identify the growing number of wired and wireless IoT device types on our network, without interfering with sensitive medical equipment, is critical to our security and compliance goals,” said Kevin Rothstein, Network Engineer, Sharp Healthcare.
“We are evaluating Aruba’s ClearPass Device Insight to help us discover and fingerprint all connected devices on a large scale. When integrated with ClearPass Policy Manager, we will have a powerful closed-loop policy enforcement solution down to each device.”
IoT connectivity: Wi-Fi 6 APs as a platform for IoT
Aruba has also expanded its portfolio of next-generation 802.11ax IoT-ready access points to address growing wireless performance requirements as well as accelerate the adoption of IoT solutions.
When organizations consolidate multiple networks onto a single, converged infrastructure, IT teams can reduce complexity and improve return on investment when executing their IoT strategy. A converged network simplifies IoT onboarding through automated endpoint discovery and provides a common policy framework for mobile devices, users and things.
Like the 510 Series announced in November 2018, the new 530 and 550 Series APs eliminate the need for IoT gateways and the resulting complicated network management requirements, allowing IT teams to easily connect a diverse set of IoT devices and sensors that utilize different protocols.
The support of Wi-Fi, Bluetooth 5 and Zigbee protocols on the new APs allow organizations to connect with 74% of today’s IoT devices.
“As a leading producer of baked goods for the quick service restaurant and C-store industry in the U.S. and 20 countries globally, we have a strong need to simplify connectivity for our growing set of wireless IoT devices, from inventory sensors to handheld scanners,” said Eric Spille, Manager of Technical Services for The Bama Companies.
“Aruba’s new Wi-Fi 6 access points with integrated Bluetooth 5 and Zigbee will provide us with a converged platform for IoT which could greatly reduce the complexity and cost of managing multiple networks and infrastructure appliances.”
An added benefit of the 530 and 550 Series AP is that Wi-Fi 6 offers improved battery life for battery powered IoT devices. The protocol allows IoT devices to remain inactive until data needs to be transmitted.
As a result, battery powered IoT devices realize a significant power savings, reducing the maintenance windows for IT staff. The efficiency improvements in Wi-Fi 6 amount to a faster performing and more efficient infrastructure as well as an enhanced experience for all the clients on the network.