One of the IT trends in 2021 is that with the maturation of the cloud and the growth of edge networking with its myriad endpoints – all accelerated by the explosion of IoT – how security is defined and implemented is now becoming part of the network architecture, and not some bolted-on component of the enterprise IT environment.
Actually we enter 2021 in a very different place from where we were at the start of 2020. In 2020, remote work and distributed computing have proven successful for many job functions, and work-from-home will continue well into the future. Meanwhile, State-sponsored cyberattacks are at an all-time high and it’s imperative to protect users, devices, and data wherever they are located. IT needs complete visibility into and control over its networks. IT will accelerate security measures, including strong access controls, AI-driven cybersecurity, and network modernization and additional segmentation to protect high-value data. That necessitates an even greater focus on Zero Trust security.
The concept of Zero Trust is nothing new and has been around for almost a decade. Zero Trust, at its core, is a security policy for your organization that removes traditional boundaries such as firewalls, routers and switches from being the only factor used to determine if a device is trusted or not. With this model, you are no longer trusting devices just because they are connected to your network. Zero Trust has emerged as an effective model to better address the changing security requirements for the modern enterprise by assuming that all users, devices, servers, and network segments are inherently insecure and potentially hostile.
In practice, building a Zero Trust architecture may be easier if done from greenfield. It does allow brownfield organizations to adopt the principles and add additional layers to their existing security models. Zero Trust varies significantly depending on which domain of security is being considered. Although application-level controls have been a focal point within Zero Trust, a comprehensive strategy must also encompass network security and the growing number of connected devices, including the work from home environment.
Aruba has long been a leader in secure networking solutions. Zero Trust network architecture solutions will remain a core piece of effective security with traditional IT workloads moving out of the Edge into either the cloud or SaaS environment. The vacuum left behind is eventually going to be replaced by OT/IoT specific workloads at the Edge. Furthermore, with the implementation of 5G, the networking architecture must contend with multi-access edge compute (MEC) workloads – both private and public – all the more necessitating dynamic approaches to security policies beyond the user-centric workflows that Zero Trust is primarily optimized for today.
Aruba Zero Trust Security ensures that the same controls can be applied to your campus or branch network to help you achieve the following goals:
1. See what's connected to your network：
With the increased adoption of IoT, full spectrum visibility of all devices and users on the network has become an increasingly challenging task. Without visibility, critical security controls that support a Zero Trust model are difficult to apply. Automation, AI-based machine learning, and the ability to quickly identify device types is critical. Aruba ClearPass Device Insight uses a combination of active and passive discovery and profiling techniques to detect the full spectrum of devices connected or attempting to connect to the network. This includes common user-based devices such as a laptops and tablets. Where it differs from traditional tools is its ability to see the increasingly diverse set of IoT devices that have become increasingly pervasive on today’s networks.
2. Use identity and roles to enable access to IT resources:
Once visibility is in place, applying Zero Trust best practices related to “Least Access” and micro segmentation are critical next steps. This means using the best authentication method possible for each endpoint on the network (i.e. full 802.1X and multi-factor authentication for user devices) and applying an access control policy that only authorizes access to resources that are absolutely necessary for that device or user.
Aruba ClearPass Policy Manager enables the creation of role-based access policies that enable IT and security teams to operationalize these best practices using a single role and associated access privileges that are applied anywhere on the network – wired or wireless infrastructure, in branch or on campus. Once profiled, devices are automatically assigned the proper access control policy and segmented from other devices via Aruba’s Dynamic Segmentation capabilities. Enforcement is provided by Aruba’s Policy Enforcement Firewall (PEF), a full application firewall that is embedded in Aruba network infrastructure. Aruba infrastructure also utilizes the most secure encryption protocols such as the WPA3 standard over wireless network connections.
3. Dynamically change access privileges based on real-time threat data:
With over 150 integrations made up of best-of-breed security solutions that include Security Operations and Response (SOAR) tool sets, ClearPass Policy Manager is able to dynamically enforce access based on real-time threat telemetry coming from multiple sources. Policies can be created to make real-time access control decisions based on alerts coming from Next-Gen Firewalls (NGFWs), Security Information and Event Management (SIEM) tools, and many other sources. ClearPass actions are fully configurable from limiting access (i.e. Internet only) to fully removing a device
from the network for remediation.
Through the ClearPass ecosystem, customers can also easily incorporate other
solutions to meet Zero Trust requirements related to contextual information and other security telemetry. This means ClearPass can integrate with a wide variety of solutions such as Endpoint Security tools to make more intelligent access control decisions based on a device’s posture. Access control policies can also be changed based on which type of device is being used, where the user is connecting from, and other context-based criteria.
Aruba’s threat defense capabilities defend against a myriad of threats, including phishing, denial of service (DoS), and increasingly widespread ransomware attacks. Aruba 9000 SD-WAN gateways perform identity-based intrusion detection and prevention (IDS/IPS), working together with Aruba Central, ClearPass Policy Manager, and the Policy Enforcement Firewall. Identity-based IDS/IPS performs signature- and pattern-based traffic inspection on both the branch office LAN (east-west) traffic as well as the SD-WAN (north-south) traffic flowing through the gateway to deliver embedded branch network security. An advanced security dashboard within Aruba Central provides IT teams with network-wide visibility, multi-dimensional threat metrics, threat intelligence data, as well as correlation and incident management. Threat events are sent to SIEM systems and ClearPass for remediation.
Work from home, digital transformation, and IoT require innovative security strategies. In Summary, Aruba Zero Trust Security in response to such a rapidly changing situation.
The benefits of Aruba Zero Trust Security
• Adopt holistic security
There are many definitions of Zero Trust. Only Aruba provides the key elements for implementation: Complete visibility, authentication, policy-based access authorization, and attack detection and response.
• Eliminate VLAN sprawl
Zero Trust with Dynamic Segmentation leverages user and device identity to set role-based IT access permissions enforced by the network infrastructure–independent of how or where the connection is made.
• Integrate security ecosystems
Aruba ClearPass Policy Manager integrates with 150+ third-party security solutions. It updates those solutions when users and devices access the networks, automatically changing access rights to respond to issues detected by our partners.
Aruba Zero Trust video：https://www.youtube.com/watch?v=EVXCizp83aI