Aruba, the wireless networking division of Hewlett Packard Enterprise, is launching an analytics-driven attack detection and response framework to bolster enterprise security from the edge, to the core, to the cloud for multivendor networks.
Aruba 360 Secure Fabric is a security framework that builds on User and Entity Behavioral Analytics (UEBA) to detect and respond to advanced cyberattacks from pre-authorization to post-authorization across multivendor networks, not just its own wireless LAN gear. Aruba already offers an IntroSpect UEBA product line that leverages machine learning security to detect anomalous user and traffic patterns across multiple data sources. Aruba Introspect can ingest common data sources including Microsoft Active Directory or other LDAP authentication records and identity information, and firewall logs from sources such as Checkpoint, Palo Alto Networks, or Aruba monitoring (AMON) logs from Aruba infrastructure.
Key components of the Aruba 360 Secure Fabric include:
- Aruba IntroSpect UEBA solution : A new network-agnostic family of continuous monitoring and advanced attack detection software. Includes a new entry-level edition and uses machine learning to detect changes in user and device behavior that can indicate attacks that have evaded traditional security defenses. Machine-learning algorithms generate a Risk Score based on the severity of an attack to speed up incident investigations for security teams.
- Aruba ClearPass : A network access control (NAC) and policy management security solution that can profile BYOD and IoT users and devices, enabling automated attack response, is now integrated with Aruba IntroSpect. ClearPass can also be deployed on any vendor’s network.
- Aruba Secure Core : Essential security capabilities embedded in the foundation across all of Aruba’s Wi-Fi access points, wireless controllers, and switches, including the recently introduced Aruba 8400 campus core and aggregation switch.
Aruba said its new framework delivers betters and complementary attack detection with leading third-party security solutions. An emphasis is places on rapid response for breach investigations based on forensic traffic analysis.