Aruba, a Hewlett Packard Enterprise (HPE) company, is holding its annual Atmosphere event this week in Las Vegas. Once mostly for hard-core gearheads (or “Airheads,” as Aruba calls them), the show has grown in scope as Wi-Fi has become increasingly important to digital transformation initiatives, such as in its ability to connect Internet of Things (IoT) devices.
IoT is now real, and businesses are connecting “things” at a furious rate. This includes everything from MRI machines to security cameras to point-of-sale devices to a whole lot more. While Wi-Fi’s primary role is to connect these IoT endpoints, businesses should also expect its help in managing and securing them, too. This, however, hasn’t been easy.
At Atmosphere, Aruba rolled out access points (APs) and device management capabilities aimed at simplifying IoT’s adoption.
- Wi-Fi 6 Access Points -- Aruba’s Wi-Fi 6 (802.11ax) portfolio now includes the 530 and 550 Series APs. Like the 510 Series announced last November, the 530 and 550 APs support connectivity over Wi-Fi, Bluetooth 5, and Zigbee. I believe this makes Aruba the first Wi-Fi vendor to integrate Bluetooth 5 and Zigbee into its APs. Without this integration, gateways would be required to bridge these to Wi-Fi, adding complexity, reducing visibility, and leaving management tools blind to some endpoints. Wi-Fi, Bluetooth, and Zigbee devices account for about three-quarters of IoT gear today, and I expect that number will grow over time. In addition to simplified connectivity, Wi-Fi 6 offers a number of other features, including improved battery life, a boost in performance, and increased reliability. The 530 and 550 APs will begin shipping this month, for $1,500 and $1,900, respectively.
- ClearPass Device Insight -- With machine learning (ML) capabilities from Niara, which HPE acquired two years ago, ClearPass Device Insight automates the discovery and fingerprinting of IoT and all other connected devices on the Wi-Fi and wired network. I can’t emphasize enough how big a problem device discovery is for companies. In a recent ZK Research survey, a whopping 61% of network engineer respondents said they have low or no confidence that they know how many endpoints are connected to their enterprise networks. Even more shocking is the percentage jumped up from 51% three years ago, meaning many businesses have actually regressed in understanding what’s connected. The big problem is that IT no longer owns what gets connected. Operational technology and lines of business are connecting things to improve customer, patient, student, and guest experiences without IT’s knowledge. ClearPass Device Insight uses ML and crowdsourcing to simplify this process.
The combination of the new, high-performance APs and Device Insight creates a closed loop system that connects the device and then applies ML to a combination of data sources to identify the device. While a number of solution providers, such as ForeScout Technologies, have large device databases, these require constant updates and often have huge gaps in device knowledge. Data sources for Device Insight include MAC/vendor information, static information such as DHCP and SNMP, frequency of communication, application communication, port, and protocol to profile the device using deep packet inspection. The metadata is sent to the cloud for analysis and device identification.
The benefit of Aruba’s approach is that the cloud dataset continuously learns though crowdsourcing. If a device is discovered that isn’t already identified, the Aruba cloud receives, tests, validates, and makes the signature available for all customers. Aruba told me it has identified an estimated 90% of endpoints found in general enterprises and about two-thirds of vertically specific ones. Aruba has a massive customer base, and as Device Insight becomes more widely deployed, the number of identified devices should grow considerably.
The tie-in to Aruba’s access control product, ClearPass Policy Manager, further simplifies the process of securing IoT devices. Enterprises can use the policy manager to apply access policies and dynamically segment the network. Aruba’s IntroSpect, which provides user and entity behavior analytics, will set baselines for device behavior, and provide continuous monitoring for anomalous behavior. If it identifies a breach, ClearPass Policy Manager will quarantine a device and turn enforcement over to the 130+ security vendors with which Aruba has partnered.
A connected lighting system serves as a good example. The system would likely send updates to the manufacturer on regular intervals, such as once per day. In the event the device behavior changes and the lighting system starts communicating with the point-of-sale systems, this would indicate a breach and violate the rules being enforced by ClearPass Policy Manager. The endpoint would be removed from the segment, and the remediation process started. The combination of new APs and ClearPass Device Insight can automate that entire process.
ClearPass Device Insight will ship this month, too. List price is slated to be about $1,300 per 100 devices.
Managing and securing IoT is perhaps the most difficult task that network operations has ever faced, given the number of devices being connected without IT having control. There’s too much data being generated for IT to connect the dots between all the data points to understand what’s happening. With these solutions, Aruba is introducing AI into the mix, providing a huge leap forward, with machines able to see things and identify anomalies that people can’t.
