Unified Wired & Wireless

with HPE-Aruba Mobile-First Networks

 HPE Aruba Positioned in
Gartner’s Leaders Quadrant

HP Positioned in
Gartner’s Leaders
Quadrant
2016

This Magic Quadrant graphic was published by Gartner Inc. as part of a larger
research note and should be evaluated in the context of the entire report. The
Gartner report is available upon request from HP. Gartner does not endorse any
vendor, product or service depicted in its research publications, and does not
advise technology users to select only those vendors with the highest ratings.
Gartner research publications consist of the opinions of Gartner's research
organization and should not be construed as statements of fact. Gartner
disclaims all warranties, expressed or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purpose.
 Wired and Wireless LAN Access Infrastructure
Gartner Magic Quadrant 2017

Market Leader 12 Years Running1

Airhead Community 65K
Strong & Growing!

1 Aruba’s 12 years of placement includes HPE (Aruba) in the Magic Quadrant for the Wired & Wireless LAN Access Infrastructure from 2015-2017 (3 years),
Aruba Networks in the same Magic Quadrant from 2012-2014 (3 years) and in the Magic Quadrant for Wireless LAN Access Infrastructure from 2006-2011
(6 years).
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from
Aruba, a Hewlett Packard Enterprise company. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only
those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact.
Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties or merchantability or fitness for a particular purpose.

Source: Gartner Magic Quadrant for the Wired and Wireless LAN Access Infrastructure
October 2017. Tim Zimmerman, Christian Canales, Bill Menezes
ID Number: G00316060
 Trusted by Enterprises Worldwide
Technology Social & New Media Finance Media & Ent,

Higher Education Government Healthcare Retail

Primary Education Public Transit Public Venues Services

Oil & Gas Manufacturing Hospitality Telecom

Aruba Networks, Inc. All rights reserved

Military Grade WLAN System:
#1 Market Share in U.S. Military & Government

Civilian Defense Research

• FDIC • US Army • Sandia National
• FEMA • US Air Force Laboratories
• NASA • US Marine Corps • Lawrence Livermore
• SBA • US Navy National Laboratory
• Department of the Interior • Military Health System • Los Alamos National
Laboratory
• IC • Air National Guard
• Oak Ridge
• NATO
• IC

–Hundreds of large, secure WLANs

–>300,000 Access Points and thousands of controllers deployed
#GenMobile Imperative: Digital Workplace
STABLE AIR
Wi-Fi that doesn’t slow down
as many people connect

SECURE AIR
Secure resources when personal
devices and guests connect

SIMPLE AIR
Easy to deployed WLAN

SMART AIR
Provide Visibility to WLAN
STABLE AIR – 802.11ac W1/W2 + ClientMatch

Aruba Networks, Inc. All rights reserved

Broad Portfolio of WLAN Connectivity
Broad Portfolio of WLAN Connectivity
Indoor Access Points
Hospitality Access Points

Hardened Access Points

Remote Access Points

Outdoor Access Points

Aruba ClientMatch™ Enables 802.11ac W1/W2 Wi-Fi
REAL-TIME RF CORRELATION

DEVICE TYPE LOCATION CONGESTION INTERFERENCE

Match to Enables use of

another AP 802.11ac Wi-Fi rates
Patent:
8,401,554  98% of mobile devices
with higher signal quality
 94% better performance
for “sticky” clients
 88% higher network
performance
 No client-side software
required
More APs Don’t Always Help

11
Aruba ClientMatch in Action
Stable Air: Aruba 802.11ac/ac W1/W2 for High Density Wi-Fi
SECURE AIR
AppRF™ 2.0
Recognized over 2500 Applications
Question of the Day – Week - Month - Year
 Adaptive Trust Defense

Static Perimeter Defense Adaptive Trust – Zero Tolerance

Legacy Perimeter Defense

A/V Firewalls
A/V Security and
Firewal
Firewalls EMM/MDM
Policy for each
ls A/V
user or group
IDS/I Web
IDS/IPS
PS gateway
IDS/IPS
Web s
Physicalgateways
Physical Component
Physical
Web
Device Profiler
Components s gateways
Analytics-Driven Active Cyber Protection

Aruba 360 Secure Fabric

Aruba ClearPass | IntroSpect
360 Security
Discovery, Authorization, and Integrated Attack Response
Exchange
Analytics
Other
Aruba Mobile First Infrastructure Infrastructure
with Aruba Secure Core
Secure Boot | Encryption | DPI | VPN | IPS | Firewall
l
 Identity-based Network Access

NEW WAY:
OLD WAY: Simplify with
Without advanced Identity-based
policy, separate Network Access,
traffic by SSIDs separate traffic
dynamically
Role Based Security Architecture
End-to-end per-user
crypto connection
Role-Based
Access Control
Access Rights
SSID-Based
PoS Access Control PoS
RADIUS
LDAP
Virtual-AP 2 AD
SSID: Corp Data
Data Corporate
Services
Voice
Voice

Virtual-AP 1 Signage
Signage SSID: GUEST ClearPass

Guest Secure Tunnel

To DMZ
Captive Portal

Guest
DMZ
Policy Enforcement with Application Visibility

Integrated DPI
− Depth - common apps
− Custom app traffic

 Prioritize critical apps

Cloud-Based Web Policy

Enforcement
− Breadth - less common apps
 Block inappropriate content
− Web traffic
 Enforce per user/device/location
GRANULAR VISIBILITY & CONTROL
 App category  Allow/deny
 Individual app  QoS
 Web category  Throttle
 Web reputation  Log
 Blacklist
HPE-Aruba ClearPass
ACCESS DISTRIBUTION CORE
EMPLOYEE
HPE-Aruba Clearpass
Policy Manager
103
3
GUEST 3
3
4 4
203 FLOOR 3
EMPLOYEE
TUNNELS
STANDBY
103
2
2 Controller
GUEST 2 103 203
102 202
203 FLOOR 2 TUNNELS 101 201
EMPLOYEE/GUEST ACTIVE
1 5 5

301 1

TUNNEL NODE

FLOOR 1

IOT

TUNNEL NODE

ACCESS for IOT

Aruba Networks, Inc. All rights reserved
The ClearPass Platform
Guest Onboard OnGuard

Expandable Applications Remote Location

Hardware or
VM Appliances
(500, 5,000 or 25,000)
ClearPass Policy Manager
Flexible Guest Logins for Any Visitor

Visitor uses self registration

Rich self-service workflows to

control guest access privileges
Logon support for social, sponsor

Mac Caching for repeat visitors

Employees Login with Personal Devices (BYOD)

User and IT friendly:

One time user registration / no IT intervention
Security: IT managed, 802.1X and
Certificates
Context: Data added to profile for
adaptive policy and troubleshooting
OnGuard: Automated Health Checks Before Access

Wired/Wireless: Ensures posture

compliance for laptops/computers

Security: Forces use of Anti-Virus,

Anti-Spyware, firewalls, disk encryption…

Remediation: Manual or auto

Visibility: Identifies poor behavior

 Network Security
Trusted Admission
Infrastructure Control and
THE NEW SECURITY ARUBA Attack
360 Secure Detection
IMPERATIVE Fabric
IntroSpect

Network + Security
Attack Response
After Authentication (802.1x) What is Next?

Compromised
Users & Hosts

Negligent
Employees

Malicious
ATTACKS AND Insiders
RISKY BEHAVIORS
on the inside
 ARUBA 360 SECURE FABRIC
Open, Analytics-driven Security for the Mobile, Cloud, and IoT Era

3rd Party Aruba 360

Infrastructure
ClearPass | IntroSpect Security Exchange

Discover, Authorization and Integrated Attack Detection and Response

Analytics
Supervised and Unsupervised Machine Learning

Aruba Mobile First Infrastructure

with Aruba Secure Core
Secure Boot | Encryption | DPI | VPN | IPS | Firewall

360º active cyber protection and secure access

from the edge, to the core, to the cloud—for any network
SOLUTION
SOLUTION- –AT A GLANCE WITH SECURITY ECOSYSTEM
INTEGRATED

IDENTITY

INFASTRUCTURE
Consoles / Workflows

SIEM ANALYZER
CASB
SaaS
ENTITY360
PACKET PROCESSOR
PACKET
DPI
ANALYTICS FORENSICS CAPTURE
laaS
NETWORK TRAFFIC
DATA PACKETS
FUSION BIG DATA FLOWS
ALERTS
ACCELERATED INVESTIGATION AND RESPONSE

WILL SMITH

Behavioral
Analytics
 CLEARPASS + PARTNERS = INTEGRATED PROTECTION

1. Discover 2. Monitor 3. Decide

and Authorize and and Act
Alert
User/Device Actionable
Context Alerts • Real-time Quarantine
• Re-authentication
• Bandwidth Control
• Blacklist

ClearPass ClearPass
Secure Network Access Control 360 Security Adaptive Response
Exchange Partners
Service Chaining Example

Sound
Send Email the Open Help
to security alarm! Desk
Update Palo
Alto Firewall team Ticket
Send user
SMS
notification

RADIUS Action
to force
notification page
HPE-Aruba Mobility Controller Portfolio
SMART AIR - Aruba Airwave
Can’t see over the air
Manage user experience
VISIBILITY
RF PERFORMANCE
Client RF health, SNR, and speed statistics

FIREWALL
Application performance / usage by devices,
destinations, WLANs, users or roles

RF CAPACITY
Network-wide AP threshold and usage statistics

ANOMALY DETECTION
Current client count and network usage statistics
compared to 40 week rolling average

WATCHED CLIENTS
SNR, speed & health statistics for specific clients
VISIBILITY

41
VISIBILITY

42
Aruba – AirWave Clarity
Aruba – Airwave Clarity Synthetic
 Enhancements for deeper insight
Heat Maps Location Tracking

DEPLOYMENT PLANNING - TROUBLESHOOTING

HPE Networking Portfolio

10504 10508 10508V 10512

7503 7502/3 7506 7506V 7510 5500 HI

3800
• Layer 3 Advanced
• Layer 3 Advanced • 24 or 48 ports
5500 EI
5406/5412 R 24 or 48 ports • Enhanced
3500 • Layer 3 Advanced • Low-latency MPLS/VPLS support
2920/2915 5130 EI/HI 24 or 48 ports
Layer 3 with static • Layer 3 Advanced • Highly resilient • Dual Redundant PS
• Redundant power Mesh Technology • IRF
• Layer 3 with static & RIP routing • 24 or 48 ports
• IRF • Redundant power • Fixed and modular
& RIP routing • 24 or 48 ports Gig• Modular 10 GbE
3600 v2 EI • OpenFlow • Replaceable fans 10GbE uplinks
• 8, 24, 48 ports Gig • PoE+ models uplink
• PoE+ models • 4 fixed 10 GbE • Redundant power • OpenFlow • OpenFlow
2620/2615 • Layer 3
2530 • Stacking uplinks • OpenFlow
• Layer 3 with static Advanced with • Redundant power • Redundant power
& RIP routing mcast routing
• Layer 2 • Modular 10GbE • 9 chassis IRF
• 8, 24 or 48 ports • 24 or 48 ports
• 8, 24 or 48 ports uplinks • OpenFlow 1.3
• 10/100 • 10/100
• 10/100 & 1 GbE • OpenFlow
• PoE+ models • PoE+ models
• 10 GbE uplinks
• PoE+ • Redundant power IRF•
• sFlow, ACLs, IPv6 • GbE uplinks
• Fanless &
compact models
 HPE-Aruba Meridian Solution

Aruba WLAN

Engagement
App

Digital Sign

Business
Intelligence System
Aruba Beacons
 Push notifications indoors
with Aruba Proximity Beacons

#airheadsconf
 PUSH NOTIFICATIONS MOBILE ENGAGEMENT

Make apps location and context aware

Triggered per location, per campaign

Customized per time-of-day, identity

The Aruba Tag - Asset Tracking

BLE-Enabled
Designed for stringent
requirements, Multiple attachment options
including healthcare

Two year battery life

LOCK
 WI-FI PRESENCE ANALYTICS OFFER
INSIGHTS INTO CLIENT BEHAVIOR

Visitor traffic and engagement on mobile app

Time and location-based metrics

How many How many How many stayed?

passerbys? entered? For how long?
CAPTIVE PORTAL
Thank You
[email protected]
0906900670