Follow on Twitter using the following hashtags or usernames: #MFD14
Watch on YouTube
Watch on Vimeo
The session marks a significant milestone as the first appearance of the combined HPE, Aruba, and Juniper Mist entities following their recent merger. The speakers emphasize their commitment to a self-driving network philosophy, arguing that simply having a network up does not equate to a quality user experience. By merging the talent and assets of Aruba and Mist, HPE aims to create a singular, autonomous ecosystem that can perceive, fix, and validate network issues without human intervention.
HPE outlines three primary pillars that define their vision: built-in security, a microservices-based infrastructure, and an experience-first agentic approach. The security pillar focuses on a convergence where networking and protection work together seamlessly from the device to the cloud. On the infrastructure side, the team highlights a common cloud-native foundation that leverages both hardware and software to deliver reliable outcomes. Most importantly, the agentic pillar relies on episodic memory–ten years of experiential data used to reinforce AI models and ensure that autonomous actions are truly validated rather than just based on raw data lakes.
The session also serves as a launchpad for several major announcements, including the introduction of the first access point capable of booting to either Aruba Central or Mist platforms. This “no customer left behind” strategy ensures that existing users of both portfolios can transition toward the self-driving vision regardless of their starting point. The speakers compare this architectural approach to a mobile app that is built once and deployed across both iOS and Android, allowing HPE to develop advanced microservices and Large Experience Models that function across their unified networking landscape.
Personnel: Jeff Aaron, Sujai Hajela
Watch on YouTube
Watch on Vimeo
The session highlights the rapid integration of Aruba and Juniper Mist technologies, focusing on the evolution of the self-driving network. Bob Friday introduces the concept of agentic AI as a non-deterministic programming language that moves beyond traditional automation to solve complex network problems with high efficacy. The core vision centers on a Waymo-like experience for networking, where the system can autonomously perceive, fix, and validate issues while maintaining a trust list that allows human administrators to dictate which actions the AI is authorized to perform.
The technical demonstration showcases the integration of Marvis Minis and Large Experience Models (LEM) across both the Mist and Aruba Central platforms. Marvis Minis act as digital twins that proactively test network services and application reachability, identifying issues before users are impacted. The Large Experience Model specifically addresses post-connection quality issues by analyzing millions of collaboration sessions, such as Zoom and Microsoft Teams, to pinpoint root causes like WAN latency or misconfigured gateways. This design once, deploy twice strategy illustrates how HPE is porting microservices developed in the Mist cloud over to Aruba Central, ensuring that both customer bases benefit from the same advanced AI insights.
A significant portion of the discussion addresses the agentic mesh and the practical application of autonomous actions, such as resolving rogue DHCP servers and optimizing roaming experiences. The speakers emphasize that efficacy is the primary metric for success, with AI models being continuously benchmarked against real-world support tickets to minimize “hallucinations.” While the platforms maintain their distinct interfaces for now–using names like Marvis and Copilot–the underlying AI framework and engineering teams have converged. The presentation concludes by reinforcing a “no customer left behind” philosophy, promising a common journey toward a fully autonomous, experience-first network infrastructure for all HPE networking clients.
Personnel: Bob Friday, Miles Davis, Sudheer Matta
Watch on YouTube
Watch on Vimeo
Wes Purvis, representing HPE Networking, provides an update on the current state of Wi-Fi 7 and the recent integration efforts between Aruba and Juniper Mist. He begins by highlighting HPE’s successful infrastructure role in the 2026 Winter Olympics, which served over a million clients across five and six GHz bands. Transitioning to market trends, Purvis notes that 6 GHz adoption has surged to 60% among their access points (APs), with client device cutovers now showing 6 GHz devices outpacing 5 GHz in some retail and corporate environments. While Wi-Fi 7 is currently in the 10-15% adoption range, HPE is facilitating its growth by offering compatible security modes that maintain maximum interoperability for older devices.
A major announcement in the presentation is the launch of dual-platform access points, specifically the AP723H, which can boot into either Mist or Aruba Central modes. This hardware strategy is designed to protect customer investments, allowing users to maintain their existing management tracks while utilizing unified hardware SKUs. The APs automatically detect the management platform they are claimed into during boot, with HPE promising to honor existing licenses across platforms to simplify migrations. Purvis emphasizes that all future wireless hardware will follow this dual-platform strategy, aimed at a true north of a unified, self-driving network experience.
The final segment covers the practical advantages of built-in directional antennas and the simplification of Open Roaming. Purvis shares data showing that directional APs, like the AP47D, improve client roaming frequency and maintain higher data rates in high-density environments like lecture halls and big-box retail. By concentrating signal strength and reducing co-channel interference, these APs help clients stay connected to the most appropriate radio. Additionally, HPE has integrated seamless Open Roaming capabilities into both Mist and Aruba Central, allowing for cloud-to-cloud authentication via RADSec without requiring customers to manage complex third-party agreements or external hardware.
Personnel: Wes Purvis
Watch on YouTube
Watch on Vimeo
Wes Purvis of HPE Networking examines the potential benefits and technical hurdles of using 6 GHz standard power (SP) mode in indoor environments. Traditionally, indoor 6 GHz is limited to low power indoor (LPI) mode, which often results in a significant transmission power imbalance between the access point and the client. This discrepancy leads to poor client talk-back performance and a 10 dB average RSSI difference compared to 5 GHz. By flipping the AP to standard power mode, the regulatory constraints ease, allowing client devices to transmit at much higher power levels–up to 24 dBm EIRP compared to as little as 6 dBm in LPI. Testing shows that this shift can improve client signal strength by 10 dB and increase coverage service level expectations (SLE) by up to 30%, making it a valuable tool for low-density or fringe environments like warehouses and large office spaces.
Implementing standard power indoors introduces the complexity of geolocation, a prerequisite for the Automated Frequency Coordination (AFC) required to prevent interference with incumbent incumbents. Since GPS signals are notoriously weak inside buildings, HPE utilizes a propagation mechanism within both Mist and Aruba Central that allows APs with a GPS lock to share their coordinates with neighboring devices. This creates a mesh of derived geolocations across large facilities, even spanning distances up to 1,700 feet. The system calculates an “uncertainty area” that compounds with each hop through the network, using various opportunistic methods such as RF neighbor reports, BLE, and 802.11mc (Fine Timing Measurement) to validate the spatial relationships.
While standard power provides a clear boost in signal strength and coverage, it comes with the trade-off of a reduced channel set, dropping from 59 to 41 available 20 MHz channels. HPE notes that this is generally acceptable in the lower-density environments where standard power is most effective. The integration with AFC is seamless for the user; however, if an AP fails to derive its location, it will automatically revert to LPI mode or disable its 6 GHz radio to remain compliant. As this technology matures, HPE intends to explore more dynamic RRM (Radio Resource Management) adjustments that could automatically toggle between LPI and standard power based on real-time network conditions and client needs.
Personnel: Wes Purvis
Watch on YouTube
Watch on Vimeo
Anilash Azeez presents the practical outcomes of HPE’s location-based services and infrastructure at Mobility Field Day 14, focusing on bridging the gap between networking and real-world business results. The presentation highlights a dual-persona approach that serves both the Juniper Mist and Aruba Central ecosystems, emphasizing user engagement, asset visibility, and IoT analytics. A primary focus is the elimination of costly overlay networks by integrating diverse technologies, including Wi-Fi, BLE, and Ultra-Wideband (UWB), directly into the access point hardware. This convergence allows various verticals, from hospitality to manufacturing, to leverage sub-meter accuracy for mission-critical asset tracking and employee safety without requiring additional cabling or proprietary infrastructure.
The technical core of the session dives into the capabilities of the AP47, which features an expansive array of radios including UWB, Zigbee, and dual BLE. Azeez details how UWB provides a significant leap in accuracy over traditional BLE, particularly in manufacturing environments where tracking material flow and automated guided vehicles (AGVs) directly impacts production volume. By embracing open standards like FIRA and OMLOX, HPE ensures interoperability across different vendors and mobile devices. Practical applications are shared, such as the San Diego Sheriff’s Department’s use of location data to drastically reduce the time required to sort through body camera footage by cross-referencing officer locations with reported incidents.
The final segment of the presentation introduces advanced analytics and visualization tools designed to improve operational efficiency. New dashboards for Eduroam and switch port utilization help organizations optimize their resources and reduce carbon footprints by identifying underused hardware. Azeez also showcases a new 3D live floor plan view that incorporates spatial intelligence, overlaying Service Level Expectations (SLEs) directly onto the map. This allows administrators to visually pinpoint areas with poor roaming or capacity and review before and after data to see how Marvis’s autonomous actions, such as channel or band changes, have improved the user experience over time.
Personnel: Anilash Azeez
Watch on YouTube
Watch on Vimeo
Slava Dementyev of HPE presents the latest advancements in integrated security, focusing on Access Assurance, the AI-driven HPE Mist cloud NAC (Network Access Control). He underscores the guiding principle that networking is an essential part of the security framework rather than just “plumbing,” as it provides the visibility and enforcement points necessary for a Zero Trust architecture. Since its launch in 2023, Access Assurance has seen 100% year-over-year growth, with over 1,200 organizations, including healthcare, manufacturing, and government agencies, adopting the technology. The core of this growth is attributed to a scalable cloud architecture that handles millions of daily authentications while allowing for rapid feature deployment.
A major focus of the presentation is improving operational confidence through two new “Change Management” features. The first is a Dry Run mode for policy rules, allowing administrators to evaluate a new rule against real-time production traffic without actually enforcing it. The system increments a hit counter to show which clients would be affected, and a Blast Radius analysis on the NAC clients page lets admins compare a client’s current production role with its potential dry run role. This proactive validation ensures that introducing new use cases doesn’t inadvertently break existing connectivity in large-scale environments.
The second innovation is a Marvis-driven policy analyzer that uses Large Language Models to scan the entire rule set for logical errors. By comparing current configurations with historical authentication data, Marvis can identify shadowed rules, where a generic rule high in the list prevents more specific rules below it from ever being reached, as well as unused or overly broad policies. Dementyev explains that while this currently functions through a conversational prompt, it will evolve into a proactive Marvis Action. Additionally, the platform supports both built-in and external PKI and offers site survivability via Mist Edge to ensure that NAC functions continue locally even during a WAN failure.
Personnel: Slava Dementyev
Watch on YouTube
Watch on Vimeo
In this presentation at Mobility Field Day 14, Mathew George outlines the security enhancements within HPE Aruba Central designed to simplify the transition to a zero-trust architecture. George identifies common barriers to zero-trust adoption, such as fragmented onboarding workflows, inconsistent policies across different network locations, and a lack of visibility into policy enforcement. To address these, Aruba Central now includes Central NAC, an enterprise-grade, cloud-native network access control solution. This platform supports modern authentication methods like EAP-TLS and MPSK, and it integrates directly with identity sources like Okta and Microsoft Entra ID (formerly Azure AD), as well as MDM solutions such as Intune, JAMF, and Workspace ONE for automated, silent device provisioning.
A significant portion of the demonstration focuses on Client Insights, which uses AI and machine learning to fingerprint devices based on telemetry, DHCP signatures, and traffic flows. This capability allows the network to automatically detect and tag IoT devices, which are often security vulnerabilities. George demonstrates a zero-trust in action scenario where an Arlo security camera, once tagged as compromised via a manual security alert, is immediately forced to re-authenticate and reassigned to a restricted-access role within two minutes. This granular visibility extends to the Security Planet dashboard, which provides a live session view of the data path, allowing administrators to troubleshoot blocked traffic by seeing exactly which ACL or policy is impacting a specific user.
The presentation also highlights the shift toward unified, intent-based policy management. Instead of writing complex, device-specific ACLs, administrators can define a single policy based on user roles–such as preventing BYOD users from accessing corporate IoT devices–and Central handles the translation and deployment across access points, switches, and gateways. Addressing the future of the portfolio, the speakers confirm that while Central NAC is the primary path for cloud-first customers, HPE remains committed to on-premises offerings for complex, multi-vendor environments. They emphasize that the “New Central” platform is fully available as an on-premises solution, ensuring that organizations with strict data residency or connectivity requirements can still leverage these advanced AI-driven security features.
Personnel: Mathew George
Watch on YouTube
Watch on Vimeo
Abhi Shamsundar, a member of the product team at HPE, presents the technical implementation of zero-trust micro-segmentation, focusing on how to enforce security policies closest to the source without requiring a massive network re-architecture. The session addresses a critical challenge in modern networking: preventing the lateral movement of threats, such as ransomware, within a broadcast domain. While traditional micro-segmentation often relies on VXLAN headers and EVPN-VXLAN architectures, which are ideal for large greenfield campuses, they are a hard sell for existing branch, retail, and distributed networks. Shamsundar introduces an inline zero-trust solution that allows for intra-VLAN and inter-VLAN segmentation while leaving existing Layer 2 and Layer 3 boundaries untouched, effectively bypassing the need for complex routing at the access layer.
The core of this strategy relies on Group-Based Policies (GBP) and centralized management via the Mist dashboard. When a device joins the network, it authenticates with a RADIUS server and receives a tag, which is then communicated to neighboring switches and access points. This allows for granular enforcement where communication can be denied not just at a basic “allow or deny” level, but down to specific Layer 4 ports and protocols. During a live demonstration, Shamsundar showcases a wired and wireless client initially communicating and streaming video; by updating the policy on the dashboard, the traffic is instantly halted at the access layer. This system provides a seamless translation of security intent between wired and wireless domains, ensuring consistent protection across the entire infrastructure.
A significant benefit of this approach is the deep visibility it provides to administrators, including hit counters and timeline functions that track policy interactions over seven days. While the speaker clarifies that the current solution supports specific hardware like the Juniper Mist 4100 and 4400 switches, he notes that support for Aruba switches is on the roadmap. The presentation concludes by reinforcing the message that true zero trust is a function of strong segmentation. By enabling enforcement at the edge of the network without requiring a total VXLAN overhaul, HPE provides organizations with a pragmatic path to secure their infrastructure against sophisticated lateral threats while maintaining their current operational models.
Personnel: Abhi Shamsundar
Watch on YouTube
Watch on Vimeo
Alvin Castro and Thomas Munzer highlight how the integration of Aruba and Juniper Mist has unified their strategies around Infrastructure as Code. The core of their philosophy is a 100% REST API approach, ensuring that every function available in the user interface is also accessible via open APIs. This enables deep integration with orchestration tools like Terraform and Ansible, as well as ITSM platforms like ServiceNow and Slack. By maintaining this consistent API-first strategy across both Aruba Central and Mist, HPE provides a robust foundation for DevOps and NetOps teams to automate complex network deployments and management tasks seamlessly.
The technical centerpiece of the presentation is the introduction of Model Context Protocol (MCP) servers for both Mist and Central. Castro describes MCP as the “USB-C for AI applications,” providing a universal abstraction layer that allows corporate-approved Large Language Models (LLMs) to securely interface with live network data. This allows users to prosecute complex queries, such as troubleshooting a specific user’s connectivity issues or identifying configuration optimizations, using their own AI environments. This architecture transforms standard APIs into a universal language of intelligence, enabling agents to communicate with each other while keeping the end user in control of their own AI tokens and costs.
While MCP provides a powerful shim for external AI tools, the speakers emphasize that HPE’s native AI solutions, such as Marvis and Networking Copilot, remain the most efficient and secure way to interact with the network. Native tools utilize curated skills and guardrails that provide faster, more accurate outcomes without the per-token costs associated with external LLMs. The presentation concludes by reinforcing the “one team, one vision” commitment, noting that Mobility Field Day serves as a critical internal milestone for measuring progress. By merging the strengths of Aruba and Mist under a common self-driving network umbrella, HPE aims to deliver a consistent, autonomous experience for all customers, regardless of their starting hardware or management platform.
Personnel: Alvin Castro, Thomas Munzer
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
