|
|
 Madani Adjali, Mounir Hahad, Adam Fuoss, Pradeep Hattiangadi, Kedar Dhuru, and Nirmal Rajarathnam presented for HPE at Security Field Day 14 |
This Presentation date is September 24, 2025 at 9:00-10:30.
Presenters: Adam Fuoss, Kedar Dhuru, Madani Adjali, Mounir Hahad, Nirmal Rajarathnam, Pradeep Hattiangadi
Follow on Twitter using the following hashtags or usernames: #XFD14
HPE Networking Security Overview with Madani Adjali
Watch on YouTube
Watch on Vimeo
This presentation marks a significant moment for HPE, as it’s the first time Aruba Networks, now part of HPE, has presented at Security Field Day since 2018. The recent acquisition of Juniper Networks has further expanded HPE’s security portfolio, leading to the formation of HPE Networking. The presenter, Madani Adjali, highlights the historical context of both Aruba and Juniper’s past presentations at the event, expressing a desire for more frequent participation in the future. The newly formed HPE Networking is structured into several groups, including campus and branch, data center, and WAN, with this presentation focusing specifically on the SASE and security pillar.
The core of the presentation will delve into two main areas: new capabilities within Aruba Central related to application intelligence and advancements in the firewall side of the portfolio, leveraging the SRX platform. The SASE and security pillar, led by Adjali, encompasses a wide range of products, including network access control, SD-WAN, SASE, and firewalls. The audience is given a high-level overview of the comprehensive security offerings now available through HPE, which range from various SD-WAN solutions to a full suite of firewalls, ZTNA, SWG, and CASB. The presenter also mentions ClearPass Policy Manager, a network access control product demonstrated back in 2018, and its new cloud-oriented capabilities.
The presentation aims to be an interactive session, with a team of experts on hand to provide in-depth information and answer questions. The goal is to showcase the power and breadth of the new HPE Networking security portfolio. The speaker emphasizes the significance of this moment for the company, following the recent completion of the Juniper Networks acquisition. The presentation will feature deep dives into the technical aspects of the new security capabilities, with a particular focus on the integration of AI and predictive technologies to enhance threat prevention and application intelligence. The session promises to be informative for anyone interested in the future of network security and the combined strengths of HPE and Juniper Networks.
Personnel: Madani Adjali
HPE SRX Series Next-Generation Firewalls & Threat Prevention
Watch on YouTube
Watch on Vimeo
Discover how the SRX firewall portfolio secures networks of any size. We’ll dive into AI-Predictive Threat Prevention (AI-PTP), which neutralizes zero-day attacks with a proxy-less, real-time, on-device AI engine. We’ll also cover how a Machine Learning detection pipeline continuously provides automatically generated signatures for emerging threats, delivering stronger security without compromising firewall performance.
The session outlines a security philosophy focused on making security easier to operationalize, from the user edge to the data center. The speakers explain that with the rise of device proliferation, distributed applications, and Gen AI, the threat landscape has become more complex. HPE’s approach is to use a comprehensive threat detection pipeline, heavily leveraging AI and machine learning, directly on their SRX firewalls. This strategy aims for a high detection rate and a very low false positive rate without sacrificing performance. The core of the presentation centers on a feature called AI-Predictive Threat Prevention (AI-PTP), which represents a shift from traditional reactive, signature-based models to a proactive approach for identifying both known and zero-day malware.
The AI-PTP system operates using a two-stage process. First, machine learning models are trained in HPE’s ATP Cloud using vast datasets of malicious and benign files. These trained models are then deployed to the SRX firewalls, where the “inference” or detection happens directly on the device. A key differentiator is its inline, proxy-less architecture, which analyzes just the initial portion of a file as it’s being downloaded to quickly determine if it’s malicious. This allows the firewall to block threats in real-time. This on-box capability is part of a defense-in-depth strategy, augmented by cloud-based analysis, including multiple sandboxing methods. During the demonstration and Q&A, it was clarified that this process has a negligible performance impact, can update threat signatures across all customers in minutes, and can automatically place an infected host on a blocklist that is shared across the entire HPE security ecosystem, including NAC and switching solutions.
Personnel: Kedar Dhuru, Mounir Hahad, Pradeep Hattiangadi
HPE SD-WAN Gateways & Advanced Services
Watch on YouTube
Watch on Vimeo
Explore how the HPE secure SD-WAN portfolio helps protect branch locations against cyberthreats while embracing the flexibility of cloud-first architectures. Discover how the new HPE Networking Application Intelligence Engine (AppEngine), strengthens security with real-time defense, leveraging aggregated application security insights such as risk, reputation, vulnerability, and compliance.
In this session, HPE introduced its newly combined SD-WAN portfolio, which includes Aruba SD-Branch, EdgeConnect (formerly Silverpeak), and the Juniper Session Smart Router. The presentation focused on a key security challenge in branch networks: the lateral movement of threats once a bad actor gains entry. Presenters argued that while identity-based segmentation was an improvement over static VLANs, it is insufficient without a deep understanding of the applications traversing the network. To address this gap, HPE unveiled its Application Intelligence Engine (AppEngine), a new service running within the Aruba Central management platform. The engine’s primary goal is to provide a comprehensive application posture, enabling more effective dynamic segmentation to protect against internal threats.
The AppEngine works by ingesting, correlating, and normalizing application data from multiple sources, such as deep packet inspection (DPI) and URL filtering, into a single, unified application catalog. This process creates a rich, contextual profile for each application, complete with security scores, known vulnerabilities, compliance data, and encryption details. From the central dashboard, an administrator can define global, role-based security policies based on this application intelligence. The AppEngine then automatically distributes the appropriate signatures and policies to the relevant enforcement points, like gateways or access points. The demonstration showcased an administrator identifying high-risk applications and creating a policy to block them for specific user roles during business hours, all without touching individual device configurations. Currently, this functionality is available for the SD-Branch solution managed by Aruba Central, with plans to extend its capabilities across the broader portfolio in the future.
Personnel: Adam Fuoss, Nirmal Rajarathnam