Watch on YouTube
Watch on Vimeo
See new Central cloud native NAC; SASE with SSE, SD-WAN & NAC; new ZTNA natively in SD-WAN Gateways. Adam Fuoss, VP of Product for EdgeConnect SD-WAN, outlined HPE Aruba Networking’s integrated SASE portfolio, comprising SSE (Security Service Edge) for cloud-based security focused on ZTNA (Zero Trust Network Access), EdgeConnect SD-WAN for connecting diverse locations, and ClearPass/NAC (Network Access Control). He highlighted the challenge of traditional ZTNA connectors, which often rely on virtual machines in data centers, leading to inefficient traffic hair-pinning when applications reside in branches. To address this, HPE Aruba Networking has integrated the SSE connector as a container directly into the EdgeConnect SD-WAN appliance, allowing users to connect to cloud security services and then directly to branch applications without backhauling traffic, significantly improving efficiency for distributed applications and remote contractors.
Mathew George, a Technical Marketing Engineer, then provided an overview of Central NAC, HPE Aruba Networking’s cloud-native NAC offering. This solution aims to simplify user and device connectivity by leveraging cloud-based identity sources like Google Workspace, Microsoft Entra, and Okta for authentication and authorization. Central NAC uses Client Insights for advanced device profiling, combining fingerprints with traffic flow information and AI/ML models for accurate classification. It integrates with third-party systems like MDM and EDR solutions to pull compliance attributes, which are then used in NAC policies. Central NAC also supports certificate-based authentication (including “Bring Your Own Certificate” with external PKI), MPSK (Multi-Pre-Shared Key) for user-based or admin-based device authentication, and various guest workflows. A key feature demonstrated was the real-time re-authentication and policy enforcement based on changes in the Identity Provider (IdP), showcasing true Zero Trust in action.
The presentation underscored HPE Aruba Networking’s commitment to a unified Zero Trust posture across their entire portfolio. The vision is for a single policy engine to enforce security from Wi-Fi and IoT devices all the way through switches, access points, gateways, and the SSE cloud. This includes multi-vendor support, allowing for VLAN enforcement on third-party switches like Cisco. While Central NAC streamlines simpler use cases, ClearPass continues to address more complex, on-premise requirements. The overall message emphasized leveraging telemetry-based networking and AI-driven insights to enhance security, improve endpoint experiences, and provide engineers with the necessary data to maintain optimal network performance, ultimately enabling a truly integrated security and networking approach from edge to cloud.
Personnel: Adam Fuoss, Mathew George
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
