DatacentreMobilityNetworksSecurityWorkspace

Aruba Adds Machine Learning Security Platform To Networking Range

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Follow on: Google +

The analytics-based Aruba 360 Fabric integrates with the firm’s own built-in security capabilities, but will work even if no Aruba gear is in place

HP’s Aruba has launched an analytics and artificial intelligence-based security platform called Aruba 360 Secure Fabric that builds on security capabilities found in the company’s existing networking products as well as working with other vendors’ networking software and hardware.

Aruba said the platform’s cross-platform capabilities were key in taking on networking giant Cisco. Aruba argued Cisco’s security tools frequently require the use of Cisco’s own hardware.

Analytics-based security

The new IntroSpect UEBA (User and Entity Behavioural Analytics) works with Aruba’s flagship ClearPass network access control and secure policy management tool to handle security whether Aruba’s own hardware infrastructure is in place or not, the firm said.

If Aruba’s Wi-Fi access points, wireless controllers and switches are in place, all the better: these products include security capabilities it calls Secure Core that integrate with the 360 Secure Fabric platform.

aruba-logoAruba said its products have long included security features, but the new platform builds on those and adds machine learning to detect unusual device behaviour and trigger an appropriate response.

Such tools aim to head off threats that haven’t previously been catalogued by security researchers – known as ‘zero-day’ threats.

Incident response

The platform’s machine-learning tools can also generate a ‘Risk Score’ that indicates the severity of an attack to help speed up incident response, Aruba said.

IntroSpect UEBA is based on security analytics tools HP acquired with Niara earlier this year. The software can be installed in an entry-level version that uses as few as three data sources, which can include Microsoft Active Directory and firewall logs from systems made by the likes of Check Point or Palo Alto Networks.

Upgrading to IntroSpect Advanced adds a broader array of data sources as well as incident investigation, threat-hunting, search and in-depth forensics.

Aruba said it’s reworking ClearPass with IntroSpect integration, allowing the tool to deliver more detailed device information that’s more suitable for dealing with groups of ‘Internet of Things’ connected devices such as webcams.

IntroSpect Standard and Advanced are both available now in North America and are set to roll out worldwide next year.

Do you know all about security in 2017? Try our quiz!