Aruba Combines Several Components in New SD-Branch Package

eWEEK NEW-PRODUCT NEWS: SD-Branch pioneer adds zero-trust security and new cloud-native management functionality to enable non-stop retail operations at scale.


Aruba is in the process of reshaping what edge networking in the enterprise looks like here at the outset of a new decade.

The networking division of Hewlett Packard Enterprise, which the company acquired in March 2016, on Jan. 9 revealed a new, more user-friendly configuration for its SD-Branch package, designed to operate on the edge, that enables more secure, simplified deployment and management of large distributed retail networks. It did this by adding in some new components that hadn't been there automatically in the past.

Enterprises with multiple networking channels--think retailers like Target or Walmart or fast-food franchises like Wendy's or KFC--will be prime candidates for a central control system like this one.

As a central component of HPE’s Edge-to-Cloud strategy, Aruba’s SD-Branch solution now integrates Aruba Branch Gateways with the Aruba Central cloud management platform. This provides a single screen of control and management for SD-WANs, with both wired and wireless networking, to enable secure yet simplified branch connectivity at scale. 

The package as announced Jan. 9 includes:

  • new enhancements to the SD-WAN Orchestrator in Aruba Central to deliver unified edge-to-cloud management and secure connectivity to cloud workloads;
  • an expansion of Aruba’s unified branch defense capabilities to provide unique, identity-based attack detection and intrusion prevention to deliver zero trust in-store network security; and 
  • new branch gateways that provide non-stop connectivity via built-in cellular, including LTE.

"We've extended our security capability by adding the identity based IDS/IPS (intrusion detection systems and intrusion prevention systems) protocols, which allow our customers to further embrace the zero-trust security model," Patrick LaPorte, Aruba Senior Director of Cloud and Software Solutions Marketing, told eWEEK. "We've enhanced our SDN orchestrator so that now you can take more advantage of the services that you're consuming in the cloud. And then lastly, we're adding cellular (backup) capability to the gateways, so that we're providing our customers with nonstop operation in the event that they lose connectivity on their primary links. 

"Put it all together, it's nonstop secure network availability, seamless public cloud access and high-performance application, and then dramatically simplifying your entire network operations."

Sounds like music to the ears of network admins.

Retail IT teams generally are under pressure to update their IT systems within brick-and-mortar locations and to place the store at the center of their customer experience in order to compete with online merchants and marketplaces. To achieve this, they are using next-generation technologies to enable personalized, immersive experiences within the stores but are consistently challenged by the lack of on-site technical staff at branch locations, Aruba said.

Thus, IT staff responsible for connecting, securing and managing retail locations must rethink the way they architect their branch networks. A unified edge-to-cloud architecture that automates and secures LAN, WAN and cloud connectivity is important for providing operational efficiency and addressing the lack of IT staff, which is all too common in many sectors. 

Aruba Virtual Gateways, available for both AWS and Azure, combine with orchestration, are designed to extend network and security policies to workloads running in the public clouds, while the new SaaS Express prioritization feature continuously probes hosting locations for SaaS applications to ensure application performance, LaPorte said.

Seamless Zero Trust from Edge-to-Cloud

As adoption of software-as-a-service (SaaS) applications and virtual private clouds (VPCs) continue to rise in enterprises of all sizes, so has the complexity of maintaining security and control over the data, traffic and users accessing the cloud. This is why Aruba extended its Zero Trust Security model to the cloud with the updated SD-WAN Orchestrator in Aruba Central, which is aimed at making it easier for branch network operators to deploy flexible and secure overlay topologies in a large-scale edge infrastructure, securely connecting thousands of remote locations to applications in data centers and the cloud.

Ensuring Non-Stop Operations at Every Retail Location with Cellular Backup

Everything's about the "user experience" (UX) these days, and new-gen IT--together with enhancements such as machine learning and artificial intelligence--has spoiled users of cloud services to an extent; no question about it. So enterprises are constantly under pressure to deliver, and deliver fast.

To help ensure good UX experiences, retailers require a highly reliable network infrastructure as the foundation for their digital transformations. Built-in cellular access in the Aruba 9004 Series Gateways, exclusive in this new package, gives users the option to use the connection as a primary or secondary uplink or in a load shared active-active mode with other broadband links.  

Embedded cellular provides retailers with reliable, high performance backup connectivity with seamless failover that can be centrally managed. IT staff are able to tune and optimize connectivity by defining SLA policies across a combination of MPLS, Internet and cellular links enforced with dynamic path steering in real-time with the ability to select the preferred cellular link. The cellular link can also be used for remote locations or to accelerate the deployment of a new store until the dedicated MPLS or Internet links are installed 

More Details on Security

Aruba added to its unified branch defense capabilities with new IDS/IPS functionality that integrates with Aruba’s ClearPass Policy Manager and Policy Enforcement Firewall. By using role-based access, Aruba adds a new identity-based detection dimension to traditional intrusion detection and prevention, enabling security teams to focus on alerts that matter.

Aruba said its unified branch defense also includes:

  • one-click integration with cloud-based security solutions;
  • threat visibility and trend analysis;
  • correlation of security events with sites, clients, applications and network infrastructure;
  • out-of-box policies for enforcement and incident response;
  • security event streaming to third-party Security Information and Event Management (SIEM) solutions; and 
  • clearPass Policy Manager for global access policy development and propagation.

Aruba said its unified branch defense capabilities offer a complete solution for security and connectivity at retail locations, defending against myriad threats, including phishing, denial of service (DoS) and increasingly widespread ransomware attacks.

Aruba will be showing its latest innovations for the retail market in Booth #3165 at NRF 2020 (National Retail Federation) taking place at the Jacob K. Javits Convention Center Jan. 12–14 in New York City.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 15 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...