Enterprise Looking for Security, Access at the Edge

Cisco and Aruba roll out new offerings to improve the performance, manageability and security of applications and data in distributed environments.


As the action continues to push out to the network edge, enterprises are looking not only for better performance from their distributed applications but also for greater security for the data that is being generated and collected out there.

Trends like cloud services, a more mobile workforce, increasingly intelligent applications and the internet of things (IoT) are rapidly changing the way business is done, pushing applications and data beyond the firewall while enabling employees to work where they want and to easily access cloud services. That’s driving the need for organizations to bring better network access and application performance to where the workers are while finding ways to address what is a vastly larger threat landscape.

“The network edge used to be something that was easy to define,” Zeus Kerravala, principal analyst with ZK Research, told eWEEK. “It used to be the branch or campus edge, but now it’s wherever your customers are.”

It’s creating an edge computing market that is expected to grow rapidly in the coming years. A report published by MarketsandMarkets is predicting the space—including hardware and solutions—to grow from $1.47 billion in 2017 to $6.27 billion in 2022, an annual average growth rate of 35.4 percent. Given such numbers, it’s no surprise that most data center product vendors are making the edge a central part of their portfolios and roadmaps.

Cisco, Aruba Are the Market Leaders

Two of those vendors are Cisco Systems and Aruba Networks. Cisco over the past couple of years has continued to push its broad array of products out to the edge. That includes everything from its HyperFlex hyperconverged infrastructure solutions to edge routers and Webex collaboration services. The company, like most other networking technology vendors, also has been building out its software-defined WAN (SD-WAN) lineup, making it easier for branch offices to connect directly into the internet rather than having to go through a central data center.

Aruba has essentially become a key part of parent company Hewlett Packard Enterprise’s edge efforts. Keerti Melkote, Aruba’s founder and its senior vice president and general manager, is also president of HPE’s Intelligent Edge business. During Aruba’s user conference in March, he said the next generation of infrastructure architecture will be “edge-centric” and that Aruba is “going to be bringing … real-time experience to the edge.”

Both companies this week made moves to help businesses as they embrace the edge. At Cisco’s Partner Summit, company officials announced moves to strengthen SD-WAN security as well as to improve performance and manageability. Cisco integrated advanced security features—including application-aware enterprise firewalls, intrusion prevention and URL filtering—into its SD-WAN devices and enabling those features to be managed via a single console. Officials also noted that Cisco’s SD-WAN portfolio is powered by the company’s Talos threat intelligence solution.

Such capabilities are necessary as SD-WAN helps expand the threat landscape out to what Cisco officials call the “cloud edge,” according to Anand Oswal, senior vice president of engineering for Cisco’s Enterprise Networking Group.

'Traditional WAN Security Approach Is Inefficient'

“As branches open up to direct cloud connections and run business-critical applications over the internet, the traditional approach to securing the WAN, where traffic is back-hauled to the corporate firewall, is inefficient and costly,” Oswal wrote in a blog post. “That’s because traditional WAN platforms were primarily designed to connect branches directly to data centers. They do not have the flexibility to deal with simultaneous connections to multiple cloud platforms, automatically selecting the most efficient and cost-effective routes.”

The SD-WAN security stack addresses four areas that are important to branch offices, including compliance to ensure that sensitive data at rest and in transit is secure both in the branch and the cloud, he wrote. It also improves security around direct internet and direct cloud access as well as guest access.

“Organizations need a comprehensive and flexible software-defined architecture to secure the WAN while simplifying distributed network management and lowering connection costs,” Oswal wrote. “In effect, every WAN device must become software defined and secure.”

ZK Research’s Kerravala said making SD-WAN environments more secure is possible, but it’s not easy.

“It’s a lot of heavy lifting,” he said. “Unfortunately, the technologies are not really integrated together, so that puts the onus on IT departments and users to put it together.”

How SD-WAN Growth Is Impacting IT

The rapid growth of SD-WAN also is creating an environment where IT staffs have to move quickly to keep up with the security needs.

“If IT was still in control, they could slow roll a lot of this,” the analyst said, adding that corporate demand to use such services as Slack and employee embrace of the cloud make this impossible. “IT’s going to have to get on board or the business in going to be at risk. It’s too easy to access cloud services.”

Aruba rolled out a range of new offerings designed to make wireless networks more accessible, intelligent and secure. They include the new Aruba 510 Series IoT-ready access points that leverage the latest WiFi standard, 802.11ax, as well as complementary access switches and integrated Zigbee and Bluetooth 5 capabilities. They also bring greater security as more devices and users hop on the networks through support for WPA3 and Enhanced Open standards.

Technology innovation is increasingly critical to create extraordinary digital experiences for employees, customers and guests—and to drive sustainable advantage for business,” Lissa Hollinger, Aruba’s vice president of products and solutions marketing, wrote in a blog post. “The network at the edge is at the heart of this transformation. It’s what connects people, devices and IoT to the digital world. But a solid network foundation is not enough.”

To ensure the network meets the growing demands of the business and expanding user expectations, “IT must be able to scale its resources by finding an easier way to deliver improved and consistent service levels. Delivering on this requirement means not only having a state-of-the-art network, but giving IT the ability to proactively anticipate issues in a highly dynamic environment before they impact users and the business.”

To see a larger view of the image, right-click on it and select "View Image."