Advanced enterprise security in the digital age5 min read . Updated: 03 May 2018, 05:47 PM IST
How do companies ensure that their digital journeys remain productive as well as secure, given that most security technologies in the market today are designed for yesterday's perimeter-based, closed and static environments?
As digital transformation changes traditional workplaces into collaborative, open spaces, it’s fairly evident that conventional security perimeters no longer guarantee protection against targeted cyber-attacks, data breaches, and malware threats. How do companies ensure that their digital journeys remain productive as well as secure, given that most security technologies in the market today are designed for yesterday’s perimeter-based, closed and static environments?
The digitally interconnected world has rendered traditional perimeter-based security measures insufficient. Real-time sharing, remote access to desktops, voice-over-IP, instant messaging, and cloud-based collaboration—which are all too common in the office today—often put many valuable corporate assets online and at risk.
It’s vital that organizations stay ahead of these new, dynamic threats.
Gartner’s research into insider threats indicates that organizations are not adequately considering the risk from their trusted users even though there are myriad examples where organizations have been impacted. On a positive note, the research fielded almost a 100% increase from clients looking to address the insider threat issue, of which User and Entity Behavior Analytics (UEBA) is one of the primary technologies, as per a Gartner report entitled “Market Guide for User and Entity Behavior Analytics".
According to Gartner, UEBA is an innovative category of security technology for identifying and mitigating advanced threats. Many security software layers have until recently been focused on user behaviour analysis, however the new threats necessitates that admins also analyse the behaviour and status of devices.
A secure, robust and agile wireless network is the need of the hour. To help organizations address the new and unknown threats, Aruba recently launched “Aruba 360 Secure Fabric", offering an integrated way to quickly detect and respond to advanced cyber attacks across multi-vendor infrastructures, supporting enterprises of all sizes. The Aruba 360 Secure Fabric framework helps organisations minimize risks in the fast-changing threat landscape, by providing a unified solution with the flexibility of an open architecture, as well as by adopting new analytics-driven, cyber-protection innovations.
It allows customers to detect gestating attacks with machine-learned intelligence, and proactively respond to these advanced cyber attacks across any infrastructure – with the enterprise scale to protect millions of users and devices and secure vast amounts of distributed data.
Aruba, acquired by Hewlett Packard Enterprise (HPE) in 2015 for $3 billion, has long been the leading provider of next-generation network access solutions, delivering high performance, highly reliable and secure wired and wireless networks – starting with wireless access points and controllers, and expanding into access and core switching.
The company is also innovating in UEBA by expanding the “Aruba IntroSpect" product family, enabling businesses to easily and rapidly scale machine-learned behaviour detection from small projects to full enterprise deployments.
The Aruba IntroSpect Advanced delivers a wider set of security capabilities than IntroSpect Standard to provide attack detection by correlating across a broader array of data sources, aiding in faster incident investigation and improved threat-hunting, search, and deep forensics. It includes more than 100 supervised and unsupervised machine learning models that provide analytics and forensics from data such as packets, flows, logs, alerts, and endpoints, as well as mobile, cloud, and IoT traffic, increasing an organization’s effectiveness at identifying risk.
The following components of the Aruba 360 Secure Fabric, work in tandem, to provide protection against threats:
■ Aruba IntroSpect UEBA solution: A new network-agnostic family of continuous monitoring and advanced attack detection software. It includes a new entry-level edition and uses machine learning to detect changes in user and device behaviour that can indicate attacks that have evaded traditional security defences. Machine-learning algorithms generate a Risk Score based on the severity of an attack to speed up incident investigations for security teams.
■ Aruba ClearPass: A proven network access control (NAC) and policy management security solution that can profile BYOD and IoT users and devices, enabling automated attack response, is now integrated with Aruba IntroSpect. ClearPass can also be deployed on any vendor’s network.
■ Aruba Secure Core: Essential security capabilities embedded in the foundation across all of Aruba’s Wi-Fi access points, wireless controllers, and switches, including the recently introduced Aruba 8400 campus core and aggregation switch.
The customer feedback has been positive. Cadence Design Systems, a leading provider of software, hardware, and semiconductor IP, is using Aruba’s security software and network management solutions. “In addition to providing visibility to every device on our network, Aruba ClearPass gives us the power to authenticate devices and enforce policies across our wired and wireless infrastructure," said Faramarz Mahdavi, Senior Group Director of IT Operations, Cadence Design Systems. “By adding Aruba IntroSpect UEBA analytics and threat detection capabilities, we will be able to better protect our source code by automating anomaly detection and prioritizing security incidents for faster resolution. The combination of ClearPass and IntroSpect gives us a powerful, congruent solution to proactively manage and defend our organization from cyber attacks."
A critical advantage of the Aruba 360 Secure Fabric is an open, multi-vendor integration of the Aruba security solutions with more than 100 partners in the 360 Security Exchange Program. Unlike other infrastructure providers that lock their customers into costly upgrades and a single source of products, the Aruba 360 Secure Fabric provides the best elements of a unified solution with the flexibility of an open architecture. Essentially, the technology combines the resources and expertise of its partners, including Palo Alto Networks, McAfee, and SecureLink Group, to create an interoperable platform for any network deployment use case
“As traditional security perimeters dissolve rapidly with the adoption of Mobile, Cloud, and IoT, delivering secure endpoint protection regardless of a user’s location and device is paramount in the fight against cybercrime," D.J. Long, head of the McAfee Security Innovation Alliance, said in a media statement. “We are very happy to see the integrated platform of Aruba 360 Secure Fabric working jointly with the McAfee portfolio of security products, sharing threat intelligence and workflow policies, increasing the efficiency and efficacy of security protection for mutual customers."
By adopting an open, multi-vendor partner ecosystem, the Aruba 360 Secure Fabric provides a holistic analytics-driven attack detection and response from the edge to the core to the cloud.