Fresh off a torrential snow storm in the NYC area, Javits Center hosted the world’s biggest retail showcase, the Big Show! Aruba demonstrated a flurry of new location-based technologies with Aruba Tags, innovations in software-defined networking best practices, and technology partnerships with AT&T, Deloitte, Zoox, and Ziosk (those tabletop tablets you’d find in many casual restaurants).
Many conversations at NRF last year focused on AI and robotics to improve store operations – just like our HPE booth did from a networking standpoint. But this year, with rising interest in software-defined networking (SD-WAN, SDN, etc), customers focused on critical problems surrounding simplicity and deployment. Those I spoke with commonly sent their IT teams on installs for every new store their companies launch to perform some manual, in-store configuration. Even those with cloud vendors had per-site WAN configurations that proved un-scalable.
Likewise, when I delved deeper with these IT leaders around their security practices, the feedback I got was deafening. NAC (network access control) was a huge concern for them, to a degree where the challenges of deploying it outweighed the benefits it brought to the table. The conversation quickly turned into: How can I regain control over my network? What do I do about IoT? How do I streamline my IT business?
Build network security around user experience
Many variables impact branch security, but the primary risks of a breach comes from everyday users and configuration itself. Users themselves bear different degrees of risk to the network, from negligence, compromised devices, or even malicious intent, which can be challenging to analyze. By emphasizing user experience as an organic part of Aruba network architecture, Aruba provides rich insight from what we call context awareness, which can then be used streamline policies that simplify security and network configuration. With context, we can tie a user’s role in the organization (employee, guest, contractor) to a device (phone, tablet, IoT), identify application usage, and location information to permit, limit, or deny access to a certain area of the network.
This was exactly what I demo’ed at our branch pod. By assigning myself to the role of a security administrator, I had unrestricted privileges to view security camera footage and access branch network configuration through our centralized IT dashboard. Likewise, when I logged onto the network as a basic guest user, I effectively changed my role into a public user profile and lost all access to network and security equipment, and even a few Web URLs and applications. This dynamic change in policy can be applied simplistically across hundreds or thousands of locations without any additional manual provisioning.
From a configuration standpoint, this means that highly customizable rules can be applied without manual IT requirements. For example, guest users and store employees would not be able to see or communicate with store surveillance equipment because their role don’t allow them to.
Enhance your WAN with role-based policy
Once you’ve taken user experience into the software layer, you can expand role-based policy beyond WLAN and LAN to impact the WAN edge. A primary use case for roles is with policy-based routing (PBR). PBR enables IT to segment cloud, Internet, or guest traffic, and send them intelligently out to the broadband link, as opposed to overloading the private, MPLS link. This is especially useful in optimizing application performance that can be severely capped at small, remote locations, and simultaneously improve bandwidth efficiencies on private connections.
Simplify management, branch-wide
Aruba Central dashboard
NRF attendees provided some critical takeaways about how crucial simplicity and security are in everyday IT operations. With role-based network management, organizations can introduce software-defined best practices to boost network performance, automate network and endpoint security, and dramatically free up IT resources. For those of you who have yet to explore Aruba’s architectural approach, I encourage you to take a look at Aruba 360 Secure Fabric alongside Aruba Central cloud-based management. For everyone else, I hope to see at our next Atmosphere in Vegas, and of course, NRF 2019!