Aruba Beefs Up Its SD-Branch Solution

Written by Lynn Haber
January 9, 2020

New innovations for Aruba's SD-Branch offer partners a more robust solution for their distributed enterprise customers.

Aruba, a Hewlett Packard Enterprise (HPE) company, on Thursday announced advances to its software-defined branch (SD-Branch) solution, including extending zero-trust security, cloud-native management capabilities and nonstop operations. While Aruba targets large distributed retail networks, SD-Branch is suitable for any distributed enterprise, the company said.

Formally introduced in June 2018, Aruba’s SD-Branch combines SD-WAN capabilities with Aruba’s traditional network capabilities, such as access points, switching and security, and is a central piece of the vendor’s edge-to-cloud strategy.

Aruba’s Patrick LaPorte

“Together, the new innovations allow distributed organizations with nonstop, secure network availability but also seamless public cloud access that improves application performance, and we’ve dramatically simplified network operations,” said Patrick LaPorte, senior director, cloud and software marketing for Aruba.

Looking deeper into the three innovations:

1. Aruba expanded its unified branch defense capabilities to provide unique, identity-based attack detection and intrusion prevention (IDS/IPS) to deliver zero trust, in-store network security. This gives customers end-to-end security and connectivity in a single box at the branch.

The new IDS/IPS functionality integrates with Aruba’s ClearPass Policy Manager and Policy Enforcement Firewall. By leveraging role-based access, Aruba adds a new identity-based detection dimension to traditional intrusion detection and prevention, enabling security teams to focus on alerts that matter.

Aruba’s unified branch defense also includes: one-click integration with cloud-based security solutions; threat visibility and trend analysis; out-of-box policies for enforcement and incident response; security event streaming to third-party security information and event management (SIEM) solutions; and ClearPass Policy Manager for global access policy development and propagation.

“So, this is about providing comprehensive connectivity and security in a simplified, easy-to-use form factor, all managed with … Aruba Central, a cloud management platform,” said LaPorte.

2. The vendor added new enhancements to the SD-WAN orchestrator in Aruba Central to deliver unified edge-to-cloud management and secure connectivity to cloud workloads. This makes it easier for branch network operators to deploy flexible and secure overlay topologies in a large-scale edge infrastructure, securely connecting thousands of remote locations to applications in the data centers and the cloud.

At AWS Reinvent, held in December, Aruba announced integration with AWS Transit Gateway, a network manager. Aruba Virtual Gateway is also available for Azure.

“This is one element of all the cloud capabilities that we are enhancing to provide, not only zero trust from edge to cloud, but also to simplify the connectivity to the public cloud services and insure optimal SaaS application performance,” said LaPorte.

3. Aruba is embedding LTE capability into its branch office gateways to provide nonstop connectivity via built-in cellular. If a company’s broadband or existing traditional dedicated links become unavailable, the embedded LTE capability helps organizations maintain some level of operations.

“The biggest challenge that distributed businesses are dealing with is the cost of WANs and the complexity. When you take into account the increased usage of devices at the branch office, the changes in traffic patterns and transitioning to cloud-based application, the movement of applications that were traditionally housed in the data center — all these elements are combining to explode the bandwidth demand on the WAN itself, that in turn is driving tremendous cost,” said LaPorte.

This has become a compelling event for Aruba customers to the point where they’re looking at implementing solutions mid-cycle rather than wait for a refresh cycle to implement new technology. That’s good news for partners.

LaPorte points out the benefits of the expanded SD-Branch solution.

“This is a simple solution to use. What that means for channel partners is that if the solution is easy to understand, easy to position, and easy to deploy, there’s a low cost to provide this capability to customers,” he said, adding that this helps partners close business faster, maintain high margins, and maintain high customer satisfaction.

One other benefit for partners is flexibility of the SD-Branch solution. It’s available as a managed service offer.

“Everything can be managed through Aruba Central and supported for the MSP customer,” said LaPorte. “Everything that we’re seeing in terms of research — half of the businesses out there want a managed service solution.”