Starting May 2, 2024, find new blogs on HPE Community. Questions? Contact us

Go to new blog site

HPE Aruba Networking Blogs

Do you have complete endpoint visibility on your network?

By Ishani Chakraborty, Product Marketing Manager for HPE Comware Switches, Central and Client Insights

Did you know that $4.3 million USD was already lost in 2022 due to data breaches? Have you ever wondered what percentage of this is associated with unknown clients connected to your network and used to siphon off sensitive data?

Cameras, sensors, thermostats, smart light bulbs, scanners, and the endless list of unmanaged devices used today can cause a lot of headaches for IT teams since it is difficult to identify and profile them. This has often led IT teams to provide broad access privileges to all the devices connecting to the network, resulting in security breaches.

Improved network visibility is essential, as it’s an important ingredient in the success of keeping your data and business secure. With the proliferation of these unknown devices connecting to the network, IT teams are no less than superheroes who ensure optimal network performance so that you can work without any hassle. Just like every superhero has special powers, IT teams can leverage Aruba’s AI-powered Client Insights to constantly look for headless devices that are attempting to hide their identity.

The AI Advantage

Aruba Central Cloud includes our AI-powered Client Insights feature that IT can use to automatically look for IoT devices that are attempting to connect to your network. Native telemetry from Aruba APs, switches, and gateways and machine learning models are used to fingerprint devices. In fact, our customers are seeing fewer than 5% of endpoints being classified as “unknown,” which is a fantastic accomplishment.

In addition to profiling all connecting endpoints, communication and behavioral patterns are analyzed to dynamically build clusters of similar devices and this information is added to a classification database. This is essential to enforce appropriate policies. Clients that were earlier given extensive access to the network can now be given more restrictive privileges without a lot of manual intervention.

Client Insights also provides the capability to create Tags that can be used to enforce group-based policies by client type. A deep-packet inspection (DPI) process allows clients to be grouped together and assigned a Tag/Label based on similarities in behavioral attributes such as applications accessed, frequency, destination ports, etc.

Similar endpoints, that also perform the same role can automatically be given proper access privileges regardless of who is connecting them or from where. For example, when you apply a Tag to a surveillance camera, you can create a rule that specifies that those cameras send traffic only to a specific server. Any new camera that enters the network will automatically be assigned the same Tag and rules as the existing ones if it matches the label and exhibits the same behavior. IT can also look for abnormal activity and behavior of any “group” of endpoints and quarantine one or all of them if needed.

These new IT special powers don’t end here! The profiling accuracy offered by Client Insights is not based on just the attributes of your organization. Aruba is looking at data from similar organizations from over 120,000 customer sites and 200M+ clients to deliver up to 99% accuracy in some cases. This robust, AI-powered profiling capability will surely provide IT teams the confidence for dealing with the variety and number of new endpoint clients being added to your networks today, and in the future.

Accurate classification is a necessity and no longer a nice-to-have. With Client Insights, IT teams have one less thing to worry about. To learn more, please visit our AIOps page.