Close

HPE Aruba Networking Blogs

Introducing ClearPass Device Insight: Cloud-Enabled, AI-Powered Device Discovery and Profiling

By Paul Kaspian, Senior Product and Solutions Marketing Manager, Aruba

As new types of devices are flooding into our environments, networking and security teams are struggling to keep up. They need to understand which devices should be on the network and what they should be allowed to access. The slow and somewhat predictable era of workstations and laptops has exploded into a dizzying array of Internet of Things (IoT) devices being connected to the network—often without the knowledge and oversight of either IT or security.

Due to limitations in traditional discovery and profiling methods, many organizations have a number of device “blind spots” on their networks or have only a partial view, seeing today’s IoT devices simply as a “Windows” or “Linux” device. For example, in a hospital, an MRI machine and an IV infusion pump may look exactly the same—a generic Windows device.  But assigning both devices the same access policy could potentially deny one of them from accessing the network, which would have disastrous consequences for the patient. A lack of clear insight into devices makes creating a comprehensive access control policy practically impossible.

Unfortunately, each new connected device offers up the potential for a security incident or compliance violation with poor visibility and access control exacerbating this risk. We hear stories regularly about organizations who were unaware of devices connected to their network. In one case, a customer found that a previously decommissioned electronic sign was still connected to the network, and actively communicating to over 100 different countries.

The ClearPass Device Insight dashboard provides full-spectrum device visibility across the network.

That is why Aruba has introduced ClearPass Device Insight – a new AI-powered device discovery and profiling solution that provides a complete and granular view of everything on the network whether connected wired or wirelessly. Device Insight takes a different approach to identifying devices on the network by collecting network traffic, extracting device attributes such as applications accessed, ports, protocols and volume, and uses this data to fingerprint them based on their behavioral attributes, not vague static attributes.

As a cloud-hosted solution, ClearPass Device Insight provides a large fingerprint database, and utilizes crowdsourcing and advanced machine learning models to develop fingerprints for devices that haven’t been seen before. This automated approach helps IT keep pace with the number and variety of IoT devices they may see in the future. A crowdsourcing component ensures IT and security teams always have an up-to-date view and accurate information about new devices that are continuously connecting to their network.

Key capabilities of ClearPass Device Insight include:

  • Reduces risk by eliminating device blind spots on the network
  • Behavioral analysis that goes beyond traditional hardware-based profiling for precise identification
  • Advanced machine learning identifies unknown devices and speeds time-to-identification
  • Seamless integration with ClearPass Policy Manager enables real-time enforcement and accelerated response
  • Cloud-based solution simplifies deployment and management for faster time-to-value and cost savings

Click here to learn more about the ClearPass family of solutions including ClearPass Device Insight.