Starting May 2, 2024, find new blogs on HPE Community. Questions? Contact us

Go to new blog site

HPE Aruba Networking Blogs

Speeding up digital acceleration and network modernization with Aruba ESP

By Karthik Ramaswamy, Blog Contributor

Trends like hybrid work and new IoT-driven user experiences place the network at the forefront of digital acceleration. Yet the network could also be putting the brakes on acceleration.

At the HPE GreenLake Announcement Event and Atmosphere 2022, we announced several Aruba ESP innovations designed to help organizations of all types and sizes modernize their network to prepare for whatever comes next.

  • Use the industry’s first self-locating indoor access points (APs) with built-in GPS receivers to bring the ease and accuracy of GPS indoors
  • Gain the ability to power your network as a service—with the ability to swap things as your business demands
  • Unify connectivity and security from user and device to applications across mobile, remote, branch and campus locations with the EdgeConnect SD-WAN Fabric

Bringing them all together is a new suite of network connectivity and security capabilities called Aruba Central NetConductor. Part of Aruba Central, the leading cloud-native network management platform at the core of Aruba ESP, Central NetConductor provides a new approach to solving the connectivity and security challenges that can slow down digital acceleration.

How legacy network approaches slow down digital acceleration

The network is too often the scapegoat for why new digitization projects get delayed, but this doesn’t have to be the case.

What’s really happening is siloed, manual processes for network configuration and security are impractical at the scale these digital acceleration initiatives demand. Applying legacy network management approaches to complex networks has significant drawbacks: network configuration is tedious and time-consuming, and human errors and inconsistencies can leave the network vulnerable to evolving cybersecurity threats.

Many IT teams managing distributed and disparate networks are realizing that what worked in the past won’t work going forward. Digital acceleration requires a modern network that provides greater automation, security, and agility than legacy approaches can deliver.

Central NetConductor delivers a new approach to network architecture that can remove network provisioning and security as the bottleneck to new use cases. Here's how.

Put the pedal to the metal with Central NetConductor

Central NetConductor is a set of cloud-native network automation capabilities and network security tools that organizations of all types and sizes can use to automate and accelerate enterprise network deployment, management, and protection of their edge-to-cloud networks. With Central NetConductor, network and security teams gain a shared toolbox for optimizing and protecting the network. Now, network and security teams can work together to automatically configure LAN, WLAN, and WAN infrastructure to deliver optimal network performance while enforcing granular access control security policies that are the foundation of Zero Trust and SASE architectures.

Enterprise network and security automation for modern networks

Central NetConductor simplifies network deployment by automating the creation of a network overlay that decouples client traffic and security policies from the underlying network construction—no more managing VLAN/subnet/purpose spreadsheets, opening 10+ SSH sessions to provision the overlay routing, managing complex IP based ACL s—or needing to laboriously plan design migrations of underlay infrastructure.

After network deployment, Central NetConductor relies on roles and policies assigned to users and devices for network access control. Policies can be updated using intuitive, business intent-driven workflows; Central NetConductor automatically propagates those policies to the overlay fabric for continuous enforcement.

This high degree of network automation significantly reduces the amount of IT resources required for ongoing network configuration, maintenance, and support.

Cloud-native Aruba Central NetConductor services include a fabric wizard that automatically creates the network overlay.

Expanded support for Zero Trust and SASE security architectures

Network blind spots, rogue IoT devices, security breaches: These risks keep network security teams up at night. With so many new devices and locations to connect and protect, now Zero Trust and SASE frameworks must be built in.

Central NetConductor gives network administrators and security teams shared tools for protecting and optimizing the network. Expanding on our market-leading Dynamic Segmentation, Central NetConductor components deliver five critical capabilities that form the foundation of Zero Trust network security:

  • Discovery and Profiling: AI-powered Client Insights ensures all users and devices on the network—even rogue IoT devices—are seen and controlled.
  • Authentication: Cloud-native network access control (NAC) provided by Central Cloud Auth assigns users and devices a role with associated connectivity requirements and business-driven access privileges.
  • Authorization: Central NetConductor policy manager translates assigned roles into the appropriate network routing and associated access policies.
  • Enforcement: Central NetConductor enables distributed policy enforcement in-line by Aruba CX switches and gateways, or centralized policy enforcement approaches (via Policy Enforcement Firewalls in Aruba gateways, for example).
  • Response: Once an attack is detected, associated user and/or device permissions can be automatically changed to limit, quarantine, or block the malicious entity, halt the attack, and stop its spread.

Greater agility to adapt to what’s next

Digital acceleration initiatives are often unpredictable and arrive quickly, requiring IT flexibility to change over time. Legacy approaches to enterprise network deployment that mandate rip-and-replace of infrastructure make evolution over time harder. Using low-adoption networking protocols and proprietary approaches can create vendor lock-in further limiting IT’s flexibility to adapt to change.

Central NetConductor overcomes these constraints with an open approach. For example, Central NetConductor uses widely adopted protocols such as EVPN/VXLAN to produce network overlays that are quickly deployed and massively scalable across heterogenous environments. This makes it much easier for IT to holistically manage and support heterogeneity across network domains—from campus edge to data centers—with the same ease and consistency. And we know that not all places necessitate a full mesh fabric so we took a pragmatic approach, building Central NetConductor to allow flexible choice of fabric—so that remote home offices and branch locations could benefit from unified policy as well.

We have long demonstrated a commitment to “customer first, customer last” innovation, providing pathways to change. Central NetConductor reflects this principle with an emphasis on interoperability. Although Central NetConductor enterprise network automation is optimized for Aruba networks (including Aruba CX switches), Central NetConductor-capable infrastructure can coexist alongside current network configuration and network security tools, protecting investments and enabling organizations to modernize networks at their own pace.

Streamline operations and enhance protection with Aruba Central NetConductor

Check out the Central NetConductor video to learn more, then find out how Central NetConductor cloud-native network automation services can help your business advance its own digital acceleration journey.