Aruba changes the rules of the game to drive three major changes in network management

When the first iPhone was released in 2007, Steve Jobs predicted that the era of mobile devices was coming. Ten years later, with the popularization of smart devices and the continuous maturity of mobile Internet application conditions, mobile office is no longer a fantasy, but is actually happening around us: replying emails with mobile phones, making presentations with Pads, traveling around the world with laptops - handling anything related to business at any time and anywhere.

The application and technological changes of mobile devices have completely changed the way enterprises work and manage. The previous way of working based on traditional IT architecture, traditional network management and traditional desktop office is gone. Today, cloud computing allows enterprises to store, calculate and apply on demand, the Internet of Things allows enterprises to connect more and more points, and mobile devices allow people to start working wherever they go, but what about the network? When switching between the enterprise's wired network and wireless network, can it guarantee stability and uninterrupted connection? When connecting to various smart IoT devices, can security be ensured at all times? In scenarios involving many branches, can efficient and automated network deployment and operation and maintenance be maintained continuously?

"In the digital age, the way we work has changed, and the 'rules of the game' for network management have also changed. In today's digital workplace, we believe that traditional network management will be completely disrupted in three aspects: subverting the boundaries between wired and wireless networks, subverting network security management strategies, and subverting network deployment and operation methods." In the view of Mr. Xie Jianguo, President of Aruba China, the curtain has been raised on a new era of network management.

[[251830]]

Pictured is Xie Jianguo, President of China

Integration: No more boundaries for enterprise networks

In the client/server era, the main demand for enterprise networks was to increase wired access speed and interconnect more locations. But today, the widespread use of mobile office has changed the nature of access. Today's networks need to support unpredictable devices in multiple locations of a single user without a trusted boundary, support new traffic patterns, support unknown devices on the network, and respond to more advanced forms of network threats. Cloud computing has also transformed applications into a centralized architecture, shifting user application traffic from the client/server model to the application cloud.

Therefore, today's enterprise network design and architecture should start with the seamless integration of wired and wireless networks. Enterprise network teams should be able to integrate wired and wireless solutions to simplify deployment, configuration and management, and take advantage of advanced monitoring, troubleshooting and automation capabilities throughout the network, while also ensuring that employees enjoy a stable and continuous application experience in a unified network system. To achieve such integration, the corresponding network solution needs to have these specific features: intelligent core, the enterprise's core and aggregation switches should be optimized for mobile users and provide integrated wired and wireless access; modern operating system, the network should utilize a flexible and fully programmable operating system; high-performance, secure access switch: access switch should provide a comprehensive wired/wireless platform with scalability, security and high performance.

It is precisely under such needs that the Aruba 8400 core switch came into being, equipped with the new ArubaOS-CX operating system to help users effectively achieve network integration, integrated management and applications in the digital age.

In order to provide employees with more effective tools, especially mobile tools, and to take customer service to a new level, United Airlines has adopted an ambitious plan to modernize the unified wired and wireless infrastructure at all its airports around the world. Brian Doyle, senior manager of United Airlines' network engineering, said that United Airlines hopes to make it easier for employees to work on the go. "The ticket inspectors will come out of the counter and help you everywhere. Pilots and flight attendants have iPhones and iPads. Ground staff have handheld devices to scan bags."

In response, United has added 1,300 Aruba access layer switches and an additional 500 core distribution layer switches, with more than 11,000 Aruba access points to be deployed. Standardizing on a single platform has helped the enterprise reduce complexity and facilitate network management and troubleshooting. Doyle said, "We are not looking at this initiative as a simple fix for wireless, we are building a mobile platform, a complete infrastructure and platform that we can build on top of and add new services that benefit not only our employees but also our customers. Smooth operations and happy employees lead to better interactions with customers."

Visualization: Comprehensive protection of network security

There is no doubt that with the advent of mobile work, a major challenge for enterprise network management is security. In order to ensure data security, a common practice is to grant network access to employees using company-issued devices or their own devices. The goal is to provide access to wired, wireless or VPN networks as simply and seamlessly as possible without using multiple access methods, credentials or login screens.

Authentication is usually based on username and password and is closely related to existing user storage (such as Active Directory or LDAP). To enhance security, some companies are implementing multi-factor authentication, which consists of confidentiality questions, fingerprints, voice recognition, photos or physical locations; on the other hand, they are also monitoring and deeply analyzing users' network behavior in a timely manner, and responding to these behaviors accordingly, so that problems can be handled in a timely manner. At the same time, the device itself will also become an integral part of the network access policy. For corporate devices, this security policy can be simply based on the MAC address, or included in the mobile device management (MDM) software installed on the device. For employee-owned devices, the policy can be based on the operating system version, device model and/or the existence of a mobile application management (MAM) solution. Mobile device and application management solutions can segment personal data from corporate applications and data to ensure network security, or be used to build and implement blacklists for specific applications or "unhealthy" devices.

In fact, this is what Aruba is working on - to provide all-round network security by looking at the entire network behavior and combining it with the management of employee identities and devices - which is no longer the same as the security strategy of the traditional Internet era.

The IntroSpect behavioral analysis security software launched by Aruba this time combines advanced AI-based machine learning (ML), precise visualization and insight. It can form a precise and visual user behavior portrait based on the user's network habits, and conduct a full range of insights into malicious, compromised or careless users, systems and devices, thereby eliminating threats before they cause damage. The Aruba ClearPass Profiler can identify any smart device connected to the Internet of Things, and visualize the device type, status, location and other information to determine the risk of access devices and minimize the possible threats brought by the devices. Obviously, in the context of the rapid development of the Internet of Things, such an overall plan is very necessary.

Cadence Design Systems, Inc., a well-known American electronic design automation software and engineering services company, has currently deployed Aruba's network security management solution to protect its domestic corporate network, business data and other related assets. Regarding the application effect, Faramarz Mahdavi, senior director of IT operations of the company, said, "In addition to providing visual insights into all devices on the network, Aruba ClearPass helps us better identify the security of smart devices and more effectively formulate and implement security management strategies in a wired and wireless integrated network environment. The behavioral analysis and threat monitoring functions provided by IntroSpect behavioral analysis security software help us achieve automatic early warning of dangerous behaviors and potential risks, thereby better protecting our business assets. Through the integrated application of these two products, we have a more powerful and integrated security solution, which can minimize the risk of cyber attacks on enterprises and ensure the security of enterprise business."

Coincidentally, Li Li, director of the Information Center of Peking University International Medical School, also said, "Aruba provides enterprises with complete solutions including hardware and software in terms of authentication security, such as Aruba ClearPass, AirWave network management system, etc. These solutions are very good. While building a safe and stable network environment for hospitals, they are also suitable for the future expansion of hospital business." In the view of An Jie, director of the Education Informatization Department of the Beijing University of Posts and Telecommunications Science and Technology Development Research Institute, Aruba's overall network management solution, which covers products such as ClearPass and ALE positioning functions, can not only provide better stability and security for Beiyou campus services, but also bring more value to the school, such as management-friendly and cost-saving.

Intelligence: Make deployment and operation easier

In the age of mobile working, building and deploying networks is hard work. Installing cost-effective infrastructure, optimizing bandwidth, balancing network workloads, and protecting traffic all require a great deal of expertise and careful planning. In the era of cloud, distributed computing, and bring your own device (BYOD), networks may stretch across hundreds of physical sites, involving thousands of people and devices, making it more difficult to deploy networks efficiently than before.

On the other hand, the number of digital devices on enterprise networks is growing exponentially, as is the number of applications used by enterprises. At the same time, many enterprises are also transforming their networks from a client/server model to a private cloud/public cloud model. In addition, more and more network traffic is voice and video traffic, so real-time delivery is required. All of this has intensified the demand for network operation and management.

Intelligent network deployment and management has become an inevitable choice for enterprises. The Aruba Central comprehensive cloud management platform provides a simple, secure and economical way to manage and monitor Aruba Instant access points, switches and branch office gateways. With Aruba Central, enterprises can use intelligent zero-touch configuration to build and start running their own networks in minutes; at the same time, the Aruba Central platform provides an intuitive dashboard that can view the indicators of APs, switches and clients in real time, and help enterprises quickly discover and dispatch faults with the help of workflows, granular details and extensive search functions. The Aruba NetInsight cloud network analysis platform provides actionable guidance for improving network performance and user mobile experience quality through continuous monitoring, analysis and benchmarking. With powerful machine learning algorithms and Aruba's rich wireless technology, NetInsight can provide enterprises with the intelligent services they need, so that they can proactively optimize the performance of various applications such as data, voice, video, etc. across the entire network and solve potential problems in advance. In addition, the SD-Branch software-defined branch network architecture implements unified management in the cloud through software definition, allowing branches to complete network setup and upgrades in the shortest time possible, thereby providing an integrated hardware and software solution to problems such as network complexity and high costs in multiple branches.

At present, Aruba Central integrated cloud management platform, Aruba NetInsight platform, and SD-Branch software-defined branch network architecture have been released. These products will help Chinese enterprises to deploy and operate intelligently in the current complex network environment, thereby providing a more solid guarantee for the development of enterprise business. As a commercial real estate giant, Wanda Group has more than 200 Wanda Plazas in China, and the number of its branches is second to none in China. Speaking of the network management of Wanda Plaza, the relevant person in charge of Wanda Group said, "Traffic, density, and corresponding deployment and operation have always been difficult problems in the construction of wireless network environments for large commercial complexes. Aruba's solution brings excellent high-density user access capabilities to Wanda Plaza, which can support about 4,000 concurrent online users and a theoretical peak of more than 100 access users per AP, and can fully withstand the network traffic test brought by large-scale promotional activities. At the same time, in terms of the convenience and intelligence of network deployment and management, Aruba has brought excellent application experience to Wanda's consumers."

Conclusion

Judging from today's development trends, future corporate employees may use mobile office in ways beyond imagination. From voice communication, file sharing, video conferencing, to CRM, unified collaboration, expense reporting, shared calendars, to technical support and project tracking functions, all work originally completed on the PC side will be completed based on mobile devices and applications.

"Adapting to changes in the rules of the game and seizing business opportunities while facing challenges is the direction we have always advocated. Therefore, what we have to do today is to break down the inherent barriers and help enterprise users achieve the three major disruptions in network management - integrating wired and wireless networks, gaining insights into user behavior and device threats, and intelligent network deployment and operation and maintenance, so that enterprise users can build more competitive networks and stay ahead of the trend in digital transformation." Mr. Xie Jianguo, President of Aruba China, concluded.