markrubens - Fotolia
LAS VEGAS -- During the year, wireless LAN provider Aruba will offer customers more network management and security features as cloud services and support standards that could lead to easier provisioning of IoT devices.
During interviews this week at the Aruba Atmosphere 2019 conference, executives discussed planned improvements to the software products AirWave, Central, ClearPass, IntroSpect and NetInsight. Many of the changes should take effect this year, while others are part of a longer-term strategy to harmonize cloud- and premises-based products.
"We're on a trajectory here -- with a combination of SD-Branch [software-defined branch], wired and wireless management -- where the cloud manageability offering will be on par or better compared to some of our competitors," said Ash Chowdappa, general manager of Aruba's WLAN products.
Both products are cloud-based today. NetInsight aggregates anonymized data from 300,000 access points (APs) in customer facilities to provide a performance baseline for a variety Wi-Fi deployments. That lets companies liken how their wireless installations compare with similar ones.
Combining NetInsight with the Central management suite for wireless network access control [NAC] in the branch will provide a "single common workflow for end-to-end monitoring and management across the whole stack -- SD-Branch, wired and wireless," Chowdappa said.
The service will also include features from Aruba's User Experience Insight software, which tracks how well a Wi-Fi network is working for users. In May, Aruba plans to upgrade User Experience Insight's dashboard, said Partha Narasimhan, Aruba's CTO. Aruba is adding support for larger networks and for captive portals, which are the webpages people often have to interact with before getting access to public Wi-Fi.
Aruba, a Hewlett Packard Enterprise company, runs its cloud-based software on AWS and is talking to Microsoft about adding Azure, Chowdappa said. That's because many retail customers balk at storing their data on a competitor's cloud. Online retailer Amazon owns AWS.
"You should not be surprised if you see our cloud offerings getting instantiated outside of AWS in something like Azure in the coming months," Chowdappa said.
IntroSpect in the cloud
Other future cloud services include IntroSpect, which uses machine learning to search for anomalies in network traffic as an indicator of malicious activity. "Essentially, the big data analytics engine will move to the cloud," Chowdappa said of IntroSpect.
Like the on-premises version, cloud-based IntroSpect would feed data into network manager ClearPass, which could, for example, revoke network access from a device identified as generating suspicious traffic. On the first day of Atmosphere, Aruba introduced a version of ClearPass for managing IoT devices.
While taking on-premises technology to the cloud, Aruba also plans to do the opposite. The company is just "months away" from bolstering the reporting capabilities of premises-based AirWave by adding technology from Central's underlying cloud-based platform, which supports hundreds of thousands of APs, Narasimhan said.
The reporting feature in AirWave, which is used to manage Aruba switches, slows down when attached to a network of 4,000 or more APs, switches and gateways. The problem affects companies that generate reports to show compliance with government regulations or standards set by legal staffs.
"Some of those reports take longer than we [and our customers] are comfortable with," Narasimhan said.
Longer term, Aruba wants to merge Central and AirWave into one product. Today, Aruba aims Central at branch offices, so it lacks network access and management features needed for campus networks, according to Gartner.
Overall, Steve Mann, associate director of network services at California State University, Monterey Bay, was pleased with Aruba's plans for AirWave. Several schools in the 23-university California state system use the software.
"It's all going in the right direction," Mann said at Aruba Atmosphere 2019.
Simpler device provisioning
Outside of the cloud, Aruba plans to release in a few months support for Device Provisioning Protocol (DPP) in its APs and wireless controllers, Narasimhan said.
DPP, which Aruba developed and handed to the Wi-Fi Alliance for standardization, lets a person scan a QR code to establish a secure connection between an office IoT device and the wireless network. The scan prompts the protocol to provision the device with credentials needed for access automatically.
Aruba plans to add support for those DPP-authorized devices in ClearPass, which would manage their credentials and network access. "Think of ClearPass as an identity store for IoT," Narasimhan said.
Zebra Technologies, a maker of handheld computers for business, has partnered with Aruba on supporting DPP. Aruba is in discussions with other device makers, such as Amazon and Google, as well as chipmakers Qualcomm and Broadcom, which could deploy DPP in their silicon, Narasimhan said.
A network and systems engineer, who works for a St. Louis university that is an Aruba customer, said he was interested in learning more about DPP. The school does not let students connect to its network noncomputing devices, such as Google Home and Amazon Echo, to avoid security problems.
"We're more open than most campuses, and we want kids to have a seamless [networking] environment," said the engineer, who asked for anonymity because he wasn't authorized to speak for the university.