The HPE subsidiary’s new release of NetConductor boosts application visibility and policy-enforcement capabilities to give enterprises greater control across distributed networks. Credit: Pixels Hunter / Shutterstock Aruba Networks is aiming to give customers greater application visibility and the ability to control security policy enforcement across their campus and wide area networks. The network subsidiary of Hewlett Packard Enterprise is enhancing NetConductor, a cloud-based service that let enterprises centrally manage the security of distributed networks, simplify policy provisioning, and automate the orchestration of network configurations in wired, wireless, and WAN infrastructures. NetConductor works by delivering a network overlay based on Ethernet VPN (EVPN) and virtual extensible LAN (VXLAN) across a customer’s wired and wireless networks, with the aim of bringing a unified and simplified view of the network and allowing the networking and security management teams to collaborate to solve problems, according to Larry Lunetta, vice president of wireless local area network and security solutions marketing at Aruba. The new release of NetConductor specifically extends and brings application visibility and policy enforcement to its flagship CX 6300 enterprise network access and aggregation switches and 6400 data center core switches. NetConductor now can express access-control policies based on role and identity and the business outcome that they’re looking for, with those switches at the center, Lunetta said. “So instead of having to individually program each switch, access point and gateway, the specific VLAN configurations and ACLs [access control lists], that’s all abstracted now in NetConductor. The security and the networking team can very simply express those access-control policies without having to know every device address and detail.” The new release also now extends NetConductor’s ability to propagate security policies throughout the distributed enterprise via HPE Aruba Networking EdgeConnect SD-WAN and SD-Branch solutions. With WAN support for standards-based EVPN-VXLAN gateways, organizations can now define policy once and enforce it everywhere, from the edge to the cloud, Lunetta said. Regardless of where a user or device is connecting from, the same application-aware access-control policy can be globally enforced, Lunetta said. And adding enforcement capabilities within the campus switching and WAN infrastructure eliminates unnecessary transit of data through central policy enforcement points, effectively bringing policy enforcement closer to the user and optimizing network performance, Lunetta said. In the past, NetConductor had application awareness, which let customers set bandwidth policies, for example. Now it adds support for EVPN and VXLAN capabilities, so it can simply read the traffic tags and implement security policies in addition to operations policies across the board, Lunetta said. The new version of NetConductor can also better discover any IoT devices that are in the enterprise and then automatically assign, propagate, and enforce policies for those IoT devices just as they do for users, Lunetta said. “So, let’s take MRI machines in a healthcare company that may have just been installed, often outside of the purview of IT. NetConductor client insights will find them, fingerprint them, and assign the policy automatically,” Lunetta said. Aruba’s long-term goal is to unite all its software and hardware and let customers secure and manage it under a single policy, Lunetta said. For example, the company has security software from its recent purchase of cloud security vendor Axis Security, and it has its own secure service edge (SSE) software, and each has a policy manager. At the August Black Hat event, Aruba previewed an overarching centralized policy manager that it said will operate and control its entire enterprise networking and security system. Such a policy manager would stretch across Aruba’s EdgeConnect SD-WAN, SD-Branch and Microbranch offerings as well as its developing Aruba SSE platform and be centered on its ClearPass policy management platform and central management platform, Aruba Central. “The bigger picture here is that we want to get to a universal policy that’s uniform, that customers can execute and enforce across all applications and services. [It’s] very powerful, and that’s where we are heading,” Lunetta said. The new release of NetConductor is available now. Related content news Cisco patches actively exploited zero-day flaw in Nexus switches The moderate-severity vulnerability has been observed being exploited in the wild by Chinese APT Velvet Ant. By Lucian Constantin Jul 02, 2024 1 min Network Switches Network Security news Nokia to buy optical networker Infinera for $2.3 billion Customers struggling with managing systems able to handle the scale and power needs of soaring generative AI and cloud operations is fueling the deal. By Evan Schuman Jul 02, 2024 4 mins Mergers and Acquisitions Networking news French antitrust charges threaten Nvidia amid AI chip market surge Enforcement of charges could significantly impact global AI markets and customers, prompting operational changes. By Prasanth Aby Thomas Jul 02, 2024 3 mins Technology Industry GPUs Cloud Computing news Lenovo adds new AI solutions, expands Neptune cooling range to enable heat reuse Lenovo’s updated liquid cooling addresses the heat generated by data centers running AI workloads, while new services help enterprises get started with AI. By Lynn Greiner Jul 02, 2024 4 mins Cooling Systems Generative AI Data Center PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe