Network security cannot exist if network and security do not work together. HPE Aruba promotes an integrated approach to network security.

There is a pleasant buzz at the HPE exhibition stand during MWC 2024. It’s a competition for a spot at one of the screens and the speaker on duty tries to attract more people to his stage with the loud enthusiasm of a seasoned market vendor. A side corridor leads us to the HPE press rooms, where David Hughes, Chief Product Officer at HPE Aruba welcomes us warmly.

We confront Hughes with a statement he shared on LinkedIn a few months ago: “The biggest threat to network security is not malware or any other external threat, but rather treating network and security as separate silos.” Hughes explains his reasoning for this statement: “Many companies have a network and a security team, but they don’t work together. This leaves a lot of room for malicious actors to slip through.”

“This siled approach creates tension because, for example, the security team blocks things on the network, which can negatively impact performance.” On the other hand, security’s job is to set clear boundaries around what can and is allowed to happen on a network. It’s not that network and security teams don’t want to work together, but sometimes the goals conflict,” adds Hughes.

Destroy the firewall

In classic IT setups, network and security have grown apart, like a couple whose love fire has gone out. According to Hughes, this is the result of years of development: “The Internet was created to connect everything. Little by little, companies realized that they would rather keep some things in-house. To this end, a wall of firewalls has been constructed to create a secure fortress around the internal network.”

This way of working may have been sufficient for a long time until the world changed drastically a few years ago. “Since the Corona pandemic, more and more people have been taking their work laptops home and connecting them to the home network. Inattentive employees can still introduce something harmful into the corporate environment even after they leave the controlled area.”

A new approach is needed. In his predictions for 2024, Hughes once again makes a bold statement and announces the death of the (standalone) firewall. “In many modern IT environments, connectivity is controlled from the cloud. This means you no longer need all those physical firewalls. Each firewall requires its own set of policies, and these become difficult to manage over time when there are dozens or hundreds of them in use. The functionality of a firewall will not suddenly become obsolete, but will be built into the network itself via the cloud, rather than being placed in front of it.”

A firewall has not suddenly become unnecessary, but is now integrated into the network rather than placed in front of it.

David Hughes, Chief Product Officer HPE Aruba

Mandatory connectivity

Hughes throws in another catchphrase: Zero trust network access, ZTNA for short. He believes that ZTNA is gradually moving past the buzz phase. “Zero Trust changes the classic approach. The network no longer serves only to connect everything, but also to determine the role of what it tries to connect. This ensures that a device can only connect to the part of the network it needs to perform its function. We call this principle Network security comes firstwhere the network performs the checks that were previously performed by a firewall.”

According to Hughes, the networking industry is increasingly beginning to adopt this method. “Nowadays, network companies are bringing more and more security solutions to market and vice versa. At HPE Aruba, we strive to differentiate ourselves by implementing network and security at all levels of the network in an integrated and scalable manner. This goes beyond specific implementations like SSE or SASE. About the NaaS model (network as a service) Companies that cannot do this themselves can purchase an endpoint with all supporting services from us at low cost.”

“Managing on-premises network infrastructure remains a challenge for many organizations,” continues Hughes. “At ZTNA, enforcement is automated from the cloud. This means policies are no longer dependent on where they run, making management easier. The wired And wireless Worlds are increasingly moving closer together. This also provides greater visibility into what’s happening on your network, so network and security teams can work together to access the right data.”

Green light or red light?

In addition to security, Hughes also emphasizes the importance of user experience. According to him, too little attention is paid to this aspect. “We have a habit in the industry of testing the quality of the network based on uptime. If everything is online, everything is fine. However, uptime only tells part of the story and says little about the user’s interaction with the network. “You may have all the lights on your management dashboard turning green, but users are still having trouble accessing a particular application.”

We are at MWC and therefore artificial intelligence is an inevitable topic of conversation. AI needs a reliable network, but a network can also benefit greatly from AI. Hughes agrees: “We have been investing in AI capabilities to monitor and improve network performance for years. One technique we use is Fleet learning: Telemetry data from multiple gateways is merged into a data lake to use AI to detect anomalies. Based on this, the AI ​​provides a recommendation for resolving performance issues on the network to the administrator, who decides whether and when to follow this recommendation.”

We need to break the habit of testing the quality of a network based on its uptime. Just because everything is online doesn’t automatically mean everything is fine.

David Hughes, Chief Product Officer HPE Aruba

IT administrators released

Hughes speaks enthusiastically about the possibilities of AI for network management. “Of course there are many types of AI. The type where we have seen dramatic progress since 2023 is generative AI, which is based on a Natural language interface. I think almost every company today is already using this in one way or another.”

“In the context of network management, an NLI can be a huge advantage for freelance IT administrators,” he continues. “He can now simply ask questions about a problem in natural language and immediately have all the information he needs, without having to dig through data sheets or do additional research. It is one of the ways AI can enable any administrator to become a “super administrator.”

This is an editorial contribution in collaboration with HPE Aruba. Seek HeyR to learn more about the company’s network solutions.