11-Feb-2022

Aruba Edge Services Platform

&
DCN
Nirmalan Arumugam
 NETWORKING CHALLENGES AT THE EDGE
Technology Siloes Lack of Network Security Threats Economic and
Hinder Agility Automation and Visibility Rising Resource Headwinds

64% 70% 80% 71%

of IT orgs use 4 or more of IT’s time is spent trying to of IT orgs found IoT devices of IT budgets are dedicated
network management tools1 identify and diagnose issues2 on their networks that they did to “running the business”2
not install or secure3

Networks Can Do More

1 Network Management Megatrends 2020, Enterprise Management Associates (EMA), April 2020 (link)
2 Gartner, “5 Network Cost Optimization Opportunities,” June 2019 2
3 Gartner, “Segmentation or Isolation: Implementing Best Practices for Connecting ‘All’ Devices,” September 2019.
 Edge Services Platform ARCHITECTURE
CONVERT EDGE DATA INTO BUSINESS OUTCOMES

DATA
REMOTE BRANCH OFFICE CLOUD CAMPUS
CENTER

ARUBA CENTRAL
3 AI-Powered features identify issues before they impact
AIOPS
SERVICES
ANALYZE Onboarding
businessOrchestration
Provisioning
and help ITAnalytics
resolve issues
Location
moreManagement
quickly
AND ACT

2 Applying principles of Zero Trust Security and SASE to

increase protection levels while simplifying
Continuous Policy operations
Unified Threat
SOFTWARE-
EDGE-TO-CLOUD
DEFINED
POLICY
PROTECT Visibility Authentication
Monitoring Enforcement Management

1 Unify network operations across

all domains and locations
UNIFIED
INFRASTRUCTUR
INFRASTRUCTURE
CONNECT Wireless Wired
SD-Branch
SD-WAN 5G IoT E
Gateway

Network-as-a-Service 3
 STEP 2: PROTECT
OLD WAYS OF SECURING NETWORK ACCESS
WON’T SCALE WITH IoT
Challenges:
• Time consuming
AAA Server
• Labor intensive
Wi-Fi AP • Error prone
Security Boundary • Unsustainable
EXECUTIVE

EMPLOYEE
Virtual AP 1
SSID: Corp PARTNER

CONTRACTOR
Enterprise Network
VISITOR
Virtual AP 1
SSID: Visitor
VLANs

55B devices will be connected

worldwide by 2022
– IDC
41% of orgs have network policies
that aren’t properly implemented
– Gartner

4
 Aruba Dynamic Segmentation

ROLE/IDENTIFY-BASED ACCESS CONTROL

DYNAMIC SEGMENTATION

ClearPass Device Insight ClearPass Policy Manager

(IoT Detection, Continuous Monitor) (Centralized Policy Management)

USERS AND APPLICATIONS AND

DEVICES DESTINATIONS
ACCESS SWITCH
Corp Office 365
POLICY ENFORCEMENT FIREWALL
BYOD Academic
records

IoT n0tma1ware
.biz
GATEWAYS
Guest AirGroup
ACCESS POINT

5
Aruba ESP Key Components

6
WI-FI 6 & 6E CERTIFIED
COMPLETE PORTFOLIO

7
 INTRODUCING WI-FI 6E
WI-FI 6 IN THE 6 GHZ BAND

2.4GHz 5GHz 6GHz

WI-FI 6
EXTENDED 20MHz

40MHz
MORE CAPACITY
WIDER CHANNELS 80MHz
CONTIGUOUS SPECTRUM
LESS INTERFERENCE 160MHz

8
INTEGRATED, BEST-IN-CLASS SECURITY

Branch Gateway

• Application and user aware firewall

Single Point of • Web content filtering
Policy
Enforcement • Dynamic Segmentation
• Unified WAN and LAN policy architecture

140+
ecosystem
partnerships ENHANCE ENHANCE
D D
Single pane of Glass for Wired/Wireless/SDWAN
ARUBA CENTRAL
Single Architecture

CONTROL CONTROL

Campus Branch
Wi-Fi AND Wi-Fi

UNIFY USERS AND THINGS UNIFIED WI-FI

UNIFIED SWITCHING COMPREHENSIVE SD-WAN

MPLS – 4G/5G –
AOS-CX DSL/Cable

CONTROL CLOUD-NATIVE BENEFITS: CONTROL

Simplify
• Eliminate siloed operations network design and
• Access new deployment SD-Branch / SD-Branch /
consumption models Remote Remote
Increase feature velocity worker worker
Common OS from • Enable AI/ML forand
self-driving
service resiliency
Closet to Core to DC networks
10
ESP Demo

11
Aruba DCN Architecture

12
AOS-CX
Built on cloud-native principles

Accessible from System, NMS or Cloud

Modularity Programmability
Faster innovation Simplified Aruba Network Analytics Engine
with independent operations
processes through automation
Time-Series Database

Resiliency Elasticity 100% REST APIs

Stable and reliable One operating model

State Database
microservices from edge access
design to data center
Microservices
Architecture

AOS-CX

13
Source: Gartner - Top Emerging Trends in Cloud Native Infrastructure
Aruba integrationAruba
Introducing with Composable Fabric
Fabric Composer
The on-site data fabric orchestration system

Key Features & Benefits

• Simplified provisioning & orchestration

• Complex workflow automation

• Manage and monitor global network configuration

• Integrate with 3rd party data center orchestration systems

• Integration with HPE Infrastructure hardware and software

• Visualize data center infrastructure

• Automate lifecycle events in the data center

• Holistic troubleshooting of end-to-end network connectivity

14
Easy to Configure Integrations
API level Integrations with Various Environments
• Environment awareness and auto-discovery
• Event based automation
• Workload traffic optimization
• Unprecedented visualization and improved troubleshooting

15
Automated VLAN & LAG Provisioning
Auto-Discovery & Configuration
- Discovery of VMs, vSwitches, NICs & Bonds - Monitor fabric utilization
- Visualize resource placement - Visualization simplifies troubleshooting

VLAN Auto-Configuration
- Automatically respond to VM lifecycle events - Learns & displays vswitches and bonds
- Auto-configure VLANs on Switch ports - Supports VM migrations across switches

Create Start Move VM Migrations Shutdown 16

End to End Visibility
Visualize
Visualize paths Important Host
from VMs to Details
Switch Ports

Host status and controls

for HPE Servers

Inspect Details

17
Modern Data Center Security Requirements

See Everything Reduce the Attack Surface Stop the Breach

Complete visibility of users, devices, Prevent attackers from moving Quickly detect, block, and respond
applications, workloads and laterally east-west with micro- to attacks before hackers can steal
processes segmentation and application data or disrupt operations
whitelisting

18
 Aruba CX 10000 Distributed Services Switch
– 1RU Fixed Switch Form Factor:
– T3 Switching ASIC - 3.2 Tbps, 32MB Buffer (shared)
– Used for forwarding/routing/other features
– 2 x Pensando DSM (7nm) Programmable Processor
– Used for smart stateful services (all forwarding performed by T3)
– 2 x Redundant Power Supplies (N+1)
Aruba Fabric – AOS-CX Network OS, full protocol stack support
P4 Programmable
Composer DSM
Processor
– Port Configuration:
Aruba CX 10000
25/100G DC leaf switch – 48 x 1/10G/25G SFP28, 6 x 100G QSFP
– 1 x 1G RJ45 management, 1 x RJ45 console port, 1 x USB
– Phase 1 Planned Services/Use-Cases:
– East-West DC Segmentation (Distributed Firewall & DDoS)
– Micro segmentation
– Observability (Packet Capture, Flow Logging/Statistics)
– Platform Management Options:
– Aruba AFC & Pensando PSM
– PSM & DevOps Tools (Terraform/Ansible), REST-API
19
70% of all breaches caused by end point security vulnerabilities, followed by Lateral Movement
 Aruba Fabric Composer Dashboard
Dashboard View Workflow Automations and Guided Setup
Includes information about fabrics, switches, hosts, VMs, and Security Point and click GUI streamlines and automates away complexity

New Workflows

New Config Area

Network and Switch Visualization API level integrations with various environments
Hosts, MAC, Neighbors, Switch inventory, health status Including HPE, Aruba, VMware vSphere, ESX, NSX and Nutanix 20
End-to-End Enterprise Switching Portfolio
Access - Aggregation - Core - DC/Cloud

Aruba CX 10000

Aruba CX 8300 Aruba CX 8400

Aruba CX 6400

Aruba CX 6300 Ruggedized

Aruba CX 4100i
Aruba CX 6200
Aruba CX 6100
Aruba CX 6000

21
performance, use case flexibility, form factor
2021 Gartner® Magic Quadrant™ for Wired and Wireless LAN Infrastructure
HPE Aruba Positioned as a Leader in the Gartner Magic Quadrant for Wired and Wireless LAN Infrastructure

Aruba’s 16th Time

In The Leaders
Quadrant1

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is
available upon request from Aruba, a Hewlett Packard Enterprise company. Gartner does not endorse any vendor, product or service depicted in its research publications,
and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of
Source: Gartner Magic Quadrant for the Wired and Wireless LAN Access Infrastructure Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research,
November 2021, Mike Toussaint, Christian Canales, Tim Zimmerman including any warranties or merchantability or fitness for a particular purpose. 22
ID Number: G00739263

1 Aruba’s 16 years of placement includes HPE (Aruba) in the Magic Quadrant for the Wired & Wireless LAN Access Infrastructure from 2015-2021 (7 years), Aruba Networks in Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights
the same Magic Quadrant from 2012-2014 (3 years) and in the Magic Quadrant for Wireless LAN Access Infrastructure from 2006-2011 (6 years). reserved.
Q&A

23
Thank you
Nirmalan.a@hpe.com