Project Description

A lack of network visibility can be a major problem for businesses of all sizes. For many, IT teams can only guess what devices are connected to the network, from where, and who they belong to. Without granular visibility into who and what’s connected, there’s no way to create policies that meet the needs of specific groups, proactively troubleshoot problems or ensure compliance.
Here’s an overview of some of the top challenges caused by a lack of visibility, and how an Aruba ClearPass solution – implemented by Blue Connections IT – can help.

Challenge #1 – Unknown devices accessing private data

Today, IT teams are faced with a huge increase in the number of devices that access the corporate network. A modern worker, for instance, typically connects using an average of three separate mobile devices.¹ Plus, the number of IoT devices that are connecting is growing astronomically. This can include things like temperature, lighting and location sensors, as well as surveillance cameras and audio-visual equipment. In fact, IDC predicts that by 2025, there will be 40 billion IoT devices on corporate networks, and 79 zettabytes of data at the edge of these networks.²

Without visibility over these devices and their level of ‘security clearance’, it can be very difficult for IT teams to prevent them accessing private data – the consequences of which can be dire.

This is where Aruba’s industry-leading ClearPass technology can help. This solution includes ClearPass Device Insight, which helps IT teams discover and profile the wide range of devices on the network. This is achieved through a combination of Deep Packet Inspection (DPI), advanced machine learning, and crowdsourcing device fingerprints.

By putting a strict multi-vendor wired and wireless policy in place, IT teams can then ensure that only authenticated or authorised devices are able to connect to the network and access private data. With Aruba ClearPass, it’s even possible to control access by context too: user roles, device types, certificate status, the location of a device, the day of the week and much more.

Challenge #2 – Unprotected devices with malware

For many businesses, problems can also arise when ‘unhealthy’ devices access the network, especially if they come with malware. When there is a lack of visibility regarding which devices are healthy versus those which are high-risk, problems can very quickly occur. IT teams can resolve this problem by performing ‘health assessments’ on specific devices, ensuring that they meet the anti-virus, anti-spyware and firewall policies of the business.

Aruba’s ClearPass OnGuard technology, for instance, includes built-in capabilities that perform posture-based health checks that can eliminate vulnerabilities across a wide range of computer operating systems and versions, including wireless, wired and VPN infrastructure.

Also, Aruba’s IntroSpect User and Entity Behaviour Analytics (UEBA) technology spots small changes in a device or user’s behaviour, when put into context over time, that are indicative of attacks which have evaded traditional security defences. Phishing scams, social engineering and malware are some of the ways through which criminals acquire employee corporate credentials. IntroSpect automates the detection of these attacks and provides analytics-driven visibility.

Challenge #3 – Network resource utilisation

A major challenge for IT administrators can be determining how best to utilise and organise the various resources within a network to ensure optimal efficiency and security. Without overarching and immediate visibility of resource utilisation, however, doing so can be extremely difficult.

On an Aruba network, Dynamic Segmentation automatically enforces consistent policies across the network, to keep traffic secure and separate.

Challenge #4 – Limited control over guest devices connecting to the network

Another issue can arise when IT teams don’t have visibility over which guest devices are connecting to the network at any given time – or where these devices need to be manually permitted, which can be extremely time consuming.

Many businesses have processes in place to support bring-your-own-device (BYOD) policies for employees. However, BYOD isn’t just about employee devices – it’s about any visitor whose device needs network access, whether wired or wireless.

Aruba’s ClearPass Guest solution makes it easy and efficient for anyone – whether an employee, receptionist, event coordinator, or other non-IT staff – to create temporary network access accounts for any number of guests per day. Smart caching also ensures that guests can easily connect throughout the day without repeatedly entering credentials on the guest portal. IT teams can then see, at a glance, which devices have guest access – and how. Credentials can also be stored in ClearPass for pre-determined set amounts of time and can be set to expire automatically after a specific number of hours or days.

Want to learn more?

Gaining insight into exactly which people, and devices, are connecting to your network is the first step towards improving security, and reducing the burden on your IT team.

If you’re interested in learning more about Aruba’s ClearPass technology, and how a solution implemented by Blue Connections could improve your level of visibility and control, please get in touch.

POST AUTHOR:

PAUL WILSON

Practice Manager – Networks, Security & Unified Comms, Blue Connections IT
REFERENCES: