Project Description

The demands on the modern network, and on today’s IT teams, are growing every day. The number of users and devices that connect to corporate infrastructure is expanding rapidly, driven largely by the continual growth in the volume of IoT devices appearing on the edge of networks. Similarly, the ways in which people can connect, and the locations from which they expect to be able to do so, are becoming increasingly complex and varied. On top of all of this, IT teams need to protect their networks – and their organisation’s data – from ever-growing and morphing cyber-security threats.
Even before the pandemic, many IT teams were struggling to keep up with ever-escalating workloads. Now, with cost-cutting a top priority for many Australian businesses, doing so is even more challenging.
Fortunately, Aruba’s ClearPass technology can help. This smart, powerful technology automates and streamlines several of the processes that IT teams would otherwise be tasked with – freeing up time, improving overall security, and delivering greater control and visibility.  Here’s how:

1. Quick and easy device onboarding

Managing the onboarding of personal devices for bring-your-own-device (BYOD) deployments can put a strain on IT and help desk resources, and can also very easily create security concerns.

With Aruba ClearPass Onboard, however, the process can be much simpler and streamlined. This advanced technology automatically configures and provisions a range of mobile devices – Windows, macOS, iOS, Android, Chromebook, and Ubuntu – so they can securely connect to the company’s network. The IT team can define who can onboard devices, the type of devices they can onboard, and how many devices are allowed per person.

There are several features of ClearPass Onboard that simplify and cut workload for IT teams when it comes to device onboarding. These include:

  • Users can self-register and securely onboard multiple devices
  • Supports a range of operating systems, including Windows, macOS, iOS, Android, Chromebook and Ubuntu
  • Can support customised workflows depending on what your business needs
  • Supports Active Directory and cloud identity credential authentication, for greater security and control
  • Automates the configuration of network settings for both wired and wireless endpoints
  • Enables the unique provisioning and revocation of device-specific credentials and certificates
  • Contains built-in certificate authority specifically for BYOD
  • Uses profiling to identify a device type, manufacturer and model
  • Provides BYOD visibility and centralised policy management capabilities.

2. Independent guest access

BYOD isn’t just about employee devices – it’s about any visitor whose device requires network access – wired or wireless. Ordinarily, providing secure network access for these devices could be quite time consuming and ad-hoc for IT teams.

Aruba’s ClearPass Guest technology, however, removes the burden from IT teams – making it easy for authorised people within the business (employees, receptionists, event coordinators, and other non-IT staff ) to create temporary network access accounts for any number of guests per day. Smart caching ensures that guests can easily connect throughout the day without repeatedly entering credentials on the guest portal.

There’s also the option of guest self-registration, which takes the task away from employees entirely, and lets visitors create their own credentials. Login credentials are delivered via printed badges, SMS text or email. Credentials can be stored in ClearPass for pre-determined set amounts of time and can be set to expire automatically after a specific number of hours or days.

3. Automated security checks

With so many varied devices connecting to the modern network, security risks can very easily occur.

With the Aruba ClearPass Access Management System, however, IT teams can dynamically profile devices as they connect. This gives IT teams valuable information that can be used within policies and for troubleshooting. Policies based on real-time contextual data allow security and network teams to allow or restrict access to internal resources based on user, device type and their assumed risk level.

Aruba’s ClearPass OnGuard technology can also help make life easier for IT teams,  offering built-in capabilities that perform posture-based health checks to eliminate vulnerabilities across a wide range of computer operating systems and versions. Whether agentless, or using persistent or dissolvable clients, ClearPass can centrally identify compliant endpoints on wireless, wired and VPN infrastructures.

4. Policy-led network traffic management

For networks to operate at their most secure and efficient, having policies in place to organise network traffic is essential.

With Aruba’s Dynamic Segmentation technology, an organisation’s policies can be automatically applied and enforced. IT teams can build wired and wireless policies that leverage a range of intelligent context elements. For instance, traffic may be organised according to user roles, device types, certificate status, location, or even the day of the week.

No matter how devices connect, Aruba Dynamic Segmentation automatically enforces consistent policies across wired and wireless networks – keeping traffic secure and separate. This means it’s easy for guests, IoT and business operations to coexist at any network location, without over-burdening IT teams with the management.

Want to learn more?

To find out more about how you could reduce the burden on your IT team with an Aruba’s ClearPass solution, implemented by Blue Connections, please get in touch.

POST AUTHOR:

PAUL WILSON

Practice Manager – Networks, Security & Unified Comms, Blue Connections IT