ARUBA NETWORKS DEMONSTRATES HOW NAP SECURELY EXTENDS MOBILITY.
The integration of NAP and Aruba's Mobile Edge architecture enables enterprises to set security and compliance policies that follow each user throughout the mobile network while ensuring the integrity of different devices connected to the network.
"User demand for mobility and security has placed new mandates on enterprises to secure their network infrastructure without taxing IT resources," said Mike Schutz, group product manager of the Windows Server division at Microsoft Corp. "Industry partners such as Aruba are paramount to the success of our mutual enterprise customers. Aruba's advanced, multi-layered security capabilities add unique value to the Microsoft Network Access Protection technology and will enhance end-to-end network security."
With Aruba's NAP-enabled Mobile Edge architecture, corporations can now introduce new security measures that were once impossible to achieve with traditional networking components. Unlike other WLAN systems, Aruba's products are identity-based, allowing corporations to tie stateful security policies to users as they authenticate, then have those policies follow them as they move throughout the network-even when connecting from remote locations. IT departments, in turn, can implement a true "defense-in-depth" security framework that seamlessly overlays any existing IP data network while delivering enterprise mobility.
NAP for Windows Vista and Windows Server "Longhorn" is a platform technology designed to protect networked assets by enforcing compliance with network access and security policies, determining access based upon validated client health state, and coordinating endpoint remediation services to ensure ongoing compliance. NAP builds policy enforcement capabilities into the Windows Vista and Windows Server "Longhorn" operating systems that allow Aruba's system of mobility controllers and controlled wired and wireless access points to enforce quarantine conditions for non-compliant devices. Once in a quarantine state, unhealthy clients are prevented by the Aruba network infrastructure from communicating with any other clients. NAP then provides for automatic remediation to bring client devices back into compliance.
"Aruba has always been at the forefront of mobility and security, and our integration with Network Access Protection is another example of how we're protecting our FORTUNE 500 customers while delivering the mobility they demand," said Merv Andrade, Aruba's chief technology officer. "Microsoft's Network Access Protection program represents an important industry initiative, building an ecosystem of best-of-breed technologies to develop applications and end-to-end solutions with which to better serve customers. Aruba is very pleased to be a part of this effort."
Combined with NAP, Aruba's centralized mobility controllers serve as effective policy control points in the network. Network traffic from mobile users is concentrated and processed in the mobility controller, where it can be compared against policy rules pushed by the Microsoft Network Policy Server (NPS). Powering each mobility controller, the ArubaOS operating system provides the following functionality to enhance NAP:
-- Identity-Based Security applies policies and rules based on user identity rather than physical port, IP address, or MAC address. By uniquely terminating both encryption and authentication in the same device, the mobility controller knows with 100% certainty whether a given packet was sent by an authenticated user. Even if that user-or malicious software running on that user's device-changes a MAC or IP address, the mobility controller still applies the same policy.
-- Stateful Per-User Firewall gives each user or device a unique set of firewall policies to tightly control network access. ArubaOS implements a full stateful ICSA-certified firewall in hardware to apply flexible rules based on source address, destination address, type of service, time of day, physical location, authentication method, and user identity.
-- Universal Authentication permits devices to authenticate to the network in multiple ways. Aruba mobility controllers support 802.1x authentication, VPN authentication, and Captive Portal web-based authentication simultaneously over the same wired port or wireless SSID. In this way, clients connecting to a wired port or to a wireless SSID can use whatever authentication protocol for which they are configured, meaning that no client is locked out of the network.
The full functionality of NAP will be available as part of Windows Vista, the next version of the Windows operating system, and as part of the next version of Windows Server, code-named "Longhorn." Support is also planned for Windows XP and Windows Server 2003. Support in ArubaOS is available immediately.
About Aruba Networks, Inc.
Aruba Networks is a fast-growing enterprise infrastructure company enabling the mobile edge, an evolutionary new network architecture that addresses three top concerns of IT managers-mobility, security, and convergence. The mobile edge extends the reach of enterprise networks, providing secure access to information and voice services anywhere a user needs them, enabling new applications, allowing organizations to compete more effectively, and bringing about dramatic economic benefits. To deliver the mobile edge, Aruba manufactures and markets a complete line of fixed and modular mobility controllers, wired and wireless access points, and an advanced mobility software suite. Privately held and based in Sunnyvale, California, Aruba has operations in the United States, Europe, the Middle East, and Asia Pacific, and employs staff around the world.
For more information, visit http://www.arubanetworks.com or call 408/329-5108
|Printer friendly Cite/link Email Feedback|
|Publication:||LAN Product News|
|Date:||Apr 1, 2006|
|Previous Article:||NORTEL UNVEILS SECURE NETWORK ACCESS SWITCH.|
|Next Article:||ALCATEL ENHANCES OMNIACCESS WIRELESS LAN PRODUCT FAMILY.|