Transcription
ARUBA CLEARPASSDEVICE INSIGHT
QUESTIONS WILL GET ASKED What is your current level of visibility related todevices connecting to your network? How are you addressing IoT devices? Do you knowwhich types are currently on your network? Do you have a plan to find an appropriately segmentthese devices?
Clearpass Video’s
CURRENT CHALLENGESIN DEVICE VISIBILITYIT/Security teams lack visibility intodevices on the network i.e. factorycontrollers, medical equipmentCurrent toolset fails to adequately addressvisibility and IoT use casesVolume, variety and the innovation of “things”means manual approaches cannot keep paceWithout comprehensive visibility, effectivesecurity and compliance is not possible
HALF OF ENTERPRISE STRUGGLING TO SECURE IOTSource: Ponemon Institute
CLEARPASS DEVICE INSIGHTOVERVIEWReduces Risk byEliminating Blind Spotsthrough DPI-based discoveryand profiling of devicesAutomatically Classifies UnknownDevicesusing advanced machine learning andcrowdsourcing intelligenceEnsures Secure Accessvia seamless integration withClearPass Policy Manager
TRADITIONAL PROFILING TECHNIQUESLACK DEVICE CONTEXTSTATIC ATTRIBUTESNMAP SNMP WMI
CLEARPASS DEVICE INSIGHT:FROM GENERIC TO GRANULAR DEVICE VIEWWINDOWS DEVICESTATIC ATTRIBUTESNMAP SNMP WMIAXIS DEVICEAXIS SECURITYCAMERADEEP PACKET INSPECTION (DPI)AXIS Q35NETWORK CAMERASTATIC BEHAVIORALATTRIBUTESAPPLICATIONSWEB SITESPORTSPROTOCOLSMACHINELEARNINGCROWDSOURCING
CLASSIFIES UNKNOWN DEVICESDeep Packet Inspection (DPI)Device AttributesMACHINE LEARNINGIP/MAC AddressApplication AccessCommunication ProtocolsCommunication FrequencyCROWDSOURCING
AUTOMATED DEVICEDISCOVERY AND PROFILINGStatic Attributes:Operating System, Hardware VendorActive and Passive techniquessuch as MAC OUI, NMAP, etc.Dynamic Attributes:Understanding Behavioral AttributesDeep Packet Inspection (DPI) and MachineLearning leverage communication patterns,applications, etc.Comparative Attributes:Finding CommonalityContinuous monitoring of device trafficand crowdsourced intelligence to refineand update device fingerprints
ELIMINATESBLIND SPOTS
Utilizing Machine Learning for Unknown DevicesDeviceIdentified andLabeledChecks forFingerprintDiscovered DevicesClassify knowndevices on based onstatic, flow and behaviorbased attributes
MAC / Vendor infoPort/ProtocolStatic Attributes(DHCP, User agent, SNMP info)MACHINELEARNINGBASEDCLUSTERINGUSING DPICommunicationFrequencyDestination IPApplicationCommunications
CLOUD-ENABLEDCOMMUNITY CROWDSOURCINGSignature is madeavailable for use byall customersAruba receivesthe signatureCustomer labels a deviceusing clusters or rulesSignature is testedand validated
DEVICEINSIGHTANALYZERARCHITECHTUREOVERVIEWCLOUD PLATFORMCombination of on-premises datacollector (appliance or virtual) andcloud-based analyzerBranchCampus / DatacenterThrough Deep Packet Inspection(DPI), device attributes are areextracted and metadata is sent tothe cloud for ualCollectorSwitch
INTEGRATION ENSURESSECURE ACCESS360 SECURE FABRICECOSYSTEM3rd Party Security andNetworking VendorsBi-DirectionalData ExchangeClearPass Policy ManagerClearPass Device InsightSEGMENTATION / ENFORCEMENTMulti-VendorWLANsENHANCED DISCOVERY / PROFILINGInternet ofThings (IoT)BYOD andCorporate OwnedMulti-VendorSwitching
Aruba IntroSpect - ClearPass IntegrationACB
IntroSpect SourcesAUTHENTICATION/IDENTITY ADLDAPINFRASTRUCTURE Consoles / WorkflowsFirewallVPNWeb ProxyDNS / DHCPSIEMANALYZERENTITY360ARUBA INFRASTRUCTURE Controller AMONEMAIL / DLPFULL SETANALYTICS3RD FORENSICSPARTY ALERTSFireEyePACKET PROCESSORDATAFUSIONBIG DATANETWORK ACCESS PACKETCAPTURENETWORK TRAFFICPACKETSFLOWSClearPassNETFLOWDPITHREAT INTELLIGENCE
ENFORCED BYDYNAMIC SEGMENTATIONPORT-BASEDDYNAMIC ROLE-BASEDManual configurationof ACLs, VLANs, QoSAutomate configurationswith contextPCI-compliantPoS portCamera portStaticDynamicPrinter portHard to scale for device type andquantity across multiple sitesFlatten configurations at highscale based on user, device, app
IOT IN HEALTHCAREClearPass Device InsightENHANCED DISCOVERY / PROFILING
HOW WE’REDIFFERENTCONTINUAL INNOVATION IN IOTCONNECTIVITY, SECURITY, AND AICOMPLETE VISIBILITY ACROSS THEENTIRE INFRASTRUCTREAUTOMATED, MACHINE LEARNINGBASED, DISCOVERY AND PROFILINGCLOUD-ENABLED, CROWDSOURCEDFINGERPRINTSDYNAMIC ROLE-BASEDACCESS CONTROL
ClearPass and Aruba ClearPass Device InsightDo you need visibility and control?
Device Insight By Itself Provides Enhanced Visibility and Reporting OnlyIoTUserGuestDevices Devices rtingEnhancedReportingEnhancedReporting
ClearPass Policy Manager Provides Good Visibility and Expert ControlIoTUserGuestDevices Devices DevicesClearPass licy BasedControlPolicy BasedControlPolicy BasedControl
Aruba ClearPass Device Insight ClearPass Policy ManagerIoTUserGuestDevices Devices DevicesArubaClearPass DeviceInsightClearPass gEnhancedReportingPolicy BasedControlPolicy BasedControlPolicy BasedControl
License modelComponentComponent TypeSKUsAruba ClearPass Device Insightsoftware (Device count based SKU)Software running on ACP*Subscription based 1,3 and 5 year SKUsCollectors (Virtual)Software on customerhardwareComes with device insightCollectors (Physical)Hardware3 models to support 500, 5000 and 25K devicecount*Long term plan is to support on-prem and private cloud deployment**Compliance suite includes Aruba ClearPass Device Insight
ClearPass Policy Manager Provides Good Visibility and Expert Control IoT Devices Good Visibility Basic Reporting Policy Based Control User Devices Great Visibility Basic . **Compliance suite includes Aruba ClearPass Device Insight. Title: Aruba ClearPass Author: Jon Garside Created Date:
