Aruba announces Software-Defined Branch (SD-Branch) solution
Aruba has announced its Software-Defined Branch (SD-Branch) solution

Aruba announces Software-Defined Branch (SD-Branch) solution

Aruba, a Hewlett Packard Enterprise company, has announced its Software-Defined Branch (SD-Branch) solution, a new approach designed to help customers modernise branch networks for evolving cloud, IoT and mobility requirements.

The integration of new cloud-managed SD-WAN, wired and wireless networking solutions, secured with context-based policy enforcement, significantly advances IT professionals’ ability to deliver improved network availability and application performance, while dramatically reducing management time and operational and capital expenditures.

The influx of mobile and IoT devices, greater reliance on cloud-based applications, and shrinking IT budgets are having a profound impact on IT organisations. Branch operators also face increased complexity and inefficiencies with a multiplicity of different tools for managing the network and security from different vendors.

Aruba’s SD-Branch solution integrates new Aruba Branch Gateways to provide a single point for SD-WAN, wired and wireless networking, policy enforcement with Aruba’s enhanced Aruba Central cloud management platform to deliver secure, simplified branch connectivity at scale.

This purpose-built, unified solution marks a significant advancement beyond pure-play SD-WAN offerings by delivering reduced device footprint, streamlined deployment of large-scale distributed installations and lower WAN connectivity costs for branch customers.

Key benefits of the Aruba SD-Branch Solution include:

  • Simplicity at enterprise scale: Cloud-based management provides remote, centralised provisioning and management of wired and wireless connections inside the branch and WAN and Internet connections with SD-WAN infrastructure. This enables IT to quickly implement new services and network changes across large, distributed environments without requiring on-site IT.
  • Integrated, best-in-class security: Aruba security solutions offer automated, granular intra-branch and WAN policy enforcement capabilities. New Aruba 360 security exchange technology partners deliver cloud-based firewall and threat protection.
  • Optimised branch experience: Application, user and device contextual awareness delivers granular QoS within the branch and across the WAN for SaaS, mobile UC and other remote applications. This simplifies how LAN and WAN traffic is prioritised and routed inside and outside the branches to deliver a consistent experience, regardless of user role, device type or location.

Simplicity at enterprise scale: Aruba Central and infrastructure enhancements

Aruba’s SD-Branch solution enables IT organisations to effectively manage more branch locations with less staff while leveraging a consistent approach for security and compliance across locations. By integrating and centralising management while eliminating costly MPLS connectivity, customers can realise savings up to 75% as compared to traditional deployments.

Aruba Central with new SD-WAN support has been enhanced to provide automated configuration capabilities, granular visibility and easy-to-use troubleshooting tools. Aruba’s Zero Touch Provisioning (ZTP) and intuitive mobile app for automated device onboarding, provides non-technical staff at the branch a plug-and-play experience that eliminates the need for manual onsite configuration and costly, time-consuming truck rolls.

As it continues to expand its global presence, high-end, luxury retailer Vera Wang is an organisation that is facing this challenge as it scales its operations.

“We need to get stores up and running quickly, and maximise our WAN availability and efficiency,” said Stewart Ebrat, CIO for Vera Wang. “Aruba’s SD-WAN solution removes the burden of building out a distributed infrastructure.”

Integrated, best-in-class security and new cloud UTM partnerships

The rise in mobility, IoT devices and cloud-based applications in the branch requires an automated and comprehensive way of approaching security. Aruba is uniquely positioned to provide user and device context for consistent role-based enforcement across the LAN and WAN. Aruba ClearPass policy manager simplifies and automates how policies are applied across different layers of network and application access removing the need for time consuming manual configurations.

“I’m excited about Aruba’s edge-to-cloud vision and integrating SD-WAN functionality. This will help us solve our performance and deployment problems at a fraction of the cost,” added Corey Hasberry, IT Manager for Vera Wang. “Aruba’s role-based security for our Wi-Fi and WAN infrastructure will help us bring a consistent experience to our employees and customers.”

Additionally, all network traffic within a branch can be forwarded to the Aruba Branch Gateway for deep packet inspection using the built-in stateful firewall. IT organisations can easily assign policies for specific device types to segment their traffic up to the application layer. In a retail environment, this easily helps limit the malicious use of in-store security cameras or designate where a Point of Sale (PoS) device can send traffic.

To solve security vulnerabilities outside the branch perimeter, Aruba has expanded its Aruba 360 security exchange technology partner programme with the addition of Zscaler and new integrations with Check Point Software Technologies and Palo Alto Networks. These ecosystem partners provide cloud-based firewall functionality and unified threat management to secure organisations’ sensitive traffic heading for public Internet-bound destinations.

Optimised branch experience: new Aruba Branch Gateway delivers WAN insights and control

Providing improved user experiences starts with delivering unmatched reliability. According to Gartner, a network outage can be more than an inconvenience, and evidence shows that these can cost anywhere from US$1,000 to US$1,000,000 per incident in lost productivity or revenue, depending on location and enterprise use case.

By leveraging context to gain insight into the health of the customers’ entire distributed branch network – wired, wireless and WAN – IT organisations can dynamically optimise the user experience in real-time before any impact to the business occurs.

Embedded in the new Branch Gateway, Aruba’s unique context-awareness capabilities go beyond granular role-based network access and application security to deliver unmatched quality of service (QoS) experience from the LAN to the WAN. This allows IT professionals to satisfy the needs of end users while simplifying IT operations.

Additional Branch Gateway features such as policy-based routing and dynamic path selection can now leverage this contextual data and awareness to dynamically route traffic across the WAN based on user, device or group affiliation. For example, retail organisations can easily prioritise PoS system and video traffic versus guest traffic, while hotels can prioritise voice traffic for anyone involved with customer service.

Pricing and availability

Without having to upgrade Aruba access points or switches, IT professionals can integrate new SD-WAN capabilities into their branch networks. Aruba’s SD-Branch solution is delivered as a part of Aruba Central with subscription-based licenses applied to a branch gateway at each site and a headend gateway hosted centrally.

Check Point Software Technologies is the largest network cybersecurity vendor globally, providing industry-leading solutions and protecting customers from cyberattacks with an unmatched catch rate of malware and other types of threats.

“The migration of corporate assets and applications to the cloud has led to 5th generation multi-vector cyberattacks threatening all businesses, and Check Point provides cloud-delivered security services to prevent these types of attack,” said Jason Min, Head of Business and Corporate Development, Check Point Software Technologies. “By integrating our cloud security platform with Aruba’s SD-Branch solution, Check Point is providing businesses with Gen V advanced threat prevention solutions, preventing all types of attacks on the cloud, endpoints, remote offices, and mobile devices.”

Click below to share this article

Browse our latest issue

Intelligent CIO Europe

View Magazine Archive