Posted Date: 2/21/2012
Aruba Introduces New Technology Spin on BYOD Management
By Tony Rizzo
Aruba Networks today introduced Aruba ClearPass, an access management system that simplifies and automates the secure provisioning of mobile devices on any enterprise network. The Aruba ClearPass solution enables network rightsizing by facilitating BYOD with automated provisioning, device profiling and device health checks on any network - regardless of who's hardware the network runs on - without requiring infrastructure upgrades. Aruba's ClearPass solution simplifies IT staff deployment of user mobile devices with ClearPass Onboard automated provisioning.
Aruba's ClearPass Guest, ClearPass Profiler and ClearPass OnGuard provide basic authentication, profiling and device posture check services. Aruba claims a significant cost savings of up to 52 percent over a similarly configured Cisco ISE-based solution. ClearPass operates with other vendor access infrastructure platforms, avoiding any costly upgrades to access points, WLAN controllers and access switches. When factoring in the cost of required Cisco infrastructure upgrades to deliver similar capabilities, Aruba's ClearPass can save customers up to 76 percent over solutions such as Cisco's ISE.
Maimonides Medical Center, a leading treatment facility and academic medical center in Brooklyn, N.Y., is among the first businesses to deploy and access network based on the Aruba Mobile Virtual Enterprise (MOVE) architecture, with hospital-wide wireless coverage provided by more than 300 Aruba access points. Maimonides also uses the Aruba Amigopod solution for guest access, and its IT team is enthusiastic about the Aruba ClearPass portfolio and its ability to enable no-touch mobile device provisioning, security and management.
"The number and types of personal mobile devices that people bring to work has skyrocketed in the past year," said Gabriel Sandu, senior director of technical services for Maimonides. "We want to let them access the network for business purposes, but the options most vendors gave us for doing this in a secure manner were both expensive and cumbersome. Several vendors proposed end-to-end proprietary solutions that gave us some of the functionality we needed, but locked us into their solution set after requiring us to upgrade. The Aruba MOVE architecture with ClearPass gives us the capabilities we need with the best-of-breed, multivendor network we have now, and gives us flexibility for the future."
Previously available solutions require IT departments to rip out much of their existing infrastructure and replace it with an expensive and confusing array of appliances. Adding to the complexity, Mobile Device Management (MDM) solutions are limited in their ability to provision and control network access for mobile devices. Aruba's ClearPass portfolio can be deployed on any existing network – wired, wireless or VPN – as a non-disruptive overlay. It also automates burdensome policy management and device provisioning tasks, enabling IT to onboard and control mobile devices at lower cost and with less complexity.
ClearPass does not completely remove MDM from the solution set relative to a complete mobile device management solution. Capabilities such as device lockdown and complete data wipe still require a third party MDM platform.
The goal for ClearPass is to deliver a solution that integrates all the necessary components for an efficient BYOD workflow, offering a single management platform for all devices, plus the option to license these additional capabilities on the same platform:
- Automated device provisioning: Automatically set VPN, email and network security settings, push enterprise applications and optionally revoke device access privileges
- Self-service mobile device network configuration: Cloud-based self-configuration of a device's 802.1X network security settings
- Device profiling: Accurate device identification can be used to determine security requirements and enforce policies based on device type and ownership
- Device risk management: Assessing the risk of mobile devices to the network, restricting access based on risk level, and remediating compromised devices
- Guest access: Secure guest management with fully automated registration workflows, detailed reporting and targeted advertising.