SonicWall and Aruba: Network Defense BFFs (Boosted, Fortified, Flexible)

Here’s how combining Aruba ClearPass and SonicWall NGFWs can deliver more proactive and dynamic network defense.

By

As flexible and efficient network topologies become the norm, one of the key challenges we grapple with is ensuring security and control in a mobile-first environment. Figuring out how to effectively coordinate between networking and security architectures to establish centralized policies involves considering both wired and wireless connections. These policies need to be duly enforced, regardless of wherever and whenever devices and users establish a connection.

Determining what measures should be undertaken if a genuine user or device gets compromised post-connection is another concern — no networked environment is entirely immune to this threat.

To add complexity to an already complicated problem, organizations are constantly confronting new issues due to the ever-increasing number of headless machines and IoT devices being added to the IT landscape — many of which present novel pathways requiring cautious oversight.

Aruba ClearPass is a solution designed to manage network access control and policies. Its capabilities go beyond the traditional boundaries, covering network access on both wired and wireless terrains as well as BYOD and IoT/OT mechanisms. It not only enables secure network access, but also accelerates threat response time.

When this cybersecurity game-changer teams up with SonicWall firewalls, the result is a potent, integrated solution that bolsters your network security, preventing cyberattacks and leveraging smart automation.

Within this feature-rich offering, Aruba ClearPass Secure Network Access Control (NAC) shines with its real-time user-to-device mapping and comprehensive device health checkups. It harnesses next-generation firewall (NGFW) policies and rules to detect even the smallest shifts in user or device behavior — changes which often suggest a rogue insider.

In addition to establishing superior visibility into IoT and corporate devices on the network, this joint solution allows you to regulate firewall policies and application access. With user identity and device security posture in mind, it adds another layer of protection to your network environment.

Why Aruba and SonicWall?

By implementing comprehensive and adaptive rules and policies, the combination of SonicWall and Aruba greatly increases your digital protection and your peace of mind. Here’s how:

Device and User Context Awareness

SonicWall NGFWs consider enhanced user and device contexts by recognizing different roles, assessing the health status of each device, and more. The result is a personalized, foolproof shield against any unwanted traffic.

Threat Protection

The system doesn’t just stop rogue traffic — it goes the extra mile to defend network users from threats like phishing, malware, and other sophisticated exploits that could breach your network.

Single-Policy Authorization

SonicWall and Aruba prevent unwanted access by enforcing a single policy, extending our authorization and enforcement across both wired and wireless networks.

Proactive Attack Detection

ClearPass and SonicWall NGFWs work together to provide a proactive, closed-loop attack detection mechanism, reinforcing your digital fortifications. Unusual activity is promptly escalated, triggering a policy-based response to stop the breach.

How Does It Work?

Aruba ClearPass provides total visibility of connected and connecting users, as well as devices in wired and wireless multi-vendor environments. SonicWall NGFWs provide restful threat API, which integrates with Aruba ClearPass as network access control.

Using the restful API, ClearPass can pass security context vectors — including Source IP, Source MAC, User ID, User Role, Domain, Device Category, Device Family, Device Name, OS Type, Hostname and Health Posture — to SonicWall NGFWs. The firewalls then enforce real-time rules based on device type, OS and device health posture at every point of control.

When an alert is generated on a client machine, ClearPass can send it to the SonicWall NGFW, triggering a range of predetermined and policy-based actions, from quarantine to blocking. This seamless, automated enforcement can help prevent one compromised machine from becoming a thousand.

USE CASE: STOP UNAUTHORIZED ACCESS AND SECURE USE OF BYOD/IoT

As remote work and BYOD policies become more common, devices not owned by the business will increasingly have access to corporate data, systems, and services. And while IoT devices can bring significant benefits to businesses and their employees, they also introduce major security issues, making them common targets for cybercriminals.

Aruba ClearPass and SonicWall NGFWs work together to prevent unauthorized access. They profile client devices detected on the corporate network, offering complete visibility of connected and connecting users in both wired and wireless environments. The NGFW utilizes user and device profiling data to determine access rights and restrict access to corporate assets, decreasing the impact of a compromised device.

USE CASE: ROLE-BASED NETWORK ADMISSION AND CONTROL

Today’s workplaces are constantly connected to the Internet. While this has drastically increased efficiency, it poses a threat to data privacy. Users can easily access and download inappropriate or risky content from the corporate network, often without knowing the potential risks involved. This increases risks to organizations’ intellectual property and application data.

Aruba ClearPass works with SonicWall NGFWs to enable granular access control and visibility into corporate user profiles and taking action via the SonicWall firewall if a user’s machine is infected. Any detected anomalies will trigger a range of predetermined policy-based actions, such as quarantine or blocking, to protect the rest of the network.

CERTIFIED INTEROPERABLE

Aruba and SonicWall have taken the guesswork out of security by turning static security into contextual security, resulting in more advanced and flexible protection. Setup is simple, requiring only a wireless PC with the ClearPass OnGuard app installed, an Aruba access point, Aruba Mobile Network Controller, ClearPass CPPM service and a SonicWall firewall.

SUMMARY

SonicWall has been successfully securing networks for more than 30 years — and Aruba’s secure infrastructure is the ideal way to support proven SonicWall firewalls in applications of any size. Contact us to learn more about how Aruba and SonicWall can deliver your network a cost-effective predictive maintenance solution.

Asif Mujtaba
Product Manager, Firewall Solutions | SonicWall
Asif Mujtaba serves as Product Manager for firewall solutions at SonicWall. Before assuming this role, Asif garnered extensive experience in various capacities across different organizations, including solution engineering, escalations, and technical lead roles. With over 12 years of expertise in the technology sector, Asif specializes in firewalls, VPNs, WAF and enterprise network security.