SOURCE: Aruba Networks, Inc.

August 14, 2007 08:00 ET

Aruba Networks Reins in the Security Risks of Mobile Devices

Interoperability With Third-Party Network Access Control Solutions, Complemented by Aruba's New Endpoint Compliance System, Controls and Mitigates Wayward Mobile Devices

SUNNYVALE, CA--(Marketwire - August 14, 2007) - Aruba Networks, Inc. (NASDAQ: ARUN), a global leader in user-centric networks and secure mobility solutions, today announced two advancements in Network Access Control (NAC), the process whereby devices are checked for security risks prior to admission onto a network. First, Aruba verified the interoperability of its user-centric networks with the three leading NAC solutions for devices managed by IT departments. Next, Aruba announced its new Endpoint Compliance System (ECS), a NAC solution that is especially well suited for unmanaged mobile devices, such as user-owned computers and PDAs, that are not as well served by the managed NAC solutions. Taken together these two advancements address the spectrum of managed and unmanaged devices, and offer users a comprehensive security solution for both fixed and mobile devices.

By verifying interoperability with the leading NAC solutions for managed devices, Aruba ensured that its network could be successfully integrated with all three major platforms. These platforms are Microsoft's Network Access Protection (NAP), Juniper's Unified Access Control (UAC), and Cisco's Network Admission Control (NAC). The identity-based access feature of Aruba's Mobility Controller authenticates users through the Active Directory, RADIUS, and LDAP databases used by these platforms. As a result all three NAC platforms, in addition to Aruba's new ECS system, can compare device security settings against enterprise security policies such as the anti-virus software version, firewall settings or operating system patches. The Mobility Controller correlates this policy information with its knowledge of user behavior, environmental factors such as time and location, and third-party in-line security appliances such as IDS/IPS systems or anti-virus devices. Any discrepancy will be flagged and the device quarantined or blacklisted.

"Aruba helps to extend the features of Network Access Protection to mobile users, allowing them to maintain a high level of security but without the encumbrance of a wired connection," said Manlio Vecchiet, Microsoft's group product manager, security and access product marketing. "We believe that secure mobility will only grow in importance as more users choose wireless solutions, and Aruba's commitment to both vendor interoperability and secure policy enforcement through a user-based stateful firewall will provide important benefits to users."

Aruba's new ECS tool extends Aruba's NAC offering to include threat assessment and policy decision making, and excels in the area of unmanaged devices, an area not well covered by the three major NAC solutions. Unmanaged devices typically include transient devices such as PCs and PDAs owned by users and not under the management of the facility's IT staff, a situation typically found in universities and hospitals. Working in conjunction with Aruba's user-based stateful firewall, policy enforcement is role-based and can be implemented as RF-level blacklisting, quarantining for immediate remediation, and redirection to third-party in-line security services such as anti-virus tools. Aruba's firewall allows quarantined users to be securely isolated, something not easily accomplished with traditional VLAN isolation. By protecting against risks from viruses, malicious attacks, and unauthorized clients, the new ECS tool is designed to mitigate common security risks.

"Mobile computing devices outsell desktop systems two-to-one, so networks must be designed to accommodate unmanaged, mobile devices," said Robert Fenstermacher, Aruba's industry marketing lead for enterprise solutions. "Identity, compliance, and enforcement are the watchwords of network access control technology, and Aruba's NAC solution performs each of these tasks reliably and efficiently. Enforcement follows users anywhere they connect, and dynamically changes as their security state or behavior changes. The result is improved security, a reduction of risk, and the optimization of the network for legitimate uses."

Aruba's ECS tool is available now. Pricing is available upon request.

About Aruba Networks, Inc.

Aruba securely delivers the enterprise network to users, wherever they work or roam, with user-centric networks that significantly expand the reach of traditional port-centric networks. User-centric networks integrate adaptive WLANs, identity-based security, and application continuity services into a cohesive, high-performance system that can be easily deployed as an overlay on top of existing network infrastructure. Adaptive WLANs deliver high-performance, follow-me connectivity so users are always within reach of mission-critical information. Identity-based security associates access policies with users, not ports, to enable follow-me security that is enforced regardless of access method or location. Application continuity services enable follow-me applications that can be seamlessly accessed across WLAN and cellular networks. The cost, convenience, and security benefits of user-centric networks are fundamentally changing how and where we work. Listed on the NASDAQ and Russell 2000® Index, Aruba is based in Sunnyvale, California, and has operations throughout the Americas, Europe, Middle East, and Asia Pacific regions. To learn more, visit

Aruba Networks is a registered trademark of Aruba Networks, Inc. All other trademarks or registered trademarks are the property of their respective holders. Portions © 2007 Aruba Networks, Inc. All rights reserved. Specifications are subject to change without notice.

Contact Information