Did you ever get that feeling when you walk into a room and you can literally feel the tension between people? I do quite often as I visit customers and get into a room with security and network engineers. Sometimes they are literally sitting on opposites sides from each other.
Mind the Gap
From a traditional standpoint, security is handled by the security engineers and networking is handled by the network engineers. Most of the time those guys (or girls) have their own take on security. The security engineers will state that security is enforced in the firewall (their domain). The network engineers of course will argue that security is everywhere in the network.
The fun part for me is getting them to work together as a team. When you enter the discussion, both sides will turn to you and hope that you will agree with their view. That is the moment I always tell them that they are both right! That normally takes some time to sink in.
Bridge the Gap with Custom-Made NAC
As I mentioned in my previous post, Aruba Networks has always taken its own path, regardless of the technology or product. Aruba's philosophy toward open and closed systems has always been the former: open systems. Most other vendors have a closed system approach regarding security and networking. In Aruba's mind, open is the new closed. In many cases, an open approach is a big plus.
In the interest of time, I will limit myself by only explaining how this relates to Aruba ClearPass Policy Manager. However, the open approach is embedded in most Aruba products.
Because of the open approach, ClearPass Policy Manager is a multivendor product. It works great with Aruba products, but it can also integrate with most other vendors and/or products in the market.
Moreover, you should not limit your integration of ClearPass Policy Managerwith only networking or security products. Widen your scope. Enterprise mobility management software, HVAC systems,access control systems or Hue lights—you name it—they will most likely be able to integrate with ClearPass Policy Manager. You can even go crazy. Make an integration with a weather service, and present everyone with an ice cream splash page when the temperature reaches 80 degrees.
Most ClearPass Policy Manager deployments are in brownfield networks, with many products from different vendors already installed. From a customer’s perspective, they have already invested time and money into their network. So why not use these products to create a tailor-made network access control (NAC) solution? Being a NAC solution, ClearPass Policy Manager is deployed on that boundary, in Aruba’s sweet spot between networking and security.
Now let’s get back to that team part mentioned earlier. All these products and solutions are already in place, managed by those security and network engineers sitting in that room. When they start working together by implementing and integrating ClearPass Policy Manager into their network, they can create that tailor-made fit, thus putting it all together!
More detailed information about this open approach can be found here: 360 Security Exchange Program.
This blog from Jon Green, Aruba CTO: “Lock Down Your Wired Network to Mitigate Insider Threat,” is another great example of why security and network engineers should work together to secure the wired network.
An entertaining podcast can be found here: “When Security and Networking Join Forces” starring Michael Dickman, Aruba VP of product management as the networking guy, Jon Green as the security guy.
My next post will be about learning new skills, where I will write about the challenges for network engineers in today’s networks, and the need to learn new skills.
See my first blog in the series:
HPN and Aruba: A Match Made in Heaven
source: Aruba Networks