This post co-authored by Shruti Sood and Abhinav Raj
Before talking about cloud-based NAC (Network Access Control), let’s first understand, “Is NAC still relevant in the modern world?”
The continued relevance of network access control
According to a study by Ponemon Institute,“58% of respondents believe that the integration of NAC functionality with other elements of their security stack is very or highly important.” This statement proves the significance and relevance of a NAC solution for businesses. Deployed on-site, NAC (Network Access Control) solutions have been defending corporate network security for years by authenticating and authorizing devices and users connecting to the network. With evolution of use cases like authentication and authorization of IoT and BYOD devices coupled with threats from advanced network attacks, the importance of NAC has only increased with time. The same Ponemon Institute study pointed out that, 67% of respondents believe that identifying and authenticating IoT devices accessing the network is critical to the organization’s security strategy.”
Robust on-premises NAC has always been the go-to solution for enterprises and businesses in data-sensitive verticals like finance, healthcare, government, etc. These businesses usually have dedicated in-house security teams for implementing and maintaining network security solutions like a NAC. However, with shortages of security experts in the job market combined with rising operational expenses, and the transitioning of on-premises apps and data to the cloud, enterprises now need cloud-delivered network access control that inherits the same reliability as on-prem NAC with the added advantages of simplicity and scalability. For small and medium enterprises facing similar challenges with limited resources, the need for a strong yet simple NAC solution to protect critical data and digital properties is even greater.
On-premises NAC vs. cloud-based NAC
An on-prem NAC is an important component of strong network security, solving the ever-growing security challenges bought by BYOD and IoT devices accessing the network. However, this protection comes with costs and complexities as discussed above: challenges demand a modern approach where NAC can leverage the advantage of cloud while being made less complex and more budget friendly, affordable for large and small-to-medium enterprises to deploy and maintain.
The solution: A cloud-based NAC that can be deployed and maintained with limited resources and is easy to use, that can solve the network security challenges for SMEs like securing BYOD or mobile devices, and at the same time can be scaled to provide complex security policies for large enterprises.
Keeping these needs in mind and leveraging everything we have learned from building and expanding HPE Aruba Networking ClearPass, HPE Aruba Networking has a robust cloud NAC solution, that has been successfully meeting businesses security requirements for the past ttwo years!
Cloud Auth is delivered via HPE Aruba Networking Central, our AI enabled network management solution. Coupled with Client Insights, which provides AI-powered device identification and profiling, organizations gain an advanced solution that uses NAC (leveraging user roles, device types, MDM/EMM data, certificate status, location, day-of-week, and more) to provide least privilege access in line with zero trust security principles. Here are the top seven features of Cloud Auth:
- Time-saving workflows to configure and manage onboarding, authorization, and authentication policies for wired and wireless networks via the cloud
- Integration with common cloud identity stores such as Google Workspace, Microsoft Entra ID and Okta.
- Use of RadSec protocol, which is more secure and less prone to tampering than RADUIS
- Easy onboarding of wired and wireless devices with 802.1X authentication, MAC Authentication for non-802.1X devices or with Multi Pre-Shared Keys (MPSK) eliminating the need for pre-registration
- Simplified end-user experience using a client app (mobile, desktop, laptop) with support for a broad range of devices
- Enhanced security with AI-based Client Insights for secure and 802.1X authentication.
- Frictionless, transparent visitor access for mobile devices with HPE Aruba Networking Air Pass
Air Pass is only available for United States
Figure 1. Cloud Auth: High-level interactions
Cloud Auth leverages Roles defined in Central to enable end-users to connect to wired and wireless networks securely and automatically. The cloud-native security service integrates with a company’s existing cloud identity store such as Google Workspace or Azure Active Directory to authenticate the user’s information and assign them the right level of network access. Small and medium-sized organizations with limited IT personnel benefit from simplified workflows and secure role-based policies administered through HPE Aruba Networking Central to ensure users and devices have appropriate network access.
Cloud Auth is our game changing network security solution that empowers businesses of all size and capacity to deploy a strong NAC solution and meet the growing demand for simplified security solutions. In the same capacity, we are working towards unifying our NAC and SSE (Secure Services Edge) to offer a unique and simplified edge-to-cloud security management experience and help businesses in their SASE and Universal ZTNA journey.
Interested in learning more? Please follow the link to read more about Cloud Auth or let our experts take you through the product—place a request here.
