The Aruba Networks Policy Enforcement Firewall™ (PEF) provides context—based controls to enforce application—layer security and prioritization. With PEF, IT can enforce network access policies that specify who may access the network, […]
The Aruba Networks Policy Enforcement Firewall™ (PEF) provides context—based controls to enforce application—layer security and prioritization. With PEF, IT can enforce network access policies that specify who may access the network, with which mobile devices and which areas of the network they may access. AppRF is a PEF feature that is designed to give network administrators insight into the applications that are running on their network, and who is using them. WebCC™ is an optional PEF subscription feature that includes URL filtering, IP reputation, and geolocation filtering. Aruba Networks PEF with AppRF™ technology provides user—level awareness of all traffic across the network. Aruba Networks Mobility Controllers™ support multiple user categories on a single network, spanning wired, wireless and VPNs. During the network sign—on process, the identity and role of each user or device is learned. Employees and other authorized internal users can be treated as a single class or further subdivided according to information found in a directory server. Comprehensive voice management and control—Aruba Networks PEF™ offers extensive voice management capabilities using the session initiation protocol (SIP), including detailed reporting and troubleshooting as well as at—a—glance data via tables and graphs.
Other capabilities include—phone number association—SIP—enabled devices can be tracked and displayed by their phone number. Call quality tracking—automatically calculate, display and track the R—value for each SIP call being processed through an Aruba Networks Mobility Controller™. SIP authentication tracking—track the registration of SIP devices to an IP PBX to determine if they are authenticated. Call detail records (CDRs)—display calls made to and from Wi—Fi clients, including originator, terminator, termination reason, rejected and failed calls, duration, and call quality. High—performance traffic processing—with Aruba Networks PEF™, policy enforcement does not come at the expense of performance or require additional external hardware. Intelligent application identification—deep packet inspection (DPI) and of Layer 4—7 traffic and intelligent analysis allows Aruba Networks AppRF™ technology to identify many new types of applications—encrypted applications—for encrypted traffic, Aruba AppRF™ technology uses heuristics to look for traffic patterns and establishes a unique fingerprint to identify those applications.
Aruba Networks ApplicationQuality Of Service
Network services like Apple AirPrint™ and AirPlay™ are optimized, IP multicast video traffic is automatically prioritized, and proprietary Apple FaceTime traffic and encrypted voice and video sessions like Microsoft Lync™ are automatically identified and prioritized. Most powerfully, knowledge of call status enables smarter voice—over—IP management across the air. Capabilities like RF management and load balancing do not affect voice quality during a call. Instead, PEF waits until voice handsets are on—hook to perform RF optimization. The external services interface (ESI) allows a wide range of network service appliances to be co—located with Aruba Networks Mobility Controllers™ to provide their services to clients on the network. These centrally—enabled appliances provide services like virus protection, content inspection and filtering, intrusion detection and prevention, content transformation and protocol—based bandwidth shaping. Aruba Networks Mobility Controllers™ are purpose—built for high—speed processing of network traffic with dedicated hardware for control processing, network traffic processing and encryption.
Aruba Networks Application Visibility
The AppRF™ dashboard gives IT a simple, powerful view of mobile app usage and performance on the WLAN. Aruba Networks™ mobility or virtual controllers display and categorize applications in use, which can be sorted by user role, application, network and other criteria. This information can be used to troubleshoot application performance in real—time, set global WLAN policies, and plan for future growth. For longer—term historical data, Aruba Networks AirWave™ network management can aggregate up to two years of data from multiple Aruba controllers. Aruba Networks PEF™ features controls that optimize WLAN bandwidth utilization. Role—based policies can limit the maximum amount of bandwidth consumption for a particular user or class of users, and prevents power users from monopolizing network resources. At the same time, traffic management policies can guarantee minimum amounts of bandwidth for devices to ensure that users stay productive. On WLANs, Aruba Networks PEF™ optimizes performance—robbing broadcast and multicast traffic to improve application performance.
Features And Benefits
Aruba Networks PEF™ extends fine—grained control over of users from authorization and authentication servers. Controls such as automatic disconnection from the network, role reassignment, and dynamic updates of firewall policies can be enabled. This functionality is enabled by two application programming interfaces (APIs)—IETF standard RFC 3576 and a simple yet flexible XML—based API. Both APIs allow external systems to exert user and policy control over Aruba Networks Mobility Controllers™. Aruba Networks AppRF™ technology distinguishes corporate applications like Box from personal applications like Apple FaceTime, even when they are running on the same mobile device. Network services—like Apple AirPrint™ and AirPlay™—Aruba Networks™ optimizes IP multicast video traffic and automatically prioritizes services, and adds policy controls. Many web—based applications use the same port to communicate with clients and appear as HTTP traffic. Aruba Networks AppRF™ technology resolves the destination address to identify unique applications like Facebook™, Twitter™, Box™, Cisco WebEx™ and hundreds of others.
You must be logged in to post a comment.