The ArubaOS operating system for Aruba Mobility Controllers, Mobility Access Switches and access points (APs) perform security and system administration, as well as hardware-based routing, switching, firewall and data encryption capabilities.
Uniquely designed to accelerate wireless LAN (WLAN) performance and reliability, ArubaOS Adaptive Radio Management (ARM) technology optimizes Wi-Fi client behavior and automatically ensures that Aruba APs stay clear of radio-frequency (RF) interference.
ArubaOS supports optional software modules, including the Policy Enforcement Firewall™ (PEF™), RFProtect™ wireless intrusion protection and spectrum analyzer, Suite B cryptography and xSec™ advanced Layer 2 encryption.
Aruba’s Policy Enforcement Firewall (PEF) module for ArubaOS delivers ICSA-certified stateful firewall network security and enables role-based access control for wired, wireless and VPN users.
PEF enforces wired and wireless network access policies that specify who may access the network, how and when. PEF can also be integrated with external services such as content security appliances, network access control (NAC) policy engines and performance monitors by utilizing its open External Services Interface (ESI).
Aruba RFProtect integrates wireless security into the network infrastructure without requiring a separate system of RF sensors and security appliances and enables government-grade Wireless Intrusion Protection.
RFProtect also includes powerful Spectrum Analyzer capabilities, which provide a critical layer of visibility into non-802.11 sources of RF interference and their effects on 802.11 wireless LAN channel quality. As a result, RFProtect eliminates unwanted wireless threats and interference, while optimizing network performance.
The ArubaOS™ Advanced Cryptography (ACR) module brings military-grade Suite B cryptography to Aruba Mobility Controllers, enabling user mobility and secure access to networks that handle sensitive but unclassified, confidential and classified information.
Approved by the U.S. National Security Agency (NSA), Suite B improves performance, eliminates unwieldy workflows and strict handling requirements, allows interoperability, and supports commercially available mobile devices – all at a fraction of the cost of previous-generation cryptographic methods.
xSec is a highly secure Layer 2 data-link protocol that safeguards all wired and wireless connections using strong encryption and authentication. FIPS compliant, it employs identity-based security to protect extremely sensitive information.
xSec provides tougher security than other Layer 2 encryption methods by using longer keys, FIPS–validated encryption algorithms (AES-CBC-256 with HMAC-SHA1), and encrypting of Layer 2 header information including MAC addresses.
