Aruba Dynamic Segmentation

Built-in identity-based access control to automatically apply consistent policies for Zero Trust and SASE security from edge-to-cloud.

Security challenges impeding digital acceleration?

As users become more decentralized and IoT devices flood the network, attacks are more sophisticated and present unique security challenges:
  • With IoT everywhere, limited visibility and inaccurate fingerprinting leads to network blind spots.
  • Manual, VLAN-based approaches to segment and enforce access control policies are resource-intensive and do not scale as your network grows.
  • Adoption of new network topologies like VXLAN and cloud for greater scale often involves extensive rip-and-replace.

Secure your network with Aruba Dynamic Segmentation

There’s a better way to simplify and secure your network with access policies that do not depend on how a user or device is connected.

Icon for identity-based access privileges Identity-based access privileges

Identity-based access privileges

Dynamic Segmentation establishes least privilege access to applications and data by segmenting traffic based on identity and associated access permissions.  This is a fundamental concept of both Zero Trust and SASE frameworks.

Icon for automation Overlay-based automation with Aruba Central NetConductor

Overlay-based automation with Aruba Central NetConductor

Aruba Central NetConductor offers cloud-native network security services that enable global policy management and automated network configuration with business-intent workflows. It uses an intelligent EVPN/VXLAN overlay to facilitate distributed Dynamic Segmentation at global scale with policies that are enforced inline and continuously monitored.

Drawn icon of three arrows pointing left, right and up out of the shape of a shield Flexible choice of overlay

Flexible choice of overlay

Dynamic Segmentation offers a choice of two enforcement models – centralized and distributed, that can co-exist and be flexibly adopted. Centralized Dynamic Segmentation uses GRE tunnel-based overlays and is enabled by Aruba Policy Enforcement Firewall that runs natively on Aruba infrastructure, along with ClearPass Policy Manager.

Icon for AI-powered client visibility AI-powered client visibility

AI-powered client visibility

Go beyond traditional identification and profiling techniques with Client Insights on Aruba Central. Client Insights is an agentless solution that uses native infrastructure telemetry and machine learning to detect and profile every connected client so you can assign appropriate policies.

Related products and solutions

Screenshot of NetConductor

Aruba Central NetConductor

  • EVPN/VXLAN based intelligent network overlay
  • Cloud-native network configuration and security services
  • Business-intent based workflows

Aruba ClearPass Policy Manager

  • Role-based network access enforcement across multi-vendor networks
  • Multiple authentication and authorization sources
  • Comprehensive integration with Aruba 360 Security Exchange Program

Aruba Gateways and Controllers

  • Enforcement with Policy Enforcement Firewall (PEF) across wired and wireless networks
  • High performance traffic and data routing
Aruba CX 6400 switch series

Aruba Switches

  • Performance, scale and intelligence for modern enterprise networks
  • Secure segmentation of wired user and IoT traffic

Ready to get started?