Aruba SD-Branch and Microbranch integration with Palo Alto Prisma Access
The SD-Branch and Microbranch solutions are part of Aruba’s Edge Services Platform (ESP), a key evolution of end-to-end network architecture, especially when it comes to edge-to-cloud security. ESP provides a unified infrastructure with centralized management that leverages artificial intelligence (AI) for improved operational experience. This helps customers enable a Zero Trust security policy on their existing infrastructure.
Security is an integral part of the Aruba ESP solution. First, because the solution is built from the ground up to be completely policy-driven (or, in Aruba terms, role-based). Secondly, because of the fact that in most cases branches will be directly exposed to the Internet, which will require very robust hardening policies. And lastly, due to the firm belief that “best-of-breed” layered security should also be built around branch networks.
This Zero Trust approach to security complements with Palo Alto Prisma Access in building a fully orchestrated SASE Architecture.
About this technical note
This Technical Note focuses on the orchestrated integration between HPE Aruba Networking SD-Branch and Microbranch with Palo Alto Prisma Access managed by Strata Cloud Manager. While the design concepts and topologies described in this document are generally applicable to any integration between SD-Branch or Microbranch with Prisma access, the “deploy” section is just focused on the orchestrated deployment.
There are also manual or semi-automated integrations avalable. Gateways and Microbranches can also be integrated with Prisma Access using “Custom” as the vendor in Cloud Connect, and Gateways can aditionally use manually configured IPsec tunnels. For guidance on how to configure those options, please refer to the HPE Aruba Networking Central documentation: