HPE GreenLake Cloud Gets ‘Emergency Switch’ As HPE Aruba Networking Central Gets ‘Next-Gen’ NAC Infusion
‘[HPE has] really continued to build the entire portfolio around security and they continue to deliver on that, with the latest announcements around [HPE Aruba Networking] Central with the addition of virtual private cloud, and the ClearPass integration into Central,’ one partner tells CRN of the latest security enhancements revealed at RSA 2025.
HPE is stepping up its hybrid cloud security game, especially as networking and security become increasingly tightly connected, the company revealed at RSA 2025.
The networking giant is specifically injecting more zero trust security elements into both HPE Aruba Networking Central, the company’s flagship network management tool, and the HPE GreenLake Cloud as HPE shores up connectivity and hybrid cloud operations, said Larry Lunetta, vice president of AI, security and networking product marketing for HPE Aruba.
HPE is also adding network access control directly into the HPE Aruba Networking Central platform, the company told CRN.
“Increasingly, the security and networking teams are working closely together,” Lunetta said. “In essence, we believe the network is becoming a security solution and a part of the cybersecurity ecosystem that organizations put in place to protect themselves, and that’s a competitive advantage for us.”
[Related: HPE Aruba Networking Central: Now With Virtual Private Cloud, On-Premises Deployment Options]
HPE GreenLake for Private Cloud Enterprise, the company’s platform that offers a private cloud with a public cloud experience for those applications that either businesses prefer not to run in a public cloud, or which cannot be migrated to a public cloud, can now secure private and sovereign cloud infrastructure with air-gapped cloud management.
HPE Private Cloud Enterprise with air-gapped management is delivered by HPE security-cleared personnel and lets enterprises operate air-gapped in perpetuity without validation to an external cloud platform. Down the road, HPE will let enterprises to run cloud-native, Kubernetes-based workloads with air-gapped management, according to the company.
The new access controls revealed on Tuesday for sovereign and private cloud infrastructure includes new technology that temporarily disconnects from the public internet when network threats are detected, HPE Aruba said.
“What customers have asked us for is basically the emergency switch,” Lunetta said. “If [enterprises] detect that there may be a threat in the environment, they want to disconnect that on premises stack from the cloud and isolate it so that their critical data and operations aren’t subject to the threat that they’ve detected … We have a whole environment now where we can still operate effectively in disconnected mode, and when the threat passes, we can securely reconnect.”
The new cloud security features are aimed at helping enterprises move to a hybrid cloud environment, while protecting themselves in the process, Lunetta said.
Announced earlier this month, HPE Aruba Networking Central can now support four distinct deployment options, including virtual private cloud and on-premises, to help enterprises and government entities satisfy regulatory constraints and adherence to stringent security standards such as GDPR, FINRA, and SOX, the company told CRN.
The Networking/Cybersecurity Connection
On the secure connectivity side, the new cloud-based access control that’s been added to HPE Aruba Networking Central treats users, devices and applications as potential threats until verified, the company said.
The new offering, HPE Aruba Networking Central Network Access Control (NAC), join the existing security features baked into HPE Aruba Networking Central, including its Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) features, as well as AI-powered observability and microsegmentation, HPE Aruba said.
“NAC no longer is a separate application or function. It’s integrated into the standard network workflows and set up by and in conjunction with the security team,” Lunetta said.
NAC, said Lunetta, has been around for years, but it’s morphed into a representation of zero trust. This so-called “next-generation NAC” includes a new policy manager and a more integrated set of enforcement with HPE’s networking capability.
“We can now define policies. Typically, network access control has been about roles — I’m an employee, I’m in marketing, I’m a data scientist, etc. — but now we can get much more granular and much more precise in terms of the policies that can be written to govern access control down to the user device and application level,” he said.
The reason it’s important is because if a user’s credentials have been compromised, the blast radius associated with that compromise is much more contained, Lunetta said.
HPE Aruba’s ClearPass, the company’s appliance-based longstanding NAC solution, is still a strong offering for HPE and a “door opener” in many cases for the company, but increasingly, businesses are looking for full integration, which HPE Aruba Networking Central Network Access Control offers, he said.
“ClearPass being built into [HPE Aruba Networking Central] I would say is the biggest requested feature we have with customers,” said Ryan Young, CTO of HPE partner Vandis. “This announcement is the next step for ClearPass. It’s been a long time coming.”
The underlying fabric of HPE Aruba’s wireless portfolio has been ClearPass, Young said. “This announcement is pretty extraordinary, because it’s going to modernize an application that has largely stayed pretty static in the last 4-5 years.”
Vandis, based in Albertson, N.Y., is a “security-first” solution provider. It’s why the company chose to partner with Aruba Networks prior to HPE’s acquisition of the company as Aruba always had security at the heart of its networking portfolio, and it’s the reason the firm has stayed working with HPE, Young said.
“They’ve really continued to build the entire portfolio around security, and they continue to deliver on that, with the latest announcements around [HPE Aruba Networking] Central with the addition of virtual private cloud, and the ClearPass integration into Central. All of this is continuing to enable and make our customers lot easier,” he said.
The company has also added DDoS defense capabilities to the HPE Aruba Networking EdgeConnect SD-WAN offering as part of its integrated, single-vendor SASE solution, Lunetta said.
A free license for HPE Aruba Networking Private Edge is now included with every ZTNA customer, the company said.
