Going full-auto: Process automation
Aruba’s Manish Bhardwaj and Honeywell SPS’ Edmond Mikhael breakdown process
Manish Bhardwaj, Senior Marketing Manager, Middle East & Turkey at Aruba
ACN: With the sheer number of mobile-dependant employees now entering the workforce, IT teams are challenged with overseeing the incorporation of numerous devices at any given time. How can automation aid in the on-boarding process of new employees and their devices?
Manish Bhardwaj: In the past IT was the gatekeeper and ruled with a combination of strict policies and a fully-contained ecosystem? Those days are long gone. Today, IT and user-owned devices are connected inside and outside of perimeter security.
Laptops, smartphones, tablets and Internet of Things (IoT) devices are pouring into the workplace and identifying what is on the network is the first step to securing your data. Automated policy enforcement ensures that only wanted users and devices are allowed to connect, and real-time threat protection is required to secure to meet internal and external audit and compliance requirements.
As IT struggles to maintain control, they need the right set of tools to quickly program the underlying infrastructure and control network access for any IoT and mobile device – known and unknown. Today’s automated access security solution must deliver profiling, policy enforcement, guest access, BYOD on boarding, and more to offer IT-offload, enhanced threat protection and an enhanced user experience.
Managing the on-boarding of personal devices for BYOD deployments can put a strain on IT and help desk resources, and can create security concerns. Technologies like Aruba’s ClearPass On-board lets users configure devices for use on secure networks all on their own. Device specific certificates even eliminate the need for users to repeatedly enter login credentials throughout the day.
That convenience alone is a win. The additional security gained by using certificates is a bonus. The IT team defines who can on-board devices, the type of devices they can on-board, and how many devices per person. A built-in certificate authority lets IT support personal devices more quickly as an internal PKI, and subsequent IT resources are not required.
BYOD isn’t just about employee devices. It’s about any visitor whose device requires network access – wired or wireless. IT requires a simple model that pushes the device to a branded portal, automates the provisioning of access credentials, and also provides security features that keep enterprise traffic separate.
ACN: How complex or challenging does it become to form an effective policy engine in a multi-device environment?
MB: Luckily today, technology has evolved to a point that managing a multi-device environment and enforcing polices is no longer a challenge. All this can be done from a single pane of glass. For example Aruba’s ClearPass policy and AAA solution, provides built-in device profiling, a web-based administrative interface and comprehensive reporting with real-time alerts.
All contextual data collected is leveraged to ensure that users and devices are granted appropriate access privileges — regardless of access method or device ownership. The built-in profiling engine collects real-time date that includes device categories, vendors, OS versions, and more. There’s no longer a reason to guess how many devices are connected on wired and wireless networks. Granular visibility provides the data required to pass audits and determine where performance and security risks could come from.
ACN: To what extent does the security stability of each device factor into the device policy and challenge the on-boarding process?
MB: Security is a huge consideration during on-boarding. During the authorisation process, it may be necessary to perform health assessments on specific devices to ensure that they adhere to corporate anti-virus, anti-spyware, and firewall policies. Automation motivates users to perform an anti-virus scan before connecting to the enterprise network.
When considering an on-boarding solution, IT managers should look for features with built-in capabilities that perform posture-based health checks to eliminate vulnerabilities across a wide range of computer operating systems and versions. Solutions that can centrally identify compliant endpoints on wireless, wired, and VPN infrastructures. Examples of advanced health checks that provide extra security including:
- Handling of peer-to-peer applications, services, and registry keys.
- Determination of whether USB storage devices or virtual machine instances are allowed.
- Managing the use of bridged network interfaces and disk encryption.
ACN: What kind of operational efficiencies can you see being achieved by automating the various workflow processes of a business?
MB: Digital transformation requires new, more efficient tools and capabilities that create more agile, simpler environments. These days, enterprises have a combination of traditional data centres, an on premise cloud, and an off-premise cloud as they try to transform to a hybrid infrastructure. IT needs a new operating model to simplify and add new capabilities without increasing complexity.
Automation and orchestration will be the key in the successful transformation of IT infrastructures as enterprises embrace applications in the digital economy. Automation and orchestration also pave the path to the future by simplifying operations, speeding up workloads, lowering costs by heightening efficiency, and enabling the rapid creation of new business models and revenue streams.
As the data centre network becomes even more critical to business success, the infrastructure needs to be automated, rather than letting manual changes and humans get in the way. Network virtualisation allows the same level of agility that we have come to expect from the other components of the data centre infrastructure. To tap the full potential of automation and orchestration, enterprises should seriously consider a vendor that can provide end-to-end solutions from the orchestration layer all the way to the network and can support it in a reliable manner.