All Blogs

Ostrich or Eagle - Wireless IDS

By Dan_C posted 5 days ago
Wireless Intrusion Detection with HPE Networking Aruba Central Introduction For network visibility, some bury their head in the sand like an ostrich. In today's security landscape though visibility is everything so flying high like an eagle with a wide view of attack surfaces is paramount to delivering the best security for your organsiation. The world continues to use wireless more and more as its primary connection method for clients. HPE Aruba Networking uses Zero Trust Security (ZTS) key principals to promote and ensure security. The principals include: Control over internal access Role and context-based control Continuous monitoring and ...

What’s new in Central (April 2026) – Critical ports down alert, VLAN overlay in topology view, floorplan enhancements and many more.

By IshaniC posted 7 days ago
As we gear up for MFD and Discover 2026, another release is here. This post highlights a few standout updates: Critical port down generates an alert when an important network port experiences issues such as being administratively disabled or going offline. This helps quickly identify connectivity problems on critical interfaces, enabling faster troubleshooting and reducing the risk of service disruption VLAN overlay in topology view - The Layers panel is now organized into clearer sections, making the topology view easier to use. Filters can be selected to display only the information needed for better visibility into network connections. The VLAN ...

The Next Generation of Hospitality Wi-Fi: Introducing the HPE Networking 720H Series Hospitality Access Points

By rajraj posted 8 days ago
The Next Generation of Hospitality Wi-Fi: Introducing the HPE Networking 720H Series Hospitality Access Points The hospitality industry is changing fast. Guest expectations are higher, device density continues to grow, and IoT ‑ based automation is becoming standard. As a result, reliable, high ‑ performance connectivity is no longer optional — it is a baseline requirement that directly affects both guest experience and day ‑ to ‑ day operations. At the same time, connectivity at the edge is no longer limited to Wi ‑ Fi. Guest rooms and branch locations require Wi ‑ Fi, wired Ethernet, and IoT connectivity to coexist seamlessly. Treating these as separate ...

Security Where Traffic Flows: Why CX10K and CX10040 Redefine Microsegmentation Beyond Host

By dchowdhu posted 16 days ago
As modern data centers evolve to support AI workloads, cloud-native applications, distributed services, and mission-critical enterprise operations, security can no longer remain a function bolted onto the perimeter. The majority of enterprise traffic today is east-west—application-to-application, workload-to-workload, database-to-service communication happening inside the data center fabric itself. This is where ransomware spreads, lateral movement occurs, and operational risk becomes business risk. Traditional approaches to microsegmentation have often addressed this challenge through hypervisor overlays, host-based security agents, and software-defined security ...

Bumblebee Malware Attack Demo

By Threat_Labs posted 23 days ago
In this episode of the HPE Threat Labs attack demo series, we demonstrate how threat actors use Bumblebee malware to conduct a multi-staged attack from initial phishing to full malware deployment. For more information about HPE Threat Labs, visit: hpe.com/hpe-threat-labs

HPE Aruba Networking Hardening Guides: Your Practical Playbooks for Attack Surface Reduction

By pjortiz posted 29 days ago
Picture this : your network team just discovered an unauthorized access attempt on a critical switch. The attacker tried default credentials first; and they worked. Then they moved laterally through an unsegmented management network. Your SIEM? Silent, because nobody configured external logging. In thirty minutes, what should have been a non-event became a full-blown incident requiring forensic analysis, executive briefings, and uncomfortable questions about "basic security controls." This scenario plays out more often than anyone wants to admit. The irony? HPE Aruba Networking publishes comprehensive security hardening guides for every major platform ...

Why Wi-Fi Design Day Matters

By cheriemartin posted Apr 09, 2026
Contribution by Dobias van Ingen (@ Dobias van Ingen) Community, curiosity, and doing Wi-Fi properly (with a bit of fun along the way ☕️📡 ) If you’ve ever tried explaining co-channel contention or roaming behavior at a dinner party, you know how quickly the room empties. 😅 But put a few hundred Wi-Fi professionals in a theatre, add real deployment stories, a shared passion for getting things right , and suddenly those conversations are not just welcome, they’re the main event. That, in a nutshell, is Wi-Fi Design Day . Ahead of this year’s Wi-Fi Design Day London (April 16, 2026), I sat down with Matt Starling ...

The PHY-ast and the Fi-rious

By Dan_C posted Apr 02, 2026
Introduction Reliability is important, but most consumers of Wi-Fi are more like Dominic Toretto and live their life one quarter mile at a time and always want their Wi-Fi (or 10 second car) to go as fast as possible. In this post I wanted to highlight ways to consider Wi-Fi speeds and AP selection. There are many options to increase the speed or throughput of Wi-Fi and selecting the best AP for the job is important. There may be trade-offs sometimes with costs and requirements but it's always best to get the requirements for your environment set. Firstly, with all the spec sheets out there, how can you tell what AP is best for your requirements? In this ...

Release the JBOR! - Wi-Fi Survey Tools

By Dan_C posted Apr 02, 2026
Introduction Wireless surveys are important in the planning, troubleshooting, and the validation of a Wi-Fi deployment. The Wi-Fi software survey solutions available today for surveys are excellent in the planning and design aspect of a Wi-Fi deployment adding the input from a survey device is critical for the troubleshooting and validation of Wi-Fi deployments. Adding a JBOR (Just a bunch of radios) to provide input from the live environment can strengthen problem finding and the validation of a deployment. Of course, calling it a JBOR is a play on words I temporarily borrowed from storage terminology like JBOD (Just a bunch of disks) and others. A survey ...

Get Ready, Airheads: HPE + Juniper Networks Unite to Unleash the Future of AI-Native Networking

By cheriemartin posted Apr 01, 2026
Punch your free ticket to one of the hottest events in tech, HPE Networking Days. A new era begins as HPE and Juniper Networks come together to deliver a next-generation event series designed for the innovators, builders, and hands-on pros who keep our world connected. Hey Airheads! I’m excited to share what’s coming with HPE Networking Days 2026. If you’ve attended before, you know these events are where breakthrough technology meets real-world expertise. This year, we’re taking things to a new level. For the first time, we’re bringing together the very best of HPE and Juniper Networks in one unified series, packed with deeper ...

It Takes Two to Tango - Discovering Wireless Client Capabilities

By Dan_C posted Mar 22, 2026
Introduction Want to enable new Wi-Fi features in your environment? How do you confirm your clients supported features? There are several optional features to enable on your wireless clients to best experience. Some of the common features not generally enabled by default are client roaming. As a quick summary, the common roaming standards are: · 802.11r - Fast Basic Service Set Transition (FT) o Also referenced as Over-the-Air and Over-the-DS Fast Transition o Shrinks the reassociation time from seconds to tens of milliseconds through reduced authentication time. · 802.11k – Radio Resource Management ...

What you Need to Know About Network Security and Federal Certifications

By Threat_Labs posted Mar 19, 2026
If you are a commercial or public-sector organization evaluating network or network security products, it is common to hear that a product is “FIPS certified” or uses “FIPS- validated cryptography” as a selling point. Sometimes commercial customers may even be told that a product is “Common Criteria validated” or “on the DoD Approved Product List,” with the implication that said product is “good enough for the intelligence community or the U.S. Army, so it’s good enough for you.” One way in which the nature of federal certifications may arise is in the context of network security. Network security refers broadly to the architectural principles and everyday ...

2026 Airheads Community MVPs

By Jamie E posted Mar 17, 2026
It’s time to announce the 2026 Airheads Community MVPs! Thank you to everyone who contributed and helped their peers throughout the community this year. Whether it was sharing best practices, helping troubleshoot issues, or guiding someone through a configuration change, your willingness to support others continues to make the Airheads community an incredible place to collaborate and learn. Among all of our contributors, there were several members who went above and beyond—consistently stepping in to help others, sharing deep technical knowledge, and strengthening the community through their expertise and generosity. The group of you that stood out through ...

It's Beacon-ing to look a lot like a distribution system issue

By Dan_C posted Mar 06, 2026
Introduction Like many network people, I use WLAN scanner software to view surrounding wirlesss networks. I specifically use Wi-Fi Explorer Pro 3 by Intuitibits when I have my MacBook as a tool to scan, investigate, and troubleshoot wireless networks. Recently from reviewing upgrade features in Version 3.9.3 ( WiFi Explorer Pro 3 Release Notes - Intuitibits ) of Wi-Fi Explorer Pro 3, I noticed a new feature specifically related to Aruba - Adds support for the Aruba AP Health vendor-specific element . I immediately wanted to investigate this to see what it can do which led me to review Aruba release notes. I found that in AOS10.8 ( What's New ) the AP Health ...

Exciting things are in store for the Airheads Community

By lright posted Mar 04, 2026
We’re pleased to share that Airheads is expanding and welcoming new members from Juniper Networks. This next chapter builds on the strength of the community you know and trust and opens the door to even more opportunities to learn, connect, and collaborate across the networking ecosystem. We’re kicking things off with a n Networking Days Roadshow event series that brings t he combin ed expertis e of HPE Aruba Networking and Juniper closer to you. As we grow, what you rely on today remains unchanged. Existing forum discussions stay exactly as they are, and all new ...

DNS Tunneling: The Hidden Highway Out of Your Network

By Threat_Labs posted Mar 02, 2026
DNS Tunneling: The Hidden Highway Out of Your Network Imagine this: it’s a quiet Thursday afternoon. You’re quietly analyzing the latest threats from your EDR and firewall consoles, checking all alerts of outbound calls to strange addresses. Every one of them has been blocked. Yet, even as you sip your coffee, a vicious malware is spreading across the entire enterprise network, a crippling and expensive ransomware attack imminent. This malware is not operating in the dark: it has an open phone line back to its masters. But this line is not a TCP connection you will see on your firewall. It is passing undetected, hidden deep inside a torrent of DNS queries, ...

Meet the Community team

By lright posted Feb 24, 2026
Hello everyone! I'm Lydia ( @ lright ) - I've just officially joined the Communities team here at HPE as Senior Community Marketing & Operations Manager, and I'm thrilled to be here! Who am I? I am a marketer (😱 scary, I know) with a background in development and programming and a love of organization and minimalism (and fantasy 🧙 and sci-fi 🛸) that I've brought into operational roles. I'm also an Aruba Networks veteran, having started back in 2012 as our webmaster. I've have been involved with the Airheads Community on and off for years - you may even have seen or met me at Aruba Atmosphere or HPE ...

Inside HPE Threat Labs: Where threats meet their match

By Threat_Labs posted Feb 09, 2026
Inside HPE Threat Labs: Where threats meet their match Picture this: Your phone buzzes at 6:07 a.m. A new high severity CVE drops. You haven’t even had time for your morning coffee . The questions are straight forward. What is happening? How is the attacker moving? Which control should tighten right now? That cuts to the spirit and intention of HPE Threat Labs. We aren’t here to provide a 200 page theory, but rather distill insights that can be turned into action: patch this, block that, monitor here, harden there. Say hello to the new HPE Threat Labs , our dedicated hub for security threat research and ...

Blackbyte Ransomware

By camilla.ahlquist posted Feb 04, 2026
Threat Description Blackbyte has been known to be a Ransomware-as-a-Service (RaaS) since July 2021. It was reported that it was used in infecting organizations in at least three US critical infrastructure sectors — government facilities, financial, and food and agriculture — as well as others outside the US. The San Francisco 49ers was attacked by BlackByte and it was reportedly exfiltrated 300MB, but nothing to do with customer data. They publish stolen data on a .onion web site Sha256: 1df11bc19aa52b623bdf15380e3fded56d8eb6fb7b53a2240779864b1a6474ad   Back in October 2021, cybersecurity firm Trustwave created ...

StealC Malware

By camilla.ahlquist posted Feb 04, 2026
Executive Summary StealC is a commodity information‑stealer offered as Malware‑as‑a‑Service (MaaS). It emerged in early 2023 and has evolved with newer versions introducing RC4‑protected strings and traffic. It targets browser credentials, cookies, autofill data, crypto‑wallets, and messenger tokens. Distribution typically occurs via malvertising, SEO‑poisoned download sites, and phishing campaigns. Malware Family: StealC Sample SHA‑256: 95a6054ae187f3c968ad 3a7832aa05c413dd00b7c6feaec42bb74349a97471b0 The analyzed sample executed a short‑lived loader that: Spawned two child binaries in the user’s Documents folder. Harvested Chromium/Firefox/Edge ...