Blogs

Auto AP Placement: The Full Breakdown + Live Demo

By Aiman Patel posted 13 days ago
Indoor positioning can feel complex, especially when you're trying to manually place APs accurately on a floor plan. To simplify this process, I’ve created a 12-minute end-to-end walkthrough of AP Auto Locate : a practical guide that covers everything you need before enabling automated AP placement in your AOS10 environment. What This Video Covers This short but comprehensive overview walks you through: Prerequisites : What you need configured in AOS10 before enabling Open Locate. System Setup : Enabling Open Locate services, validating configurations, and preparing your environment. Live Demo : A real-time demonstration ...

Mapping the Threat Landscape of Legacy Active Directory

By Threat_Labs posted Dec 18, 2025
Mapping the Threat Landscape of Legacy Active Directory For over two decades, system administrators have relied on Active Directory (AD) and the Lightweight Directory Access Protocol (LDAP) as authoritative solutions for managing authentication and authorization to LAN-based resources. Originally designed as an intuitive method for provisioning access rights to users, the continued iteration of AD has introduced tooling that provides granular access control, allowing admins to tailor privilege delegation for specific use-cases. This has cemented AD as one of the most powerful tools in modern enterprise networking and made it a necessary component of many organizations’ ...

What’s new in Central (December 2025): Client onboarding card, health metrics, Networking copilot and many more.

By IshaniC posted Dec 18, 2025
This release brought significant updates across monitoring, configuration, and reporting workflows. Following are the standout features: Client onboarding card - Displays the total number of clients successfully onboarded out of all connection attempts over selectable time periods (3 hours, 1 day, 7 days, 30 days). This metric helps assess overall network onboarding health and provides detailed reasons for unsuccessful connection attempts, enabling targeted troubleshooting. HPE Networking copilot - An AI-powered assistant designed to enhance troubleshooting and operational efficiency. Copilot enables natural language queries across network components ...

Announcements from Discover Barcelona

By Jamie E posted Nov 24, 2025
HPE Discover Barcelona kicked off this week to a sold-out crowd, showcasing the debut of HPE and Juniper as a unified organization , highlighting the strength of the combined portfolio and rapid self -driving net work advancements on the big stage and in the press . On Wednesday mor ning , HPE announced the first integrations between the HPE Aruba Networking and HPE Juniper Networking portfolios, including the availa bility of the Mist Large Experience Model ( LEM ) in HPE Aruba Central, the upcoming availability of HPE Aruba Networking’s ...

What’s new in Central (November 2025) – Significant improvements to network configuration

By IshaniC posted Nov 21, 2025
This month is feature packed with brand new configuration workflows for Central, now generally available for all. Configuration has been rearchitected to be more modular to help simplify and reduce configuration drift. It evolves from a group-based model to a unified workflow, reducing configuration steps by up to 80% in some cases. This update significantly streamlines operations across all wired, wireless and gateway devices. Previously, admins had to switch between groups for configuration and sites for monitoring—adding extra clicks and complexity. While the group-based configuration model continues to be available, new workflows introduce a more consistent ...

Don’t Panic: Cybersecurity Assessments for Network Engineers

By Threat_Labs posted Nov 20, 2025
Don’t Panic: Cybersecurity Assessments for Network Engineers Introduction Security is difficult in the best of times. It’s hard enough to keep the IT infrastructure running, and organizations can’t watch everything and know everything about the latest security panic. They often need help from outside organizations that have specialized security expertise. The help usually comes in the form of periodic assessments of organizational security posture, usually called a security audit or assessment. This article will try to demystify the security assessments for network engineers. It will talk about what security audits are, and how the network team can get ...

Inside SD-Branch: The Tunnel Orchestrator

By n_laura posted Nov 04, 2025
Before any routing or security policies can come to life, something far more fundamental must happen: the network must be able to connect securely and intelligently . That foundation is built by the Overlay Tunnel Orchestrator (OTO) , the component that discovers every uplink in your environment, matches it to the right peer, and creates the encrypted fabric that every SD- WAN service rides on. The SD-Branch Orchestrator isn’t limited to one architecture. It can automatically build the topology your deployment requires— Hub & Spoke, Hub Mesh, or Branch Mesh —each serving a distinct ...

What’s new in Central (October 2025): major NAC enhancements, client health card and more…

By IshaniC posted Oct 23, 2025
Here are five standout features from the October release of Central that continues to prove how we uplevel the operator experience by delivering streamlined workflows and integrated security. Central Network Access Control (NAC) is a cloud-based AAA solution that further enhances network security through authentication, authorization, and visitor access management. Central NAC core features are with our foundational license, while advanced capabilities—like Bring Your Own Certificate (BYOC), third-party network access devices (NADs) support, multiple identity providers (IdPs), and granular policy creation - require an add-on NAC pro license. See the ...

Hidden Danger in your Network

By Threat_Labs posted Oct 22, 2025
Hidden Danger in your Network A modern enterprise network is an intricate ecosystem; a wide range of devices from servers, workstations, to IoT gadgets and BYOD hosts presents an ever growing challenge for network administrators. Keeping networks both seamless and secure across this complex environment requires vigilance and awareness. And while core services like DNS and DHCP are fundamental to your network, their IPv6 versions can introduce significant and often overlooked security vulnerabilities, even if you haven’t formally adopted IPv6. The Rise of Dual-Stack The journey from IPv4 to IPv6 has been long, and is still very far from “complete”. Standardized ...

Unlocking Visibility, Security, and Resilience with CX10K: From Observability to Automation

By dchowdhu posted Oct 11, 2025
Modern data centers are no longer static networks of switches—they are distributed, service-aware systems where compute, storage, and network boundaries blur. As applications adopt microservice architectures and east–west traffic becomes dominant, traditional switching models fall short in providing the visibility, enforcement, and automation required to maintain performance and security at scale. The Aruba CX10000 (CX10K) redefines this paradigm by integrating stateful services directly into the switching fabric through its DPU-accelerated architecture. Unlike conventional leaf–spine switches that rely on external firewalls or middleboxes, the CX10K delivers ...

Why SD-Branch?

By n_laura posted Oct 02, 2025
Aruba’s Wi‑Fi, dynamic segmentation, and role-based access controls are widely known — but what often goes unnoticed is the orchestration layer that ties everything together. At the c ore of that is the SD‑Branch Orchestrator — the engine behind tunnel automation, routing intelligence, and policy consistency across WAN and LAN. It’s not just about security — it’s about making the entire network stack smarter and easier to operate at scale. If you’re not too familiar with how it works — or where to start — you’re in the right place. This article kicks off a series focused on the networking side of SD-Branch. ...

Why SD-Branch?

By n_laura posted Oct 01, 2025
Aruba’s Wi‑Fi, dynamic segmentation, and role-based access controls are widely known — but what often goes unnoticed is the orchestration layer that ties everything together. At the c ore of that is the SD‑Branch Orchestrator — the engine behind tunnel automation, routing intelligence, and policy consistency across WAN and LAN. It’s not just about security — it’s about making the entire network stack smarter and easier to operate at scale. If you’re not too familiar with how it works — or where to start — you’re in the right place. This article kicks off a series focused on the networking side of SD-Branch. ...

What’s new in Central (September 2025): Wi-Fi location analytics and over 30 new health alerts

By IshaniC posted Sep 26, 2025
As a reminder, a definitive list of new features in HPE Aruba Networks Central can always be found in our release notes . For the September release, we’re highlighting several advancements to related to contextual observability — instrumental in delivering a smarter network experience. Wi-Fi based location analytics Optimize operations, enhance customer experiences, and make smarter, data-driven decisions with built-in location analytics. This feature is available with Foundation and Advanced licenses.- no additional license required. Leverage WLAN signals for insights into client behavior and movement patterns. 30+ new health alerts ...

What’s new in Central (August 2025): Firmware management, deeper insights and more..

By IshaniC posted Sep 26, 2025
Dozens of features are introduced to HPE Aruba Networking Central every month and a definitive list can always be found in our release notes . Highlighted feature updates for August focus on purpose-built AI and intuitive Streamlined firmware management observability – core pillars of the Central experience. Streamlined firmware management - Accessed through AI Insights card, our improved firmware recommender provides a centralized dashboard to create and manage firmware policies, monitor upgrade status in real time, and ensure version compliance at scale. Flexible scheduling and upgrade options help reduce manual effort and minimize operational ...

From Ransomware to Resilience: How the Network Becomes Your Strongest Defense

By dchowdhu posted Sep 24, 2025
The modern data center faces a dual challenge: delivering the performance and agility required by AI, cloud-native, and mission-critical workloads—while also standing resilient against ransomware and advanced threats. Traditional perimeter defenses and bolt-on security layers are no longer enough. This is why HPE Networking places security at the very heart of the fabric itself. With the HPE CX 10000 (CX10K), customers gain a distributed services switch that combines high-performance ToR switching with near line-rate microsegmentation, L4 stateful inspection, and DDoS protection built directly into the hardware. Building on this foundation, HPE Networking ...

HeadIWin: Why Secure Boot and the Hardware Root of Trust Matter

By nstarke-atl posted Sep 16, 2025
For many different valid reasons, people look for software solutions that provide a robust degree of privacy and security to protect themselves online. Many users who rely on these privacy solutions though do not understand that if the underlying system is compromised, the privacy and security provided by the software is completely negated – leaving users who think they are protected at risk. In recent years there has been an increased amount of attention paid to Hardware Root of Trust vulnerabilities as more systems have support for Secure Boot and related technologies. These vulnerabilities often seem esoteric in that they rarely come with proof-of-concept ...

Web content and reputation classification in the age of ECH and QUIC

By sperez posted Jul 30, 2025
W eb content and reputation classification plays a critical role in enforcing security policies and protecting users from threats. Attackers increasingly host malware, phishing kits, and command-and-control infrastructure on legitimate-looking websites. Being able to identify and categorize traffic, even without inspecting encrypted payloads, is essential. Whether it's blocking access to high-risk domains and known malicious websites (phishing, malware, etc.) or preventing access to content not suitable for work environments (adult websites, gambling, etc.), classification allows network and security teams to determine which applications and web destinations ...

New UK Cluster Now Live for Central

By TheDreadedMarketer posted Jul 24, 2025
The newest UK cluster is up! It is purpose-built to meet the data sovereignty and compliance needs of UK-based customers. Designed to ensure that data remains within the region, it aligns with local security and privacy regulations. This is a fully operational production cluster (not a proof-of-concept) and is already serving anchor customers with low-latency, high-performance access. It provides a reliable and secure foundation for organizations that prioritize regional data control. View all available Central clusters

The Cost of Convenience: Multicast DNS and Your Privacy

By Threat_Labs posted Jul 22, 2025
The Cost of Convenience: Multicast DNS and Your Privacy Every time you connect to a Wi-Fi network, there’s a hidden risk to you and your device’s privacy, all thanks to a networking protocol designed to make life easier. Let’s explore Multicast DNS (mDNS) and the ways that ease-of-use networking can introduce security risks. Modern networking has become a complex labyrinth of moving parts that can be a headache to navigate. As enterprises continue to introduce new technologies and devices into their LAN infrastructure, making sure that everything can communicate effectively brings new obstacles. While larger organizations have dedicated infrastructure to ...