Blogs

Announcements from Discover Barcelona

By Jamie E posted 12 days ago
HPE Discover Barcelona kicked off this week to a sold-out crowd, showcasing the debut of HPE and Juniper as a unified organization , highlighting the strength of the combined portfolio and rapid self -driving net work advancements on the big stage and in the press . On Wednesday mor ning , HPE announced the first integrations between the HPE Aruba Networking and HPE Juniper Networking portfolios, including the availa bility of the Mist Large Experience Model ( LEM ) in HPE Aruba Central, the upcoming availability of HPE Aruba Networking’s ...

What’s new in Central (November 2025) – Significant improvements to network configuration

By IshaniC posted 16 days ago
This month is feature packed with brand new configuration workflows for Central, now generally available for all. Configuration has been rearchitected to be more modular to help simplify and reduce configuration drift. It evolves from a group-based model to a unified workflow, reducing configuration steps by up to 80% in some cases. This update significantly streamlines operations across all wired, wireless and gateway devices. Previously, admins had to switch between groups for configuration and sites for monitoring—adding extra clicks and complexity. While the group-based configuration model continues to be available, new workflows introduce a more consistent ...

Don’t Panic: Cybersecurity Assessments for Network Engineers

By Threat_Labs posted 16 days ago
Don’t Panic: Cybersecurity Assessments for Network Engineers Introduction Security is difficult in the best of times. It’s hard enough to keep the IT infrastructure running, and organizations can’t watch everything and know everything about the latest security panic. They often need help from outside organizations that have specialized security expertise. The help usually comes in the form of periodic assessments of organizational security posture, usually called a security audit or assessment. This article will try to demystify the security assessments for network engineers. It will talk about what security audits are, and how the network team can get ...

Inside SD-Branch: The Tunnel Orchestrator

By n_laura posted Nov 04, 2025
Before any routing or security policies can come to life, something far more fundamental must happen: the network must be able to connect securely and intelligently . That foundation is built by the Overlay Tunnel Orchestrator (OTO) , the component that discovers every uplink in your environment, matches it to the right peer, and creates the encrypted fabric that every SD- WAN service rides on. The SD-Branch Orchestrator isn’t limited to one architecture. It can automatically build the topology your deployment requires— Hub & Spoke, Hub Mesh, or Branch Mesh —each serving a distinct ...

What’s new in Central (October 2025): major NAC enhancements, client health card and more…

By IshaniC posted Oct 23, 2025
Here are five standout features from the October release of Central that continues to prove how we uplevel the operator experience by delivering streamlined workflows and integrated security. Central Network Access Control (NAC) is a cloud-based AAA solution that further enhances network security through authentication, authorization, and visitor access management. Central NAC core features are with our foundational license, while advanced capabilities—like Bring Your Own Certificate (BYOC), third-party network access devices (NADs) support, multiple identity providers (IdPs), and granular policy creation - require an add-on NAC pro license. See the ...

Hidden Danger in your Network

By Threat_Labs posted Oct 22, 2025
Hidden Danger in your Network A modern enterprise network is an intricate ecosystem; a wide range of devices from servers, workstations, to IoT gadgets and BYOD hosts presents an ever growing challenge for network administrators. Keeping networks both seamless and secure across this complex environment requires vigilance and awareness. And while core services like DNS and DHCP are fundamental to your network, their IPv6 versions can introduce significant and often overlooked security vulnerabilities, even if you haven’t formally adopted IPv6. The Rise of Dual-Stack The journey from IPv4 to IPv6 has been long, and is still very far from “complete”. Standardized ...

Unlocking Visibility, Security, and Resilience with CX10K: From Observability to Automation

By dchowdhu posted Oct 11, 2025
Modern data centers are no longer static networks of switches—they are distributed, service-aware systems where compute, storage, and network boundaries blur. As applications adopt microservice architectures and east–west traffic becomes dominant, traditional switching models fall short in providing the visibility, enforcement, and automation required to maintain performance and security at scale. The Aruba CX10000 (CX10K) redefines this paradigm by integrating stateful services directly into the switching fabric through its DPU-accelerated architecture. Unlike conventional leaf–spine switches that rely on external firewalls or middleboxes, the CX10K delivers ...

Why SD-Branch?

By n_laura posted Oct 02, 2025
Aruba’s Wi‑Fi, dynamic segmentation, and role-based access controls are widely known — but what often goes unnoticed is the orchestration layer that ties everything together. At the c ore of that is the SD‑Branch Orchestrator — the engine behind tunnel automation, routing intelligence, and policy consistency across WAN and LAN. It’s not just about security — it’s about making the entire network stack smarter and easier to operate at scale. If you’re not too familiar with how it works — or where to start — you’re in the right place. This article kicks off a series focused on the networking side of SD-Branch. ...

Why SD-Branch?

By n_laura posted Oct 01, 2025
Aruba’s Wi‑Fi, dynamic segmentation, and role-based access controls are widely known — but what often goes unnoticed is the orchestration layer that ties everything together. At the c ore of that is the SD‑Branch Orchestrator — the engine behind tunnel automation, routing intelligence, and policy consistency across WAN and LAN. It’s not just about security — it’s about making the entire network stack smarter and easier to operate at scale. If you’re not too familiar with how it works — or where to start — you’re in the right place. This article kicks off a series focused on the networking side of SD-Branch. ...

What’s new in Central (September 2025): Wi-Fi location analytics and over 30 new health alerts

By IshaniC posted Sep 26, 2025
As a reminder, a definitive list of new features in HPE Aruba Networks Central can always be found in our release notes . For the September release, we’re highlighting several advancements to related to contextual observability — instrumental in delivering a smarter network experience. Wi-Fi based location analytics Optimize operations, enhance customer experiences, and make smarter, data-driven decisions with built-in location analytics. This feature is available with Foundation and Advanced licenses.- no additional license required. Leverage WLAN signals for insights into client behavior and movement patterns. 30+ new health alerts ...

What’s new in Central (August 2025): Firmware management, deeper insights and more..

By IshaniC posted Sep 26, 2025
Dozens of features are introduced to HPE Aruba Networking Central every month and a definitive list can always be found in our release notes . Highlighted feature updates for August focus on purpose-built AI and intuitive Streamlined firmware management observability – core pillars of the Central experience. Streamlined firmware management - Accessed through AI Insights card, our improved firmware recommender provides a centralized dashboard to create and manage firmware policies, monitor upgrade status in real time, and ensure version compliance at scale. Flexible scheduling and upgrade options help reduce manual effort and minimize operational ...

From Ransomware to Resilience: How the Network Becomes Your Strongest Defense

By dchowdhu posted Sep 24, 2025
The modern data center faces a dual challenge: delivering the performance and agility required by AI, cloud-native, and mission-critical workloads—while also standing resilient against ransomware and advanced threats. Traditional perimeter defenses and bolt-on security layers are no longer enough. This is why HPE Networking places security at the very heart of the fabric itself. With the HPE CX 10000 (CX10K), customers gain a distributed services switch that combines high-performance ToR switching with near line-rate microsegmentation, L4 stateful inspection, and DDoS protection built directly into the hardware. Building on this foundation, HPE Networking ...

HeadIWin: Why Secure Boot and the Hardware Root of Trust Matter

By nstarke-atl posted Sep 16, 2025
For many different valid reasons, people look for software solutions that provide a robust degree of privacy and security to protect themselves online. Many users who rely on these privacy solutions though do not understand that if the underlying system is compromised, the privacy and security provided by the software is completely negated – leaving users who think they are protected at risk. In recent years there has been an increased amount of attention paid to Hardware Root of Trust vulnerabilities as more systems have support for Secure Boot and related technologies. These vulnerabilities often seem esoteric in that they rarely come with proof-of-concept ...

Web content and reputation classification in the age of ECH and QUIC

By sperez posted Jul 30, 2025
W eb content and reputation classification plays a critical role in enforcing security policies and protecting users from threats. Attackers increasingly host malware, phishing kits, and command-and-control infrastructure on legitimate-looking websites. Being able to identify and categorize traffic, even without inspecting encrypted payloads, is essential. Whether it's blocking access to high-risk domains and known malicious websites (phishing, malware, etc.) or preventing access to content not suitable for work environments (adult websites, gambling, etc.), classification allows network and security teams to determine which applications and web destinations ...

New UK Cluster Now Live for Central

By TheDreadedMarketer posted Jul 24, 2025
The newest UK cluster is up! It is purpose-built to meet the data sovereignty and compliance needs of UK-based customers. Designed to ensure that data remains within the region, it aligns with local security and privacy regulations. This is a fully operational production cluster (not a proof-of-concept) and is already serving anchor customers with low-latency, high-performance access. It provides a reliable and secure foundation for organizations that prioritize regional data control. View all available Central clusters

The Cost of Convenience: Multicast DNS and Your Privacy

By Threat_Labs posted Jul 22, 2025
The Cost of Convenience: Multicast DNS and Your Privacy Every time you connect to a Wi-Fi network, there’s a hidden risk to you and your device’s privacy, all thanks to a networking protocol designed to make life easier. Let’s explore Multicast DNS (mDNS) and the ways that ease-of-use networking can introduce security risks. Modern networking has become a complex labyrinth of moving parts that can be a headache to navigate. As enterprises continue to introduce new technologies and devices into their LAN infrastructure, making sure that everything can communicate effectively brings new obstacles. While larger organizations have dedicated infrastructure to ...

Highlights for Airheads: HPE Discover Las Vegas 2025

By TheDreadedMarketer posted Jul 03, 2025
Longtime Airheads will note that this is the first year that there has been no HPE Aruba Networking Atmosphere. While Atmosphere and Discover were combined last year, this year was all Discover, but there was no shortage of great network content for our Airhead contingent—some of which is now available on demand . HPE Discover Las Vegas offered three curated programs, one of which was networking, showcasing HPE Aruba Networks’ security-first, AI-powered networking solutions. Eight tracks in the networking program covered AI, data center and campus switching, multivendor management, private 5G, Wi-Fi 7, security, and more. There were networking demos, announcements, ...

Ghost in the Network: The Persistent Threat of Multicast Name Resolution

By Threat_Labs posted Jun 19, 2025
Ghost in the Network: The Persistent Threat of Multicast Name Resolution So much of cybersecurity news is dominated by flashy new APTs, CVEs, and malware campaigns that it would be easy to think the field should care about little else but “the next thing”. However, if years of experience penetration testing is any indication, some of the most dangerous and destructive vulnerabilities in medium-to-large organizations are relatively old, poorly understood, and badly configured subsystems. In some cases, there are subsystems and protocols lurking on these organization’s networks that represent existential threats, and they are rarely aware that these threats exist. ...

Leverage HPE Aruba Networking Central status page for enhanced uptime telemetry

By TheDreadedMarketer posted Mar 03, 2025
HPE Aruba Networking Central has launched a dedicated status page that provides real-time visibility into platform health and service degradations across our public SaaS hosting clusters. Updated by our NOC teams and accessible at centralstatus.arubanetworking.hpe.com , this webpage empowers IT teams with instant clarity on operational status, ensuring faster response times and improved trust in network reliability. Key features of the status page Real-time cluster monitoring: Track the operational status of all public HPE Aruba Networking Central clusters, with color-coded indicators: Green: All systems operational Yellow: Service degradation ...