Aruba ClearPass Device Insight

Full-Spectrum Visibility and Identification of Network Connected Devices

Overview

Aruba ClearPass Device Insight provides a full-spectrum of visibility across the network by intelligently discovering and profiling all connected devices. This includes detailed device attributes such as device type, vendor, hardware version, and behavior including applications and resources accessed. This allows organizations to create more granular access policies, reduce security risks and meet key compliance requirements.

As a part of Aruba’s ClearPass family of industry-leading access control solutions, ClearPass Device Insight provides the visibility needed to make better informed network access control decisions. Integration with ClearPass Policy Manager delivers comprehensive policy control and real time enforcement. This makes the visibility provided by
ClearPass Device Insight actionable and increases the overall level of security and compliance for all devices connected to the network.

KEY FEATURES


• Provides full spectrum visibility of network connected devices to eliminate blind spots

• Behavioral analysis goes beyond traditional hardware-based profiling for precise identification

• Provides risk scoring by analyzing device vulnerability and security posture attributes

• Utilizes advanced machine-learning to identify unknown devices and speed time-to-identification

• Seamlessly integrates with ClearPass Policy Manager for real-time enforcement and accelerated response

• Cloud-based solution simplifies deployment and management for faster time-to-value and cost savings

Core Technologies

 

FULL-SPECTRUM VISIBILITY

ClearPass Device Insight addresses the most stringent visibility requirements for the most diverse network environments. This includes the ability to broadly and accurately identify all wireless and wired devices connected to the network – from traditional IT managed devices to previously undetected IoT devices such as cameras, medical equipment and other hard to detect endpoints.

RICH CONTEXT AND BEHAVIORAL INTELLIGENCE

By utilizing data collection and deep packet inspection techniques, ClearPass Device Insight is able to analyze the characteristics and behavioral patterns of any device and extract specific attributes for each. Some of these attributes include domain name lookup, destination IP addresses, applications accessed, and frequency of communication. These attributes can then be used to identify a device using a set of known fingerprints. If there is not a match, machine learning models are used to group unknown devices that exhibit similar characteristics.

EVALUATING DEVICE SECURITY POSTURE

Understanding the inherent risk of each connected device is a critical component of implementing effective security controls and reducing risk. ClearPass Device Insight provides device risk scoring that is calculated based on a number of device security attributes. These attributes include potential vulnerabilities and related CVE scoring, as well as detailed information related to what security controls are enabled on each device such as a host firewall.

ADVANCED MACHINE LEARNING

ClearPass Device Insight analyzes device attributes including communication and behavior patterns to dynamically build clusters of similar devices. Machine learning models are used to constantly learn and update these attributes to dynamically update fingerprints and provide classification reccomendations. ClearPass Device Insight uses crowd-sourcing technology to validate fingerprints at multiple customer sites before adding them to the Aruba classification database. This increases the precision and comprehensiveness of the classification engine.