with Aruba ClearPass and CyberHound
The challenge of securing high capacity, transient networks has become increasingly complex with security threats existing on both sides of the network perimeter. Wide-scale use of unmanaged devices, IoT and BYOD is resulting in infected devices connecting to the network more than ever before.
Next Generation Firewalls and Intrusion Prevention Systems are powerful tools in identifying threats, protecting networks and controlling access to data and systems as well as blocking malicious activity. These are however just one element of the overall security fabric a network needs to have in place. In order to address evolving threats, network administrators require additional tools to quickly identify and automate the quarantining or removal of infected devices from the network.
Aruba ClearPass extends a network’s security capabilities by utilising CyberHound’s Intrusion Prevention threat intelligence feed to manage infected devices. With policy-based network controls, Aruba ClearPass can isolate offending devices into a quarantined network, remove devices completely or instigate technical support workflows to assist in the remediation process. All of this happens automatically with policies set for specific actions based on the threat identified.
Download the Integration Guide
This guide covers the setup required to integrate CyberHound’s Advanced Threat Management system with Aruba ClearPass Policy Manager. The integration provides ClearPass with “real time” event messages for devices identified (by CyberHound) as generating malicious network traffic including Malware, Viruses, Botnets, Vulnerabilities, Worms and more.
CyberHound IPS and ClearPass Integration benefits include:
- Hyperscale architecture for high throughput scanning of network traffic for malicious content
- Real-time threat intelligence feeds to Aruba ClearPass for security policy enforcement
- Detection of Malware, Viruses, Botnets, Exploits and more
- Customisable Aruba ClearPass network policy controls
- Automated workflows to remediate infected devices
- Automated device quarantining and removal based on threat severity levels, IPS policy rules and threat categorisation