Simplifying IT through networking innovation

David Hughes, Chief Product and Technology Officer at Aruba Networks. Image courtesy of Aruba Networks.

Naming a tech firm after a tourism hotspot initially seemed like an unusual decision. But after hearing about Aruba Networks co-founder Keerti Melkote’s explanation – that they wished to evoke a relaxing feeling among IT admins who are frantically putting out fires – it made sense.

This, in a nutshell, is the vision of Aruba Networks’ founders: to make a user-centric network rather than port-centric network. 

Last March marked the wireless networking company’s 20th anniversary. It has evolved from a two-person team to a Hewlett Packard Enterprise subsidiary with over 7,000 employees across the globe. And at the tip of the company’s technology spear is David Hughes, its Chief Product and Technology Officer.

Frontier Enterprise recently got in touch with Hughes and asked him many things about networking: connectivity technologies, the influence of digital transformation, digital acceleration in the Asia-Pacific region, innovations that Aruba Networks are cooking up, and so much more.

You founded Silver Peak Systems in 2004, and served as its CTO and CEO for over 16 years. What were the highlights of your time there, and what are the most significant changes you’ve seen since then, specifically when it comes to networking technology?

Silver Peak launched its first product family – the NX series of wide-area-network (WAN) optimisation appliances in September 2005. As the WAN optimisation market matured, we heard from our customers about new challenges they were facing. They wanted to move from traditional multi-protocol label switching WANs to cloud-facing, internet-based networks. However, they were experiencing a variety of hurdles and complexities when dealing with traditional routers and firewalls.

In response, we developed the EdgeConnect SD-WAN portfolio which launched in June 2015, just as the concept of SD-WAN was born. It is gratifying to see so many customers benefiting from the modern WAN architecture. Many organisations are now looking at SD-WAN in the context of their broader networking and security strategy.

Over the last couple of years, the most significant changes have been largely driven by the pandemic. Organisations must support employees that continue to work remotely, they must deal with new business requirements, and be willing to adapt to change at a moment’s notice. The emergence of new threats is making security something that must be intrinsic to the network.

What are Aruba’s top technology challenges in this age of COVID-19? What are its technology goals for 2022?

The last couple of years have taught us many lessons about technology and the purposeful use of it in our lives. As many countries in APAC start easing pandemic-related measures and embrace an endemic mode, there are new challenges that we need to address.

  • First, there is a need to provide secure and consistent connectivity between users and their applications, regardless of whether they are at home, on the road, or in the workplace. User expectations are high; they expect the same experience whether they are at home or back in the office.
  • Second, there are now five times as many IoT devices connected to the network as compared with personal devices. This is driven by digitisation – which the pandemic has accelerated – such that by 2025, we expect the ratio of IoT devices to personal devices to exceed 10:1.

We are very much focused on the quality of life of the IT practitioner and network operator. While technology can often solve problems, it often does so with escalating complexity.

So a major focus for Aruba is to simplify things for the network manager. We are investing heavily in Aruba ESP (Edge Services Platform), which is powered by Aruba Central. By leveraging automation and AI, we aim to eliminate the repetitive and error-prone nature of traditional device-by-device configuration. We can accelerate troubleshooting by processing huge volumes of data to find the needle in the haystack. And we can make sure that security policy is enforced consistently across our products. In many ways, making life easier for the operator is a job that has no end, and one that requires continually raising the bar and driving innovation.

Another way we are simplifying things for IT is with new network-as-a-service (NaaS) offerings. These allow enterprises to purchase networking functions as-a-service, on a monthly basis. This eliminates the big CAPEX hurdle associated with traditional network upgrade cycles. We help customers to adopt new technology and flex up and down, with a predictable monthly spend. Not everyone wants a fully managed service, so we provide the service packs decoupled from deployment and operational services. The IT organisation can decide to do this themselves, or leverage one of our partners that is building a practice around NaaS deployment and management capabilities.

How do you envision SD-WAN will evolve within the next three to five years? How has the increased need for digital transformation affected today’s networking landscape?

Digital transformation has resulted in the rapid and wide-scale adoption of cloud, driven a proliferation of IoT devices, and increased the need to consider security in every facet of the enterprise. The WAN is at ground zero with respect to these trends and we are seeing the traditional router and firewall architectures of the past being replaced by SD-WAN, working in combination with cloud-delivered security services. 

Gartner was early to recognise this trend when they introduced the concept of secure access service edge (SASE) in 2019. They have recently clarified the architecture with the release of the secure service edge (SSE) Magic Quadrant which evaluates vendors for the cloud-delivered components of the architecture: SWG, CASB and DLP. Not surprisingly, none of the “next-gen” firewall vendors are leaders in this new category. Remember they were “next-gen” back in 2008.  

With working from home and the threat of lateral movement between IoT devices in the same L2 network segment, the next-gen firewall-based perimeter is fast becoming obsolete. In its place, we are seeing the rise of networks with implicit security in every device, coupled with advanced SSE services delivered in the cloud. For Aruba, this means extending security from all of our wired and wireless access devices, through our WAN gateways, and across the WAN to the data centre and cloud-based applications. It also means flexible integration with leading SSE vendors to deliver best-practice networking and security. While small enterprises may be willing to compromise with an all-in-one SASE offering, large enterprises will look to take a dual-vendor approach, pairing a best-of-breed SD-WAN partner for the on-prem capabilities, with a fully-fledged SSE partner.

How do you think digital acceleration is faring in APAC, especially when compared with the other regions of the globe? How has the resulting cybersecurity risk influenced Aruba and its networking offerings?

Even before the pandemic, APAC has always been a hotbed for technology and innovation. The pandemic accelerated the region’s pace of transformation and digital leadership. We’ve seen a multitude of innovations stem from the region as well. In fact, in 2021, almost all enterprises (92%) reported that they are currently re-evaluating their digital strategies and optimising their digital infrastructure to remain competitive in response to the pandemic. In Southeast Asia alone, the population has strongly embraced digital technologies – reporting one of the highest mobile connection rates in the world.

The move to working from home and the proliferation of IoT devices have increased attack surfaces. If not mitigated, this makes the enterprise more vulnerable to cyberthreats. For Aruba, this means that we need to be multiple steps ahead of the bad actors and develop security that is intrinsic to every network element. We believe it is crucially important to minimise the blast radius from any breach by building a network based on zero-trust principles, where each user or device is authenticated, and then only authorised to connect to destinations consistent with the role of the user or device.

What are some of the most exciting developments in Aruba’s development labs, specifically in the emerging technologies you plan to adopt in your networking solutions?

Agile and flexible networks are the name of the game and will continue to be. Aruba’s new network modernisation solution provides an automated network to deal with the complexity of multi-gen architectures and security challenges, and offer organisations the agility that traditional VLAN-based architectures simply cannot provide.

To this end, we just introduced Aruba Central NetConductor. It allows our customers to extend role-based policy and microsegmentation across the enterprise. NetConductor is a cloud-native, standards-based solution that delivers a unified network overlay (or fabric) across wired, wireless, and WAN infrastructures. This enables network professionals to automate fabric configuration and management with workflows tied to business intent, as well as implement identity-based security that is enforced in-line by the network infrastructure.  

Recently at Atmosphere 2022, our annual user conference, we demonstrated the industry’s first self-locating indoor access points (APs) with built-in GPS receivers to bring the ease and accuracy of GPS indoors. By combining the available GPS measurements with relative location from Wi-Fi fine time measurement (FTM), we can establish the GPS coordinates of all APs, including those deep inside a building where there is no GPS signal.

These APs broadcast their location, and can enable a variety of location-aware services, such as asset tracking, safety/compliance capabilities, facility planning, and venue experience apps. For FTM-enabled endpoints, they can figure out their position relative to the AP, and from that, their own GPS coordinates. As this technology is adopted, the experience of walking into a mall or large building, and seeing the location circle on a map become really large and unusable will become a thing of the past.