HPE unveils enhanced AI-powered security for cloud & network

Hewlett Packard Enterprise has announced an expansion of its HPE Aruba Networking and HPE GreenLake cloud offerings to support enterprises in enhancing secure connectivity and hybrid cloud operations.

New capabilities now available in HPE Aruba Networking Central include cloud-based access control security designed to accelerate enterprise-grade zero trust security. This approach treats every user, device, and application as a potential threat until verified, employing robust policy capabilities to strengthen protection measures. Additionally, HPE Private Cloud Enterprise introduces threat-adaptive security features to support compliance with the Digital Operations Resilience Act (DORA), offering the capability to disconnect from the public internet when a network threat is detected.

Phil Mottram, Executive Vice President and General Manager, HPE Aruba Networking, commented on the evolving cyber threat landscape and the need for advanced security: "With the rise in adoption of data-fueled AI applications, organisations are facing more sophisticated threats to anywhere data is stored, captured or transmitted. HPE's security solutions deliver advanced protection to help organisations mitigate risk, defend against attacks and build resiliency."

The new features in HPE Aruba Networking Central Network Access Control (NAC) include precision cloud-based access controls, enabling IT teams to define and implement role-based policies for user and device identification. These enhancements are designed to help enterprises advance universal zero trust network access initiatives. Additional features, such as Intrusion Detection System (IDS), Intrusion Prevention System (IPS), AI-powered observability, and microsegmentation, are aimed at reducing the impact of potential security breaches.

Among the new security functionalities are the Enhanced Policy Manager for HPE Aruba Networking Central NAC, which establishes detailed network access policies—such as application-to-role, role-to-subnet, and role-to-role policies. This ensures consistent enforcement of security and compliance across edge-to-cloud networks.

Integration between HPE Aruba Networking Central and HPE OpsRamp has been strengthened to provide native monitoring of third-party devices from vendors like Cisco, Arista, and Juniper Networks. Enhanced application profiling, classification, and risk assessment tools now give enterprises the capacity to establish application-specific access policies based on risk criteria.

Updates to HPE Aruba Networking EdgeConnect SD-WAN bring new Secure Access Service Edge (SASE) integration and Adaptive Distributed Denial-of-Service (DDoS) defence capabilities. These use machine learning to dynamically adjust DDoS protections in real time. All Zero Trust Network Access (ZTNA) customers now receive a complimentary licence for HPE Aruba Networking Private Edge.

HPE Aruba Networking SSE offers new high-availability and high-performance mesh connectivity for routing traffic between global points of presence, aiming to improve reliability and resiliency. Mesh connectivity automatically determines the fastest secure path for data, providing alternative routes and automatic recovery to ensure continued security, without requiring manual intervention by IT teams.

On the private cloud front, HPE GreenLake receives further security enhancements intended to protect against emerging threats and to support compliance with new regulations. HPE Private Cloud Enterprise now features threat-adaptive security, capable of temporarily isolating critical systems by disconnecting from the public internet when a threat is detected. This function acts as a "digital circuit breaker" and is designed to minimise impacts before securely reconnecting systems once the threat is resolved. These features specifically address requirements for regulated industries, including the financial sector, under DORA.

HPE also announced the general availability of air-gapped cloud management through HPE Private Cloud Enterprise. This service enables customers in regulated industries or government to manage private cloud infrastructure entirely on-premises, without any external connectivity, and is deployed by security-cleared HPE staff. Future enhancements will allow cloud-native and Kubernetes workloads to be managed with the same air-gapped approach.

Additional offerings include HPE Cybersecurity Services for sovereign cloud, providing expertise to integrate sovereign security solutions into an organisation's risk management framework. New cybersecurity services focused on AI aim to give customers governance and compliance support while transforming operations to predict and counter both traditional and AI-driven threats.

The integration between HPE's OpsRamp and CrowdStrike provides unified observability and real-time threat detection, designed to enhance performance and resilience for enterprise systems.

HPE's announcement comes as the company marks a year since signing the CISA Secure by Design pledge. HPE reports that it deploys more than 2,200 security controls within HPE GreenLake, and utilises Zero Trust frameworks to meet requirements set by CIS, CISA Secure by Design, STIG, and DORA.

Other advancements in HPE's secure by design initiatives include Aruba Networking's AI-based network detection and response (NDR), ransomware protection through the HPE Cyber Resilience Vault, and the introduction of the HPE ProLiant Compute Gen12 portfolio with HPE Integrated Lights Out 7. The new servers also provide a silicon root of trust and feature post-quantum cryptography capabilities meeting FIPS 140-3 Level 3 security certification.