ArubaOS™, the operating system for Aruba Mobility Controllers and Mobility Access Switches, performs security and system administration, as well as hardware-based routing, switching, firewall and data encryption.
ArubaOS supports optional software modules, including the Policy Enforcement Firewall™ (PEF™), RFProtect™ wireless intrusion protection and spectrum analyzer, Suite B Advanced Cryptography (ACR) and xSec™ advanced Layer 2 encryption.
The ArubaOS™ Policy Enforcement Firewall™ (PEF) module provides identity-based controls to enforce application-layer security and prioritization.
With PEF™, IT can enforce network access policies that specify who may access the network, with which mobile devices and which areas of the network they may access.
The Aruba AppRF technology integrated with PEF delivers mobile application traffic visibility through a simple dashboard that shows the applications in use by user and device.
Aruba RFProtect integrates wireless security into the network infrastructure without requiring a separate system of RF sensors and security appliances and enables government-grade Wireless Intrusion Protection.
RFProtect also includes powerful Spectrum Analyzer capabilities, which provide a critical layer of visibility into non-802.11 sources of RF interference and their effects on 802.11 wireless LAN channel quality. As a result, RFProtect eliminates unwanted wireless threats and interference, while optimizing network performance.
The ArubaOS™ Advanced Cryptography (ACR) module brings military-grade Suite B cryptography to Aruba Mobility Controllers, enabling user mobility and secure access to networks that handle sensitive but unclassified, confidential and classified information.
Approved by the U.S. National Security Agency (NSA), Suite B improves performance, eliminates unwieldy workflows and strict handling requirements, allows interoperability, and supports commercially available mobile devices – all at a fraction of the cost of previous-generation cryptographic methods.
xSec is a highly secure Layer 2 data-link protocol that safeguards all wired and wireless connections using strong encryption and authentication. FIPS compliant, it employs identity-based security to protect extremely sensitive information.
xSec provides tougher security than other Layer 2 encryption methods by using longer keys, FIPS–validated encryption algorithms (AES-CBC-256 with HMAC-SHA1), and encrypting of Layer 2 header information including MAC addresses.