Aruba Updates Mobility Products For Classified Government Customers
Specifically, Aruba's Mobility Controller now includes Suite B cryptography, which was in 2009 authorized by the U.S. National Security Agency (NSA)'s Commercial Solutions Partnership Program (CSPP) as a series of algorithms used to certify commercial wireless and mobility technologies for use in classified settings.
The Mobility Controller is part of Aruba's MOVE (Mobile Virtual Enterprise) architecture, designed to provide context-aware networking for enterprises with mobile infrastructure.
How that translates to classified government networks, Aruba says, is that with the Suite B update, MOVE technologies can quickly provision mobile devices like smartphones and tablets depending on the security levels needed in a given situation.
A government worker requiring higher levels of security while working on his or her iPad, for example, would be able to work assured of that security using Aruba's Mobile Device Access Control (MDAC) platform, Aruba says.
"At the end of the day, it's all about making mobile devices introduce-able in the government workplace in a policy-compliant manner," said Dave Logan, vice president, Government Solutions at Aruba. "Fifty percent of what a government agency will care about when they start deploying these mobile devices is, 'Does it meet all of the certifications necessary for me to feel comfortable and secure.'"
With the government pressured to move away from proprietary technologies and toward more affordable, commercially-available mobile devices and infrastructure, government IT administrators are tasked with figuring out how to secure all those devices properly.
"Existing classified network infrastructures were largely based on creating physically-protected networks," Logan said. "It involved using highly proprietary, government-sponsored technology to create some kind of secure overlay networks. But with that, they found that when they tried to enable mobility, they were very unsuccessful or very limiting."
The CSPP in essence enabled government customers to buy commercially available networking technologies with a few key security tweaks. A lot more would be required for "top secret"-level clearances, Logan said, but the technologies approved by the CSPP cover the majority of the unclassified and classified work done in the federal government.
"It's really a paradigm shift," Logan said. "VARs and integrators can go into the agencies they do business with and offer solutions based on these commercial technologies. They can expand their footprint in an area they were previously blocked from accessing."
Suite B cryptography is supported in all of Aruba's current mobility controller hardware, including the Aruba 6000 series, 3000 series and 600 series mobility controllers. ArubaOS 6.1 supports protocols and methods for Suite B including AES-128-CBC, AES-128-CCMP, AES-256-GCM, ECDH, SHA-256 and SHA-384 Secure Hash, 802.11i + Suite B using EAP-TLS in WLAN mode, and IPSEC + Suite B using IKEv1 or -v2 in VPN mode.
Aruba also said Monday that it's Virtual Intranet Access (VIA) client, also now supports Suite B cryptography. That means that when the VIA client is connected to a network, it can determine whether that network is trusted or untrusted and then use various authentication and encryption techniques to create a secure tunnel to an Aruba Mobility Controller.
Channel partners should begin preparing their agency customers for a greater shift toward commercially available technologies in 2012, Logan said. Logan declined to provide exact numbers but said Aruba's U.S. and international government businesses are growing significantly. The mobile device phenomenon is as real in the public sector as it is in the commercial enterprise sector, he said.
"If anything, we're seeing [government] budgets move toward these solutions, as a replacement for expensive technology," he said.
Patrick Guerin, chief technology officer at Key Management Systems, a Colorado Springs, Colo.-based solution provider, said Aruba's Suite B implementation would present a less expensive alternative than what most governments are used to for classified networking.
"Government agencies see the same benefits in tablet and smartphone use that private enterprises do," Guerin said in a statement. "However, they need a solution that combines commercial technology with stronger underlying cryptographic algorithms."