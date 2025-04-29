Hewlett Packard Enterprise (HPE) is expanding security features in Aruba Networking and GreenLake cloud with zero-trust in mind.

That includes updates in security tools for sovereign clouds and AI, focusing on Aruba and GreenLake systems.

HPE Aruba Networking Central is getting new cloud-based access controls for zero-trust style security, with default policies that will treat all users, devices, and apps as a potential threat until verified. Meanwhile, HPE Private Cloud Enterprise has a new threat-adaptive security system – supporting compliance for the Digital Operations Resilience Act (DORA) – that will disconnect a network from the public internet when threats are spotted.

"With the rise in adoption of data-fueled AI applications, organizations are facing more sophisticated threats to anywhere data is stored, captured or transmitted," said Phil Mottram, EVP, and general manager, HPE Aruba Networking. "HPE's security solutions deliver advanced protection to help organizations mitigate risk, defend against attacks, and build resiliency."

That comes as security experts have warned businesses are facing a "cloud security crisis", with 90% of enterprises suffering cyber attacks last year.

HP acquired Aruba Networks in 2019, six months ahead of the company splitting into consumer hardware-focused HP and enterprise products and services business HPE.

HPE unveiled a suite of new security features for HPE Aruba Networking.

First up is the Enhanced Policy Manager for HPE Aruba Networking Central NAC, offering precision access policies across the entire network. That allows more detailed policies than before – such as application to role or role to subnet – which HPE says will ensure consistent security and compliance from the cloud out to the edge.

HPE also promises tighter integration between HPE Aruba Networking Central and HPE OpsRamp, with built-in observability for third-party devices from vendors such as Cisco, Arista, and Juniper. Beyond that, enterprises have the ability to make app access policies based on set risk preferences.

HPE Aruba Networking EdgeConnect SD-WAN now has adaptive DDoS defense, which uses machine learning to react to attacks in real time, and will gain SASE capabilities to help integrate with HPE Aruba Networking SSE. Every zero-trust network access customer will get a free license for HPE Aruba Networking Private Edge, too.

And HPE Aruba Networking SSE now offers high-performance mesh connectivity for smart routing among global points of presence that should be more reliable – and HPE says is designed to deliver zero downtime.

"Mesh connectivity dynamically routes traffic via the most expedient path possible, providing secure alternative data paths and automatic failure handling to ensure non-disruptive, always-on security without requiring intervention from enterprise IT departments," HPE said in a statement.

Security for GreenLake

HPE said it was boosting security capabilities for its GreenLake hybrid cloud platform to help protect enterprises against new threats as well as meet changing regulations.

In this round of updates, HPE added a new threat-adaptive security system to disconnect from the public internet when a threat is detected.

"This differentiated capability acts as a 'digital circuit breaker' and isolates critical data, operations, and infrastructure, minimizing potential impact," the company said. "The system securely reconnects when the threat passes, ensuring business continuity and robust, dynamic protection. The new security solution addresses a key requirement of DORA and its impact on financial sector enterprises."

Beyond that, air-gapped cloud management for private clouds and sovereign environments is now available through HPE Private Cloud Enterprise, offering heavily regulated industries cloud management tools without connecting to an external network.

Plus, HPE has AI-focused cybersecurity services to help companies make use of the booming technology in a secure, regulatory compliant way. HPE also announced the general availability of OpsRamp and CrowdStrike integration with its observability and real-time threat detection.

HPE noted it was a year since the company signed the CISA secure by design pledge. "In addition to more than 2,200 security controls within HPE GreenLake, HPE deploys Zero Trust frameworks and designs technology to meet the requirements of CIS (Center for Internet Security), the CISA Secure by Design Pledge, STIG (Security Technical Implementation Guides), and DORA," the company added.