Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Microsegmentation
As an orchestrator of the Data Center infrastructure, Aruba Fabric Composer manages and automates network and compute/storage infrastructure and can use API-based, third-party integrations. These integrations can be used to create microsegmentation on the compute host and the network from a single UI.
Aruba Fabric Composer orchestrates end-to-end microsegmentation functionality in conjunction with:
- A hypervisor, to create PVLAN Private Local Area Network -based segmentation. For example, vSphere Virtualization Solutions. Copyright of VMware Inc. .
- Aruba CX switches, to match network-level PVLAN-based segmentation.
- Pensando components, to allow Aruba Fabric Composer append the segmentation with firewall policies and rules.
Therefore, when orchestrating a microsegmentation solution, Aruba Fabric Composer focuses on two main concepts: Segmentation and Policies.
- Segmentation, which is responsible for isolation of endpoints. This is done by PVLAN implementation.
- Policies, which consist of rules that execute actions for endpoints. This is done by permit/deny/log and so on.
In Aruba Fabric Composer 6.4.0, policies must be enforced by the Stateful Distributed Firewall.