We've all seen the big shift in enterprise architecture over recent years. What was once a data centre-centric model has now expanded out to the network edge. Applications no longer reside in the data centre, they're in the cloud. Users no longer sit tethered to their desks, they're mobile and working from far-flung corners of the globe. Every little thing is connected to the network – from security cameras to healthcare devices and lighting systems. As a result, we see IT teams grappling with this chaotic new network edge, one that is distributed, complex and increasingly difficult to secure.

These problems inevitably gave birth to new solutions and in Aruba's case, we’ve seen the recent launch of Aruba ESP. It promises to be a central nervous system of sorts, that is able to predict and resolve problems at the network edge before they impact your business. Does the hype match the reality? Spoiler Alert! In some areas, yes, but not as much as we'd hoped for… So let's explore a little deeper.



In many ways, Aruba ESP is a natural progression, and one that is happening across all areas of IT as we enter the era of data analytics driven by IoT, AI and automation. Networking vendors, and solutions providers too, have long recognised the many deficiencies and shortcomings that come with siloed network management tools. It became clear to the industry as a whole that the benefits of creating and establishing a unified single-vendor fabric would be many. For example, more efficient use of resources, reduced operating costs and a complete removal of problems related to interoperability. Not to mention all the benefits that stem from having a single plane of glass view of the entire network.

Aruba ESP is Aruba’s answer to this problem and has 3 core pillars - AIOps, Zero Trust Security and Unified Infrastructure.


AIOps – The Artificial Intelligence muscle

The official definition: The next generation of IT operations analytics, AIOps, is a new class of technology that helps IT monitor and manage complex hybrid, dynamic, distributed IT environments.

We recently looked at AIOps in more detail as part of our Matrix Importance Score series. In essence, it’s about better processing of data that we already have, highlighting or bubbling up information that we’d otherwise miss to help solve those really fleeting, vaporous network issues that are the bane of all IT teams - such as intermittent outages. For example, a user who says “my wireless keeps dropping out” could trigger 2-3 days of searching and testing, trying to reproduce the problem and solving it. Using AIOps, it’s much easier to let the AI do some of that work, in conjunction with scripts and programmed triggers, to automatically surface the problem or highlight things that are out of place when they fleetingly occur.

Zero Trust Security – Trust nothing and no one

The official definition: A widely applied security framework based on the notion that no organisations or entity inside, or outside, the network perimeter should be trusted.

Zero trust isn’t new – it’s expected now - and has been a part of the Aruba solution via ClearPass for considerable time. However, with Aruba ESP, it’s more accessible and easier to provision – more point and click.

Using a combination of discovery and profiling techniques, Aruba ESP detects the full range of devices connected, or attempting to connect, to the network – including the many pinpoint IoT devices. It then uses policies to ensure no user, device, or IoT device, is granted entry or ongoing access unless trustworthy. This extends to context-aware control, automated network segmentation as well as your defined policies extending all the way to the firewall. 

As a result, it really has become a standard “mentality” for IT teams in dealing with the network – trust nothing. If you start thinking you can trust a particular element of the network, then you need to go back to the Zero Trust premise! Aruba ESP, in the way it is built and operates, further entrenches this kind of thinking.

Unified Infrastructure – A massive coming together

The official definition: In Aruba ESP’s case, it’s a cloud-native approach to network architecture that delivers end-to-end orchestration and network analytics for campus and distributed environments – all from a single pane of glass.

This is one of those areas that we’ve been hoping would be a bit more developed and stems from a natural tension that has existed for years. Should you work with multiple vendors in your network, choosing best of breed providers; or should you be working with a single vendor and taking advantage of end-to-end integration of features and toolsets.

You can argue it both ways.

Managing multiple vendors and solutions has long been an IT bugbear so it makes a lot of sense to streamline network management by defaulting to a single vendor. But with a single vendor you’re limited to their equipment, which may not have all the features that you need. This isn’t just an Aruba situation either – all the vendors are looking for ways to help convince you that a single vendor approach is best, and if you do subscribe to this idea, then Aruba ESP does present as an incredibly powerful management platform.

It’s made to unify the distributed network edge across wired, wireless, and WAN, branch, campus, data centre, and remote worker locations, eliminating the need to correlate information across multiple views. It makes automatic provisioning (which has existed before) even easier – you could say ridiculously simple and approaching a true plug and play environment.

It’s also cloud based, so when everything works in the same way, communicates in the same way, and uses the same architecture, it’s end-to-end simple.

But if you have a multi-vendor environment, then the unified infrastructure model breaks down and you need to have a split network, often with different management tools for each component. This is more a limitation of the cloud management model, than a vendor or tool limitation, as cloud-based solutions require unique security to connect to the hardware. This wasn’t a problem in the on-premises world where multi-vendor management solutions - such as the hugely popular Aruba Airwave - would monitor different wired and wireless environments.

What Aruba ESP tells us about the future of network management

Expect more convergence. We expect cloud-first solutions - such as Aruba ESP - will continue to consolidate their wider solution portfolio creating exhaustive solution sets. Pursuing the unified model will see smaller players bought out by larger players looking to complete the network, and network management, jigsaw puzzle to satisfy evolving customer demands. While this could be a win for the customer in the long term, there may be periods where the customer has to wait for acquisitions to occur and the new solutions to be integrated into the bigger piece.

New players entering the market. With many customers shy of going all-in on a single solution set, we may start to see savvy new vendors enter the market to provide a cloud agnostic alternative. One that doesn’t care about underlying hardware, instead it just works with the architecture in place. These solutions have worked before in the data centre, but as yet never filtered through to the network edge.

Typical ICT evolution. Are we going to see the usual tech evolution? If you look at history, we’ve gone from dedicated computing to thin clients, and back, and back again. Now we’re on this pathway back to thin computing with “dumb” hardware and smarts in the software.  We might also see management platforms back to an on-premises model. However, what’s different this time is that every time we’ve cycled from edge to cloud and back again, it’s resulted in a race to compute power. That compute power is very powerful at the edge, in parallel with the core, so we’re finding ourselves in a very different situation. We’re watching this development with interest.

In Conclusion

Aruba ESP is a great answer to a certain type of question – managing a unified infrastructure. But it’s not necessarily a totally new answer. We’ve seen (in fact, designed and implemented!) many of these capabilities before, but now they’re packaged and presented in a much more cohesive way with Aruba Central at the apex. It does introduce enough new capabilities though to be worth a look, especially if you have Aruba in your environment.

If not, then your best bet is to talk to us. Matrix CNI is a company that lives and breathes networks, day in, day out, and understands them regardless if you’re unified or multi-vendor.