HPE Acquires Axis Security to Gain SSE Platform

Hewlett-Packard Enterprise (HPE) has announced its intent to acquire Axis Security, a provider of a secure service edge (SSE) platform. The acquisition is part of HPE’s effort to extend the integrated software-defined wide area network (SD-WAN) and network firewall offering that HPE makes available via its Aruba business unit.

The Axis Security SSE platform enables authenticated user access to private applications using a secure web gateway (SWG) that is integrated with a cloud access security broker (CASB) and tools for monitoring digital experiences.

Those capabilities are provided via a cloud platform, dubbed Atmos, that enables cybersecurity teams to centrally manage and ensure zero-trust network policies are enforced via a global network made up of distributed points-of-presence that Axis Security manages. HPE plans to integrate the Axis Security service with its offerings later this spring; by the third quarter of its current fiscal year.

Jon Green, chief security officer (CSO) for Aruba, said the addition of an SSE will help organizations reduce the number of point platforms they would otherwise need to deploy and manage to secure network access using, for example, a legacy virtual private network (VPN). In effect, HPE is extending a secure access service edge (SASE) platform for routing traffic more efficiently to include an SSE capability, he noted.

In general, cybersecurity teams are still chronically understaffed, so many organizations lack the personnel required to manage multiple point products. As more capabilities are provided via a centrally managed cloud service, the number of cybersecurity professionals required to manage all the capabilities declines. That’s especially critical during an uncertain economic climate where organizations are trying to reduce the total cost of cybersecurity. HPE is making a case for using Aruba networks as the foundation for centralizing the management of both networking and security services via the cloud.

Naturally, it will be up to each organization to determine to what degree to enforce zero-trust policies, but Green said organizations should start with a risk-based approach. The level of policy enforcement should take into consideration the value of the data being stored in that application, he added.

Zero-trust IT, of course, is hardly a new idea. The challenge is achieving that goal using software versus trying to implement it by locking down hardware. The latter approach has already been tried with limited success. End users today expect cybersecurity teams to be able to ensure security without adversely impacting their application experience. That can be difficult for most internal IT organizations to achieve on their own, so more organizations are relying on services delivered via the cloud to enforce zero-trust IT policies.

It’s not clear how quickly the shift toward zero-trust IT is occurring, but in an era where end users now regularly access applications from almost anywhere, it’s apparent that cybersecurity strategies focused mainly on the network perimeter are insufficient. The new perimeter is at the device and applications at the edge of the network used to access IT resources located either in the cloud or a local data center. The challenge is verifying not just the end users but also the applications and devices being employed.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 754 posts and counting.See all posts by mike-vizard