During this year’s Black Hat conference, HPE updates us on the state of security in its portfolio. There are new developments in network security, a SASE copilot, new security additions to Alletra all-flash object storage, and new integrations for Zerto.
Black Hat 2025 in Las Vegas is a special event for HPE as a whole. It is the first time since the approval and finalization of HPE’s acquisition of Juniper Networks that HPE can showcase both HPE Aruba Networking and HPE Juniper Networking to the public. It is obviously too early for concrete announcements demonstrating the combined strength of the two divisions. But it is undoubtedly an important moment for HPE.
During this edition of Black Hat, we therefore only have updates for the HPE portfolio as we knew it until last month. These can be divided into three parts: networking, storage, and backups, with the latter two overlapping somewhat. We have listed these announcements below, with the usual sprinkling of commentary in between.
HPE Aruba Networking: expansion of Central NAC
Network security starts with knowing what is connected to the network and what rights these connected devices have on that network. HPE Aruba Networking has long offered ClearPass for this so-called Network Access Control. This is a very powerful NAC solution, but one that is intended for on-premises use. Some time ago, we heard from Dobias van Ingen, EMEA CTO at HPE Aruba Networking, that there are no plans to change this. That is why Central NAC has been added. We wrote about this previously as well. As the name suggests, this is a NAC that is part of Aruba Central. It runs in the cloud, making NAC much more widely available.
HPE Aruba Networking Central NAC itself is not new. However, it was limited to HPE Aruba Networking equipment. That changes today. It now also works in combination with network equipment from other manufacturers. With this move, HPE is opting for openness in this area as well (as it did earlier with OpsRamp). This is only logical, as there is a lot of other hardware on the market and many companies do not limit themselves to a single supplier. It will now be possible to “easily roll out access policies across a multi-vendor network,” Jeff Olson, responsible for SASE and security marketing at HPE Aruba Networking, told us.
Opening up Central NAC will undoubtedly be an objective strategic move in part. However, it is also worth noting that HPE had no choice but to do so. After all, Juniper is part of its own offering now, which is basically a third party. There is a good chance that standard protocols will be used in Central NAC. If you open it up for Juniper, it would be strange not to open it up for Cisco.
HPE Aruba Networking: SASE copilot and AppEngine integration
Knowing what network equipment is and is not allowed and what those devices are allowed to do is an important basis. However, the applications that use the network also deserve the necessary attention. They must also be given a risk profile and be able to be ranked based on that. To make this possible, HPE integrates AppEngine into HPE Aruba Networking Central. This provides “enhanced zero trust,” in Olson’s words. Thanks to AppEngine, the characteristics of applications can now be linked to the network. This provides greater insight. Based on this insight, risk profiles can be drawn up. In addition to telemetry for security purposes, this also provides data on application performance and the like. So it offers additional value for organizations.
Finally, there’s the new SASE copilot. With this, HPE is taking its first step toward a full-fledged copilot for the network and network security. This SASE copilot currently resides in EdgeConnect SD-WAN and users can use it to ask questions about that part of the network, as well as about the SSE side of things. Olson emphasizes that it is not yet a full-fledged AIOps offering and is currently mainly an assistant that you can query using human language. We do see some interesting possibilities here now that Juniper has been added to the fold. That company is already a lot further along with AIOps. It will be interesting to see to what extent everything will be integrated, or whether HPE will try to keep everything separate for as long as possible.
Storage: HPE Alletra Storage MP X10000 for backups and DR
In addition to news about network security, there is also news in other areas. First, HPE has announced that HPE Alletra Storage MP X10000 has also been made suitable for creating backups. HPE Alletra Storage MP X10000 is a scale-out disaggregated object storage product. By adding more compute and optimizing the device for backup software, it is now also suitable for creating and restoring backups.
According to HPE, the new version of the HPE Alletra Storage MP X10000 can deliver extremely low Recover Point Objectives (RPOs) and Recovery Time Objectives (RTOs). According to its own tests, it can process up to 1.2 petabytes of backup data per hour, making it almost twice as fast as its closest competitor. Of course, this is based on a specific configuration and tested by HPE itself.
The HPE Alletra Storage MP X10000 for data protection is available today.
Cyber resilience: HPE Zerto Software gets integration hub
The latest security update from HPE during Black Hat revolves around HPE Zerto Software. This part of the HPE stack gets an integration hub for security solutions. CrowdStrike is HPE Zerto Software’s launch partner for this. In the future, however, the integrations will not be limited to security solutions. An integration with the network (including HPE Networking equipment in the near future) will also be possible.
The idea is that the integration hub that Zerto offers provides more insights to improve data protection and disaster recovery. By linking Zerto’s Continuous Data Protection offering to other solutions and environments, it should be possible to become even more resilient. Integration with CrowdStrike Falcon ensures that it will automatically tag an event in Zerto’s environment. Organizations can then roll back applications and VMs to seconds before the incident. The idea is that this will minimize data loss and downtime.
The HPE Zerto Software integration hub will be available in Q4 2025.