The New HPE Networking: Integration Complete

At Security Field Day, Hewlett Packard Enterprise showcased the results of its most ambitious integration effort: combining decades of networking expertise under a single, AI-driven security vision. The centerpiece is the completion of the Juniper Networks acquisition in early July, creating the newly formed HPE Networking organization.

This follows HPE’s acquisition of Silver Peak five years ago, along with numerous other strategic additions. The result is a comprehensive portfolio spanning campus and branch connectivity, data center networking, WAN solutions, and—most critically for security architects—a unified SASE and Security pillar that brings together network access control, SD-WAN, SASE capabilities, and next-generation firewalls.

The challenge facing HPE: enterprise networks have grown increasingly complex, driven by cloud adoption, distributed workforces, and sophisticated cyber threats. The promise: unified security through artificial intelligence, predictive threat prevention, and application intelligence that eliminates the traditional gaps between network and security operations.

The Integrated Portfolio: Full-Spectrum Coverage

During their Security Field Day presentation, HPE detailed how the SASE and Security pillar represents a breadth of offerings spanning connectivity, policy enforcement, and threat detection:

• SD-WAN Solutions: Multiple gateway options including SD Branch/Micro Branch (managed via Aruba Central), Edge Connect SD-WAN (managed via Edge Connect Orchestrator), and Juniper’s Session Smart Router (managed via Mist or SSR conductor). Critically, these gateways function as next-generation firewalls and support service chaining to the broader security ecosystem.
• Firewall Range: Low-end to high-end solutions prominently featuring the SRX Series technologies.
• Security Service Edge Capabilities: ZTNA (Zero Trust Network Access), Secure Web Gateway, and Cloud Access Security Broker functionality.
• Network Access Control: ClearPass Policy Manager continues providing identity-based segmentation and access control.

The integration creates a unified control plane where formerly disparate technologies operate under shared threat intelligence and policy enforcement.

Application Intelligence Engine: Dynamic Segmentation That Actually Works

HPE’s Application Intelligence Engine, running within Aruba Central, addresses a fundamental security challenge: lateral movement after an attacker gains network access. Traditional segmentation methods like fixed VLANs are static and lack mobility. AIE enhances dynamic segmentation by utilizing application posture and fingerprinting alongside user and device identity.

The core innovation solves a persistent problem in network security: reliably identifying applications across different systems for policy enforcement, performance monitoring, and routing. AIE achieves this by correlating, normalizing, and sanitizing data from multiple sources—including deep packet inspection engines like Cosmos and WebC, plus cloud security intelligence—into a unified Application Catalog.

This multi-engine approach delivers accuracy that single-source detection cannot match. A single engine might identify Zoom only 60-65% of the time. By combining DPI patterns, domain identification, and port/protocol analysis, AIE achieves close to 95% reliable identification.

Key capabilities demonstrated at Security Field Day included:

• Global Policy Definition: Security administrators define policies at a global level—denying high-risk applications, for example—without managing the underlying technical details of signature distribution. AIE handles the complex task of distributing appropriate signatures and policies to various enforcement points (APs, gateways, switches) based on their capabilities.
• Risk Visibility: The Application Catalog provides insight into applications including history, associated domains, security scores (trustworthy, low risk, moderate), potential vulnerabilities, and compliance details.
• Dynamic Profiling: AIE monitors application usage patterns to inform dynamic profiling, detecting anomalies like abnormal data uploads and influencing how devices are treated based on behavior.

These capabilities transform segmentation from a fixed barrier into an adaptive defense system where application identity drives policy decisions.

AI Predictive Threat Prevention: Stopping Zero-Days in Real Time

The SRX Series firewalls, now central to HPE Networking’s portfolio, bring AI Predictive Threat Prevention (AIPP)—a capability that shifts security from reactive signature-based detection to proactive machine learning.

AIPP uses a combination engine deploying machine learning models directly onto firewalls for inference, supported by a flow antivirus engine leveraging AI-generated signatures. This advanced approach allows a single AI-generated signature to detect sophisticated polymorphic malware.

How it works:

• Inline and Early Detection: AIPP operates inline with TLS decryption for encrypted traffic. Using a proxyless architecture, only an early portion of a file is required to determine maliciousness, allowing threats to be detected and blocked immediately during download.
• ATP Cloud Integration: Machine learning models train in the ATP Cloud, processing massive datasets of benign and malicious files. Files not immediately detected stream to the cloud for advanced analysis, including up to five different sandboxing methods and behavioral modeling.
• Rapid Signature Deployment: Once malice is confirmed—taking seconds to five minutes for complex sandboxing—a dynamic signature is generated and pushed to the SRX ecosystem.
• Auto-Mitigation: A critical feature demonstrated at Security Field Day: if a user downloads malicious content, they’re automatically added to a global infected hosts list. This instantly blocks the user across all SRX firewalls in the environment, regardless of where they attempt to connect next.
• Forensics and Reporting: The system provides detailed threat reporting including Indicators of Compromise and MITRE ATT&CK framework mapping, supporting SOC analyst investigations.

Why This Integration Matters Now

The newly combined HPE Networking portfolio represents a calculated effort to tackle complexity through comprehensive integration, offering security and network architects streamlined management and enhanced protection.

The combination of Application Intelligence Engine and AI Predictive Threat Prevention provides end-to-end visibility and control. For architects, the portfolio offers the ability to define security policies at a high, global level using AIE—focusing on user roles and application risk—while leaving dynamic enforcement and signature distribution to the underlying system. This radically simplifies operations by abstracting away infrastructure complexity.

The integration of SRX technology means high-performance, proactive protection against zero-day and polymorphic threats is consistently applied, complemented by features like the infected hosts list that automatically contain threats across the network ecosystem. By prioritizing AI and machine learning for detection and response—whether through the Application Catalog or inline threat blocking—HPE Networking aims to deliver not just coverage but security effectiveness.

This consolidation allows architects to move toward a more integrated security fabric leveraging shared threat intelligence and unified policy enforcement across network edge, branch, and data center. The combined portfolio serves as a unified control center, bringing together formerly disparate technologies under a model where application identity drives policy decisions.

Network architects gain tools to enforce granular, identity-based dynamic segmentation, making network security less of a fixed barrier and more of a living, adaptive defense system. For organizations navigating cloud adoption, distributed workforces, and increasingly sophisticated threats, HPE’s post-Juniper integration offers a path from fragmented point solutions to unified, AI-driven security architecture.

The presentation at Security Field Day revealed not just product features but a strategic vision: using artificial intelligence to eliminate the traditional gaps between network operations and security enforcement, creating a genuinely unified digital perimeter.