The new CX 10000 integrates security services, like a firewall, directly into a one-unit network switch deployable anywhere security and other services need to reside.
Aruba has announced a new single-unit networking switch that it describes as “the industry’s first distributed services switch.” If Aruba is correct, its new CX 10000 could be a game changer for companies who gather data at, or otherwise make use of, edge locations.
The Aruba CX 10000 was created to address several different pain points, said Aruba VP of product William Choe. “Operators are moving toward the public cloud, the volume of data being created and processed has exploded, network models have simplified and more people want to take advantage of hyperscaling,” Choe said.
SEE: Kubernetes: A cheat sheet (free PDF) (TechRepublic)
All of those changes in the air mean some part of technology is going to become obsolete, and in this case it’s current switching and network architecture. “With the explosive growth of east-west traffic in the data center, centralized security appliances are proving inefficient, expensive and difficult to manage. Simply put, hair-pinning traffic to an appliance sitting at the data center edge introduces heavy performance, cost and operational penalties,” Aruba said.
To that end, Aruba enlisted the help of cloud company Pensando, which HP (Aruba’s parent company) has invested in and worked with before. The CX 10000 uses a new Pensando ASIC called LBA and what Aruba calls the only fully-programmable DPU “to deliver stateful software-defined services inline, at scale, with wire-rate performance and orders of magnitude scale and performance improvements over traditional data center L2/3 switches at a fraction of their TCO,” Aruba said.
The addition of Pensando’s software-on-silicon enables the CX 10000 to perform functions including hosting a firewall, protecting against DDoS attacks, NAT, encryption, load balancing and telemetry. Toss all of that into a 1U switch and you have yourself a powerful product that could reside anywhere and save a lot of money on maintenance, reduce energy consumption and free up valuable rack space.
Aruba advertises the CX 10000 as being a solution to a lot of different problems — not just reducing energy usage. Because traffic doesn’t have to be hair-pinned back to a data center (or out to an edge location), bandwidth and performance can increase. Because traffic isn’t being sent over long distances unnecessarily, security posture improves, and lastly, because appliance sprawl is reduced, complexity and cost shrink.
SEE: From start to finish: How to deploy an LDAP server (TechRepublic Premium)
Aruba also mentions that the CX 10000 can be a valuable tool in building a zero-trust network. Every port on a CX 10000 is watched by 800G E-W Stateful Services for unusual behavior, providing complete coverage of network traffic between switches and from inside to outside the network.
Those interested in outfitting their data centers and edge locations with CX 10000 routers will need to wait a few months: They won’t be available until January 2022, and they won’t be cheap either: Prices start at $45,000 USD. On launch the switches will include accelerated Stateful Firewall, Zero Trust Segmentation, ERSPAN, Telemetry and DDoS protection.