Call a Specialist Today! 844-356-5141 | Free Shipping! Free Shipping!


Aruba a Hewlett Packard Enterprise company

Aruba Dynamic Segmentation

Built-in identity-based access control to automatically apply consistent policies for Zero Trust and SASE security from edge-to-cloud at global scale.

Contact Sales Learn More
Dynamic Segmentation network architecture

What is Dynamic Segmentation?

Dynamic Segmentation establishes least privilege access to IT resources by segmenting traffic based on roles and associated access permissions.

This is a fundamental concept of both Zero Trust and SASE frameworks where trust is based on identity and policies, rather than where and how a user or device connects.

A role is a logical grouping of permissions. Permissions can include applications and services that can be accessed, users and devices that can be reached, or even days of the week a particular user can connect to the network.

Because roles and policies define access and segmentation, Dynamic Segmentation eliminates the need to manually configure SSIDs, ACLs, subnets, and port-based controls. This reduces complex network segmentation, sprawling VLANs, and costly administrative functions.

Dynamic Segmentation utilizes policy-based access control across wired, wireless, and WAN infrastructure, ensuring that users and devices can only communicate with destinations consistent with their access permissions—foundational for Zero Trust and SASE frameworks.

Security Challenges Impeding Digital Acceleration

As users become more decentralized and IoT devices flood the network, attacks are more sophisticated and present unique security challenges.

Network Blind Spots

With IoT everywhere, limited visibility and inaccurate fingerprinting leads to network blind spots that attackers can exploit.

Manual VLAN Management

Manual, VLAN-based approaches to segment and enforce access control policies are resource-intensive and do not scale as your network grows.

Rip-and-Replace Barriers

Adoption of new network topologies like VXLAN and cloud for greater scale often involves extensive rip-and-replace projects.

Secure Your Network with Aruba Dynamic Segmentation

There's a better way to simplify and secure your network with access policies that do not depend on how a user or device is connected.

Dynamic Segmentation establishes least privilege access to applications and data by segmenting traffic based on identity and associated access permissions. This is a fundamental concept of both Zero Trust and SASE frameworks.

Aruba Central NetConductor offers cloud-native network security services that enable global policy management and automated network configuration with business-intent workflows. It uses an intelligent EVPN/VXLAN overlay to facilitate distributed Dynamic Segmentation at global scale with policies that are enforced inline and continuously monitored.

Dynamic Segmentation offers a choice of two enforcement models—centralized and distributed—that can co-exist and be flexibly adopted. Centralized Dynamic Segmentation uses GRE tunnel-based overlays and is enabled by Aruba Policy Enforcement Firewall that runs natively on Aruba infrastructure, along with ClearPass Policy Manager.

Go beyond traditional identification and profiling techniques with Client Insights on Aruba Central. Client Insights is an agentless solution that uses native infrastructure telemetry and machine learning to detect and profile every connected client so you can assign appropriate policies.

Learn More About Client Visibility

Related Products and Solutions

Build a complete Dynamic Segmentation solution with these integrated HPE Aruba Networking products.

Aruba Central NetConductor

Aruba Central NetConductor

  • EVPN/VXLAN based intelligent network overlay
  • Cloud-native network configuration and security services
  • Business-intent based workflows
View Details
Aruba ClearPass Policy Manager

Aruba ClearPass Policy Manager

  • Role-based network access enforcement across multi-vendor networks
  • Multiple authentication and authorization sources
  • Comprehensive integration with Aruba 360 Security Exchange Program
View Details
Aruba Gateways and Controllers

Aruba Gateways and Controllers

  • Enforcement with Policy Enforcement Firewall (PEF) across wired and wireless networks
  • High performance traffic and data routing
View Details
Aruba Switches

Aruba Switches

  • Performance, scale and intelligence for modern enterprise networks
  • Secure segmentation of wired user and IoT traffic
View Details

Ready to Simplify Network Security?

Dynamic Segmentation delivers identity-based access control that scales with your network. Let our experts help you design a Zero Trust architecture that works for your organization.

Talk to a Network Architect

Talk to a Network Architect

Whether you're evaluating Dynamic Segmentation or planning a broader Zero Trust architecture, our team is here to help you make informed decisions.

We'll walk through:

  • Your current network environment
  • Security and segmentation challenges
  • Zero Trust and SASE requirements
  • How Dynamic Segmentation fits your goals

Just clarity.