>
    Integrate Device Security with Aruba WLAN Controllers
    Focus
    Download PDF
    Focus
    1. Home
    2. Device Security
    3. Integrate Device Security with Aruba WLAN Controllers
    Download PDF
    Device Security

    Integrate Device Security with Aruba WLAN Controllers

    Table of Contents

    Integrate Device Security with Aruba WLAN Controllers

    Integrate Device Security through Cortex XSOAR with Aruba WLAN controllers.
    Where Can I Use This?What Do I Need?
    • Device Security (Managed by Strata Cloud Manager)
    • (Legacy) IoT Security (Standalone portal)
    One of the following subscriptions:
    • Device Security subscription for an advanced Device Security product (Enterprise Plus, Industrial OT, or Medical)
    • Device Security X subscription
    One of the following Cortex XSOAR setups:
    • An Device Security Third-party Integration Add-on license that includes a cohosted, limited-featured Cortex XSOAR instance
      AND
      A Cortex XSOAR Engine (on-premises integration)
    • A full-featured Cortex XSOAR server
    When you integrate Device Security with Aruba wireless LAN controllers, Cortex XSOAR uses XSOAR engines to gather data from WLAN controllers about wireless access points and their clients. The data is then shown on the Devices page and Device Details pages in the Device Security portal.
    XSOAR engines make an HTTPS connection to the API of each controller they’re configured to connect to and query them for data about access points and their wireless clients. The XSOAR engines report the collected data over HTTPS to Cortex XSOAR, which forwards it to the Device Security cloud. You can see the following types of data that Aruba WLAN controllers collect for wireless clients on the Devices and Device Details pages in the Device Security portal.
    Data collected for IEEE 802.11 wireless clients (Wi-Fi clients):
    • Access point with which the wireless client is currently associated and the length of its connection
    • SSID through which the client is associated with the access point
    • Signal-to-noise ratio (SNR)
    • Radio signal strength indicator (RSSI)
    • Radio band (2.4 GHz or 5 GHz)
    • IEEE standard (802.11a/b/g/n/ac/ax)
    • Authentication details (WPA2 PSK, WPA 802.1X, WPA, WEP, open)
    Data collected for Bluetooth Low Energy (BLE) clients:
    • IP address, MAC address, model, and name of the access point with which the BLE client is currently associated
    • MAC address of the BLE device
    • Vendor of the BLE device
    • Bluetooth type (BLE)
    • BLE device type (for example, BLE Beacon, BT-Discovery, or BT-Link)
    • Hardware type of the BLE device
    • Firmware version running on the BLE device
    • Duration of the current connection
    The Device Details page only shows fields for which it has data. If an Aruba WLAN controller provides partial data for a Wi-Fi or BLE device, then Device Security shows the data it received and hides the fields for which it wasn't sent anything.
    For Aruba WLAN controllers to discover BLE devices, the BLE Operation Mode in the AP system profile must be set for Beaconing.
    Device Security also works with Cortex XSOAR to fetch the following information from Aruba Central about switches on the network:
    • Switch MAC address, IP address, and hostname
    • Switch type, model, and firmware version
    Device Security and Cortex XSOAR also fetch the serial number of wireless access points from Aruba Central.
    Integrating with Aruba WLAN controllers requires either a full-featured Cortex XSOAR server or the purchase and activation of an Device Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic plan includes a license for three integration add-ons, one of which can be used for this. The advanced plan includes a license for all supported third-party integrations.

    © 2025 Palo Alto Networks, Inc. All rights reserved.