IoT Security Integration Guide
  • IoT Security Integration Guide
  • IoT Security Documentation
  • All Documentation
>
Integrate IoT Security with Aruba WLAN Controllers
Focus
Download PDF
Focus
  1. Home
  2. IoT Security
  3. Wireless Network Controllers
  4. Integrate IoT Security with Aruba WLAN Controllers
Download PDF
IoT Security

Integrate IoT Security with Aruba WLAN Controllers

Table of Contents

Integrate IoT Security with Aruba WLAN Controllers

Integrate IoT Security through Cortex XSOAR with Aruba WLAN controllers.
Where Can I Use This?What Do I Need?
  • IoT Security (Managed by IoT Security)
  • IoT Security subscription for an advanced IoT Security product (Enterprise Plus, Industrial OT, or Medical)
One of the following Cortex XSOAR setups:
  • An IoT Security Third-party Integration Add-on license that includes a cohosted, limited-featured Cortex XSOAR instance
    AND
    A Cortex XSOAR Engine (on-premises integration)
  • A full-featured Cortex XSOAR server
When you integrate IoT Security with Aruba wireless LAN controllers, Cortex XSOAR uses XSOAR engines to gather data from WLAN controllers about wireless access points and their clients. The data is then shown on the Devices page and Device Details pages in the IoT Security portal.
XSOAR engines make an HTTPS connection to the API of each controller they’re configured to connect to and query them for data about access points and their wireless clients. The XSOAR engines report the collected data over HTTPS to Cortex XSOAR, which forwards it to the IoT Security cloud. You can see the following types of data that Aruba WLAN controllers collect for wireless clients on the Devices and Device Details pages in the IoT Security portal.
Data collected for IEEE 802.11 wireless clients (Wi-Fi clients):
  • Access point with which the wireless client is currently associated and the length of its connection
  • SSID through which the client is associated with the access point
  • Signal-to-noise ratio (SNR)
  • Radio signal strength indicator (RSSI)
  • Radio band (2.4 GHz or 5 GHz)
  • IEEE standard (802.11a/b/g/n/ac/ax)
  • Authentication details (WPA2 PSK, WPA 802.1X, WPA, WEP, open)
Data collected for Bluetooth Low Energy (BLE) clients:
  • IP address, MAC address, model, and name of the access point with which the BLE client is currently associated
  • MAC address of the BLE device
  • Vendor of the BLE device
  • Bluetooth type (BLE)
  • BLE device type (for example, BLE Beacon, BT-Discovery, or BT-Link)
  • Hardware type of the BLE device
  • Firmware version running on the BLE device
  • Duration of the current connection
The Device Details page only shows fields for which it has data. If an Aruba WLAN controller provides partial data for a Wi-Fi or BLE device, then IoT Security shows the data it received and hides the fields for which it wasn't sent anything.
For Aruba WLAN controllers to discover BLE devices, the BLE Operation Mode in the AP system profile must be set for Beaconing.
IoT Security also works with Cortex XSOAR to fetch the following information from Aruba Central about switches on the network:
  • Switch MAC address, IP address, and hostname
  • Switch type, model, and firmware version
IoT Security and Cortex XSOAR also fetch the serial number of wireless access points from Aruba Central.
Integrating with Aruba WLAN controllers requires either a full-featured Cortex XSOAR server or the purchase and activation of an IoT Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic plan includes a license for three integration add-ons, one of which can be used for this. The advanced plan includes a license for all supported third-party integrations.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.