Software Defined Networking (SDN)

MVP Expert

SDN Network Protector; user points to remote IP host instead

Post from:




As I saw in the HP SDN Network Protector info, it would get DNS traffic by using OpenFlow switch. OpenFlow switch like 2920 can send a user entering a web site(DNS info) to Protector and examines it.


If some smart users enter a remote malicious website by using IP address instead, does Network Protector still examine for those users for that site?   



Sean Rynearson
Smart Spaces TME
Phone: 706.972.1520
Twitter: @srynearson
Airheads: @srynearson
Aruba Employee

Re: SDN Network Protector; user points to remote IP host instead

You are correct that Network Protector cannot automatically filter on every individual IP session and protects using DNS information.  Today, we would expect that the Firewall/IPS would catch this malicious behavior you've described.  (Manual IP Address filtering can be added using the ACL Manager feature)


Network Protector is designed to augment the Firewall/IPS and provide additional filtering and mitigation at the client access edge of the network.  This significantly reduces the amount of malicious traffic that reaches the Firewall/IPS at the Internet edge.

Scott Koster | Product Line Manager, Campus Switching Software
Aruba, a Hewlett Packard Enterprise Company
Search Airheads
Showing results for 
Search instead for 
Did you mean: