Also a couple of things that are easy take-aways
* they cite they are strong in government with all their government certifications.
- Their Common Criteria approvals expired in Feb 2015 and they have not, and are not, recertifying (at least they are not in process anywere I can find within a certified Common Criteria lab. Aruba is both current with Common Criteria AND is in process for our next releases. Aruba maintains constant government approvals as a mode of operation, NOT just for marketing purposes.
- They are in-process in Box 1 for FIPS (and have been for quite some time), but all of their other FIPS approvals are from 2011. Aruba has maintained FIPS approvals for every major release of code (often with 2 or more approved code levels) since our founding. Again, FIPS and government certifications are something we follow because our customers and their environments require it, NOT just for marketing.
- Everything on this page, Aruba meets or beats - http://www.airtightnetworks.com/home/federal/military.html . They are also woefully inadequte in high security environments, because since they are not FIPS and Common Criteria validated for WLAN Access, they can ONLY play as an overlay in high security environments where the evaluators overlook their lapse in certs or lack of timely filings. As such, they have no visibility into the actuall access side for classification, which means everything is truly rules-based and is not nearly as effective as the WLAN Access+WIPS deployments that Aruba maintains (we can see valid clients that have authenticated in our controller, can determine bad actors versus authorized clients that may be doing bad things, etc).
It's very hard to take a vendor who claims they are high security focused, and touts all their government certs, when those certs are 5+ years old and/or are expired entirely with no re-certifications on the horizon.
Any kind of blow by blow on capabilities will have to come much later, but as I said before, we don't run in to them very often mostly because of the above. they have old technology and don't seem to update it often.