HPE Aruba Networking has rolled out the next generation of its flagship high-performance data center switch and a new family of campus networking gear aimed at helping customers better support and secure AI- and digital-driven workloads across the enterprise.
The vendor’s newest CX 10040 switch, which it refers to as a distributed services or smart switch, doubles the scale and performance of the current box and features 8 Tbps of non-blocking switching capacity as well as 1.6 Tbps of L4 stateful traffic inspection for security applications including firewall, DDoS, encryption, network address translation and network segmentation.
“The CX 10000 platform collapses networking silos, integrates advanced security deep into the fabric, and offers a new level of real-time visibility into east-west and north-south traffic,” said John Gray, data center networking solutions leader at HPE Aruba Networking. “Organizations can now orchestrate, protect, and scale their networks with greater agility, transforming infrastructure from a static cost center into a dynamic, strategic advantage.”
First introduced in 2022, the CX 10000 is typically positioned as a 10/25Gbps Ethernet top-of-rack, L2/3 data-center box with an integrated programmable data processing unit (DPU) originally developed by Pensando, which is now part of AMD. The DPU eliminates the need for separate appliances to handle low latency traffic, security and load balancing, for example.
The DPU can support software-defined cloud, compute, networking, storage and security services that run in combination with Aruba’s AOS-CX network operating system. That combination can provide wire-rate routing and switching, network telemetry, automation and security that can be applied to widely distributed workloads.
CX 10040: A growing enterprise networking role
The new, more powerful CX 10040 is a 2U device that supports 100/400Gb Ethernet and includes four DPUs. It is still positioned as a top-of-rack switch featuring intelligent automation, near line-rate security, and deep telemetry features, but its role can be expanded. For example, as enterprises and service providers adopt hybrid and multi-cloud strategies, secure, high-performance interconnectivity becomes essential, according to Gray. The new switch can function as a border leaf or DCI node, delivering embedded encryption, precision time synchronization, and policy enforcement at scale. This enables secure data transport across clouds, campuses, and edge locations without compromising performance.
And in large-scale enterprise environments embracing collapsed-core designs, the switch acts as a high-performance aggregation layer. It consolidates services, simplifies network architecture, and enforces security policies natively, reducing complexity and operational cost, Gray said. In addition, the switch offers the agility and security required at colocation facilities and edge sites. Its integrated Layer 4 stateful security and automation-ready platform enable rapid deployment while maintaining robust control and visibility over distributed infrastructure, Gray said.
The CX 10040 significantly expands the capacity it can provide and the roles it can serve for enterprise customers, according to one industry analyst.
“From the enterprise side, this expands on the feature set and capabilities of the original 10000, giving customers the ability to run additional services directly in the network,” said Alan Weckel, co-founder and analyst with The 650 Group. “It helps drive a lower TCO and provide a more secure network.”
Aimed as a VMware alternative
Grey noted that HPE Aruba is combining its recently announced Morpheus VM Essentials plug-in package, which offers a hypervisor-based package aimed at hybrid cloud virtualization environments, with the CX 10040 to deliver a meaningful alternative to Broadcom’s VMware package.
“If customers want to get out of the business of having to buy VM cloud or Cloud Foundation stuff and all of that, they can replace the distributed firewall, microsegmentation and lots of the capabilities found in the old VMware NSX [networking software] and the CX 10k, and Morpheus can easily replace that functionality [such as VM orchestration, automation and policy management],” Gray said.
The 650 Group’s Weckel weighed in on the idea of the CX 10040 as a VMware alternative:
“I think enterprises will find this attractive as a way to reduce some of the burden of license fee increases that Broadcom has implemented,” Weckel said. “What I find interesting is that the original 10000 did very well and found strong adoption across security and edge gateway functions. With the 10040, it looks like we can also help customers collapse the core, move away from VMware, so the number of options in the platform continues to increase.”
Cisco recently rolled out its own AMD-based DPU switch, the N9300 Smart Switch series. And others, including Microsoft and IBM, make use of DPU technology to accelerate security policies and offload other applications so that the core switch can support AI workloads or cloud operations more efficiently.
HPE Aruba claims that it has a three-year lead on what Cisco is just now introducing.
“Cisco’s initial switch is not shipping yet, but they’ve publicly announced that it’s only going to be zone-based firewall, which, again, is sort of a ho-hum from from our perspective. It’s just sort of almost VLAN-based segmentation, whereas we do stateful Layer 4 firewall across the CX 10000 family,” Gray said. “We’ve shipped thousands of these distributed services switches and have a large third-party ecosystem of partners that support the CX 10000.”
Campus modernization, refresh
For campus environments, Aruba added four new CX 6300M Layer 3 enterprise access and aggregation switches. The 1U boxes support either 24 or 48 ports of 10/100/1000BASE-T Ethernet access and up to 4 ports of 1G/10G/25G/50G uplink speeds.
According to Gray, the new devices offer higher-speed networking speeds for IoT, in particular, but are also aimed at better supporting AI and other high-performance computing applications. The boxes include support for Aruba’s Virtual Stacking Framework (VSF) to stack up to 10 switches at a time depending on customer needs, Gray said.
In addition, the boxes include real-time monitoring and analytics, enabling proactive network management and rapid troubleshooting, Gray said. Support for network segmentation allows for automated policy enforcement across wired and wireless networks. By integrating with Aruba ClearPass, the 6300 series lets customers set enterprise-wide security policies to simplify user and device access, Gary said.
Add a little WiFi 7 for the enterprise, too
In addition to the new switches, HPE Aruba also rolled out a new family of Wi-Fi 7 access points. The new Aruba Networking 720 and 740 Series and indoor/outdoor 760 Series include a new feature that lets customer set traffic priorities for the real-time computing needs of AI and cloud-delivered applications, according to the vendor.
The 740 Campus Access Series features three 2×2 MIMO radios provide triband coverage across 2.4 GHz, 5 GHz, and 6 GHz to deliver up to 4.7 Gbps maximum aggregate data rate, ideal for dense user environments and support 2.5 Gbps Ethernet connectivity for data transfer speeds. The access points also support integrated IoT radio for BLE or 802.15.4/Zigbee operation, supporting a range of IoT devices.
The 760 Series Outdoor Access Points include tri-band coverage with dual radios to provide up 5.8 Gbps aggregate data rate supporting high-density deployments and a 5GBE port for wired connectivity needs.
Source:: Network World