If you run current versions of Aruba OS on the according switch families, meaning the ProCurve legacy switches by Aruba aka Hewlett-Packard Enterprise, you may notice some strange behavior on you firewall. Although I can not state “since when” that is the case, our next generation firewall noticed exactly that.
Annoyingly this feature is enabled by default and as always with defaults with Aruba OS this activated silently some time ago with an update and is not shown in the running configuration. I presume this is there since the ProCurve based systems had been integrated into Aruba’s zero touch provisioning universe.
That is intended to ensure easy support and latest firmware on the switch, something I strictly encourage. On top the zero touch provisioning is sure a desireable feature for smaller or heavily geographically distributed organizations.
But on the downside, in the environments I am responsible for I want to keep track of that myself. Even more I want to know which information is provided externally.
But there is help.
Since this is delivered by Aruba central, simply disable the Aruba central link and the according update and provisioning features:
aruba-central disable activate software-update disable activate provision disable
I noticed recently that there is an option to install and operate an Aruba central instance self maintained on premise – so you may use this and redirect the “call home” to your environment, but this is a topic for a later post.