Arista Networks, Inc. - Experts & Thought Leaders

Arista Networks, a pioneer in data-driven networking announced that its 720XP series of switches for campus deliver embedded security and packet analysis. By embedding NDR (Network Detection and Response) capabilities into the Arista EOS-based switches themselves, customers derive broader visibility and threat hunting across the modern cognitive campus. The secure infrastructure optimises existing human workflows and drives automated risk mitigation without the need to deploy additional and external network security products. Network infrastructure “As a highly respected network infrastructure provider, Arista is well-positioned to bake security into the core of the network. Bringing artificial intelligence techniques such as deep learning, belief propagation, and natural language processing to data captured directly off the switch has the potential to grossly simplify network security for customers,” said Dr. Edward Amoroso, Chief Executive Officer, TAG Cyber and Research Professor, New York University. “Being a former security practitioner myself, the ability to avoid the operational burdens of bolting security on is very appealing.” High fidelity NDR with Arista AVA AVA Sensors support a variety of form factors from stand-alone appliances and virtual to cloud workloads Powered by AVA™ (Autonomous Virtual Assist), this AI-driven function has two key components: AVA Sensors and the AVA Nucleus. AVA Sensors support a variety of form factors from stand-alone appliances and virtual to cloud workloads and now, within campus power over ethernet (PoE) switches. These sensors curate and transfer the “just right” deep-packet data to the AVA Nucleus, which is offered as both on-premises and SaaS. With a simple switch software upgrade and minimal impact on switch performance or reliability, the Arista NDR platform delivers:        Enhanced visibility: Identify mal-intent, profile, and track all users, apps, and devices whether managed desktops and workstations or unmanaged contractors, supply chain, cloud, and IoT workloads. Correlate these entities based on behavioural analysis to build an entity-centric view and declutter a security analyst’s threat hunting workflow. Real-time Situational Awareness: Understand the entire threat landscape and scope of any attack so that security analysts can make intelligent and risk-based decisions. AI-Driven Threat Detection: Automate threat detection and response on the network with a platform that identifies underlying attacker tactics, techniques, and procedures rather than just known indicators of compromise. Managed NDR: Leverage the power of the Arista NDR platform coupled with skilled resources from Awake Labs that bring decades of experience to enhance the customer’s 24x7 security operations, threat hunting, and incident response programs. Network security  Arista enables a built-in, secure network that reduces organisational risk by speeding up both time to detection and remediation" “Network security has been an ongoing challenge for most organisations due to hardware deployments and configuration changes needed at the network infrastructure level. While organisations acknowledge that the network presents a unique vantage point, security teams have been forced to trade off-network visibility and ongoing operational costs,” said Rahul Kashyap, Vice President and General Manager of Cybersecurity CISO at Arista Networks. “By building NDR capabilities into the switching infrastructure itself, Arista enables a built-in, secure network that reduces organisational risk by speeding up both time to detection and time to remediation.” NetFlow-based solutions Legacy NetFlow-based solutions are limited in their depth of visibility (port, IP address, and basic protocol information) and lack the context to identify modern devices or threats. In stark contrast, AVA Sensors analyse the full packet, including application layer data which sets the stage for automated and manual threat hunting. Innovations like this have led Arista NDR to be recognized as a leader in the KuppingerCole Network Detection & Response Leadership Compass 2021 Report. The platform also received the AI Breakthrough award for the Best AI-based Solution for CyberSecurity. AVA availability The new capabilities are expected to be generally available in Q2, 2022, with early trials in March 2022.

Arista’s partner ecosystem can leverage many benefits of this new telemetry solution Arista Networks announced next-generation telemetry and analytics capabilities designed for modern cloud networks. The new Arista EOS® (Extensible Operating System) and CloudVision® features provide customers with deep visibility into today’s network workloads, workflows, and workstreams on a network-wide basis, accelerating completion of day-to-day tasks and reducing operational costs. “The automated network operations in today’s cloud networks are dependent on both a highly programmable software infrastructure as well as deeper visibility into what the network is doing. Legacy approaches to visibility fall short of these cloud requirements,” said Ken Duda, CTO and Senior Vice President, Software Engineering for Arista Networks. “The Arista state-streaming approach provides an open framework with unprecedented levels of completeness and granularity for network state information. Our CloudVision platform harnesses streamed network state to provide customers of all types with clearer real-time and historical visibility into their network.” State-based streaming approach to telemetry Arista EOS is a state-based software architecture built on a foundation called NetDB™ (Network Database). With NetDB, Arista EOS devices store all real-time state in one common database and then aggregate that state from all devices into a network-wide view. By collecting every state change on the network, Arista customers will have access to both real-time and historic views of the network in one place and at a level of granularity never before achievable. To leverage this rich network data, the CloudVision platform’s analytics engine provides telemetry visualisation for this network-wide state. This approach includes the following capabilities and benefits: Instantaneous event-driven streaming of every state change, providing a dramatic improvement in granularity compared to traditional polling models. Complete state visibility from all devices in the network, including configuration, counters, errors, statistics, tables, environmentals, buffer utilisation, flow data, and much more. CloudVision Analytics Engine for storing state history and performing trend analysis, event correlation, and automated alerts. The basis for both real-time monitoring and historical forensic event investigation. New Telemetry Apps for the CloudVision Portal, including the Workstream Analytics Viewer, providing simplified visualisation of network-wide state for faster time to resolution. An open framework, built on standard RESTful APIs as well as OpenConfig-based infrastructure, providing a point for integration into a variety of partner solutions and customer-specific infrastructure. Expansion of existing EOS Telemetry Tracer capabilities across device, topology, virtual machine, container, and application components. Arista partner ecosystem benefits Arista’s partner ecosystem can leverage many benefits of this new telemetry solution. With real-time state streaming, Arista partner solutions receive more granular data compared to the traditional polling mechanisms. This provides deeper integration and ultimately, more visibility into the network for the partner’s solution. With access to the network-wide state through common API’s at multiple integration points, Arista’s partners can access the network state either streamed directly from the devices or from the central state repository within CloudVision. Arista’s CloudVision Telemetry solution is endorsed by Hewlett Packard Enterprise, SAP, Veriflow and VMware. Arista EOS availability across networks Arista EOS supports a wide variety of telemetry-focused capabilities for network visibility. The latest additions to the Arista Telemetry solution will be available as follows: EOS NetDB Streaming is available in EOS today. CloudVision Telemetry will be available in Q4, 2016. Ecosystem integration with Arista Telemetry is available on a partner-by-partner basis.

Arista Networks recently announced the Arista 7500R Series, a switching and routing platform for cloud service provider and for next generation enterprise data centres. Arista’s Universal Spine architecture drives scale and agile workload mobility across public, private and hybrid clouds. “The Arista 7500R allows Netflix to provide the ultimate user experience while keeping costs in check. Arista's continuous innovation has resulted in novel CDN (Content Delivery Network) architectures, offering breakthrough price/performance at 10x more bandwidth at 1/10th the price of a traditional router,” said Dave Temkin, Vice President of Global Networks at Netflix. Industry’s first switch & router combination for cloud networking The Arista 7500R Series builds upon the very successful Arista’s 7500E Series and provides unprecedented 100GbE density and large table sizes in a single chassis with appropriate investment protection. Key attributes of the modular form factor are: 1. Chassis Fabric capacity of up to 115 Tbps 2. Up to 432 wirespeed 100GbE ports in a choice of three form factors 3. 288 Gigabytes of deep and smart packet memory for reliable packet transfers Virtual Output Queues (VoQ) for lossless forwarding 4. Agile port speeds of 1/10/25/40/50/100GbE 5. FlexRoute™ technology delivers up to 1 Million wire speed routes with MPLS (Multiprotocol Label Switching), Segment Routing and EVPN (Ethernet Virtual Private Network) protocol support 6. Programmable traffic engineering with up to 128,000 MPLS, GRE (Generic Routing Encapsulation), VXLAN (Virtual Extensible Local Area Network) and IP-in-IP tunnels 7. Support for NEBS (Network Equipment Building System) compliance for Service Provider deployments 8. Mix and Match across the wide selection of 7500E and 7500R series line-card options. 9. A choice of three new wire speed 7500R Series line cards: 36 x 100GbE QSFP - choice of 10/25/40/50/100GbE 36 x 40GbE with flexible combinations of 10GbE and up to 6 ports of 100GbE 48 x 10GbE SFP+ and 2 x 100G QSFP “The 7500R is the highest performance switching and routing platform that supports the full Internet routing table, enabling a Universal Spine in cloud-scale networks,” said Andreas Bechtolsheim, Arista’s Chairman and Chief Development Officer. New Spine subsumes core functions With the introduction of scalable two-tier active Leaf-Spine and single tier Spline options, Arista cloud network designs allow resilient and highly available access between applications inside a data centre. With evolving traffic patterns, the traditional core routing layer can now be replaced with an Arista 7500R series-based spine for rapid re-convergence and network-wide resilience between data centres and to the Internet. The Arista 7500R Series supports familiar MPLS functions allowing up to 13-labels deep packet lookup for programmatic control across the largest networks. Along with the state oriented architecture of Arista’s Network–wide Database NetDB and SDK, Arista EOS (Extensible Operating System) users can customise their own preferred path across the largest networks in the world, instead of relying on best-effort forwarding on the Internet. Support for newer protocols including Segment Routing and EVPN allows for transitions to new-age traffic engineered networks without the overhead of legacy stacks. The Arista 7500R Series challenges legacy network designs based on Places In the Network (PINs) silos for core, branch, data centre and edge routing. It consolidates functions across the PINs with mega-scale universal spine while enhancing storage networks and edge router topologies.