Arista Networks Unveils Zero Trust Networking Vision
November 2023 by Marc Jacob
Arista Networks announced an expanded zero trust networking architecture that uses the underlying network infrastructure to break down security silos, streamline workflows and enable an integrated zero trust program. Through a combination of Arista-developed technologies and strategic alliances with key partners, this approach uses the network to compensate for harder-to-implement zero trust controls across the domains of devices, workloads, identity, and data.
Enterprise networks today range from traditional campuses and data centers to IoT, work from anywhere, and cloud. Defending this distributed infrastructure requires a “microperimeter” around each critical digital asset. With this in mind, the United States Cybersecurity and Infrastructure Security Agency (CISA) laid out a Zero Trust Maturity Model with prescriptive guidance across five foundational pillars: Identity, Devices, Networks, Applications and Workloads, and Data.
Building Blocks of the Arista Zero Trust Architecture
The Arista zero trust architecture uses the underlying network infrastructure from switches to WAN routers to deliver key security capabilities while integrating seamlessly with the organization’s existing security program and tools. The key components of this integrated security solution are:
– Arista CloudVision AGNI greatly simplifies the secure onboarding and troubleshooting for users and devices, as well as ongoing posture analysis and network access control.
– Arista Macro Segmentation Service (MSS) enables the creation and enforcement of microperimeters through edge switches that can protect or isolate each asset without requiring the deployment of firewalls all across the enterprise network. Segmentation policies can be defined once in Arista CloudVision and enforced dynamically based on real-time network, application, device, or user identity information.
– Arista NDR autonomously discovers, profiles, and classifies every device, user, and application across the distributed network. Based on this deep understanding of the attack surface, the platform detects threats to and from these entities while providing the context necessary to respond rapidly.
– Arista natively supports encryption capabilities such as MACsec and Tunnelsec, enabling organizations to encrypt data to and from legacy applications and workloads without changing those systems but instead relying on the network to protect data from unauthorized access, interception, and tampering.
Powered by Arista NetDL and AVA AI Insights
Arista’s zero trust architecture is built on the foundations of a unified operating system in EOSⓇ and a common management plane in CloudVisionⓇ. The EOS Network Data Lake (NetDL™) provides a single source of network data ‘truth’ and a common sensor/collector architecture that enables forensics and analytics for threat hunting, network, and application observability, as well as network detection and response.
Arista Autonomous Virtual Assist (AVA™) utilizes machine learning and other artificial intelligence (AI) technologies to augment pervasive visibility, continuous threat detection, segmentation, and access control. Combined with distributed network-wide state and telemetry data and third-party integrations, AVA drives automation and extensibility to greatly reduce the manual operational burden of operating and securing networks.
Extending the Client to Cloud Ecosystem with Zscaler
The Arista zero trust architecture is designed to be open and API-friendly. This approach is focused on leveraging the underlying network to eliminate blindspots and silos while streamlining workflows across key security pillars that sit above the network stack. Partners within the Arista zero trust ecosystem include Microsoft, CrowdStrike, and our newest partner Zscaler. Arista is a member of the Microsoft Intelligent Security Association (MISA), having integrated with Microsoft’s security technology offerings.
The newly introduced integration with the Zscaler Zero Trust Exchange platform, the cloud-native platform that connects and secures users, workloads, and devices over any network and any location, brings critical domain and attacker infrastructure intelligence into Arista NDR. Additionally, this integration allows Zscaler Internet Access (ZIA) to block access from devices Arista identifies as compromised or domains or IP addresses Arista has discovered to be malicious.