アリスタネットワークスのキャンパス向けコグニティブ・クラウド・ネットワーキングは、従来のソリューションのサイロ化された複雑性に匹敵するキャンパス・ネットワークの課題に簡単に対処するためのアプローチを採用しています。最新のクラウド・データセンターを構築するために使用されているのと同じオープン・クラウド・ネットワーキングの原則に基づき、アリスタのコグニティブ・クラウド・ネットワーキングはEOS®とCloudVision®を活用して、ユニバーサル・クラウド・ネットワーク(UCN)アーキテクチャをキャンパスに拡張します。一貫したソフトウェア主導型のアプローチを活用することで、複雑さが軽減され、信頼性とパフォーマンスが向上し、自動化、モニタリング、およびセキュリティが合理化されます。
アリスタスのキャンパス向けコグニティブ・クラウド・ネットワーキングは、次の3つの原則に基づいています。
ユニバーサル・クラウド・ネットワーク - 旧来のベンダーの不安定な独自ソリューションに代わるものとして提供されたArista UCNは、ソフトウェア主導型の制御原則に焦点を合わせたオープンな標準ベースの設計になっています。アリスタのフラットなSpline™アプローチは、従来のキャンパス・コアおよびアグリゲーション・レイヤを、高可用性を持つ単純な単一の層に統合します。
コグニティブ管理プレーン - 管理プレーンの一貫性には深刻な欠如があり、キャンパス内ではデータセンターと同様にデータ主導型の分析が必要です。アリスタでは、共通のモデルを両方に適用して、お客様の運用コストを節約できると考えています。アリスタのCloudVisionに基づくコグニティブ管理プレーンは、ネットワーク分析全体にわたる自動化されたアクションのためのデータ主導型リポジトリです。
キャンパスのセキュリティ確保 - キャンパス・スプラインのセキュリティを保護するには、ネットワーク・セグメンテーションやデバイスのコンプライアンスと監査のほか、アリスタのセキュリティ・パートナーとのサービス統合に対する包括的なアプローチが必要です。アリスタは、EOSとCloudVisionを通じてこれらの機能を提供します。
Arista Cognitive Unified Edge (CUE)
Commercial Business requirements are driving accelerated adoption of cloud based applications; this requires a highly adaptive networking edge, that is secure, mobile, compliant and ubiquitous whether in the office, working remote, or onboarding a myriad of IoT devices. Just as Data Centers have moved from rigid, highly structured infrastructures, to agile on demand infrastructures as a service, so has the need for Campus networks to move to Edge as a Service. Arista’s Cognitive Unified Edge (CUE) enables this market transition by encompassing a comprehensive portfolio of services that leverages Arista’s EOS Network Data Lake and advanced AI capabilities optimized for commercial and mid market customers to deliver an integrated management platform with built-in automation, visibility and security for wireless, wired and WAN network infrastructure.
Featured Video: Introducing Arista Cognitive Unified Edge
CUE- The Next Evolution in Edge Communications
The next technology evolution in commercial campus networks whether small branches or large headquarter buildings stretches well beyond bandwidth capacity upgrades. Hardware is easily keeping pace with bandwidth needs, driven by Moore’s productivity law where high volume commodity chip technologies are quadrupling bandwidth speeds every 2-3 years.
Of bigger importance is designing these networks where they can be easily deployed, maintained, secured, and amortized especially as the number of services these networks offer continue to expand. Customers must look beyond gigabits per second, and the latest Wi-Fi access points offerings when choosing their edge networking solutions. They must take a cloud centric networking approach where many of the design principles that have transformed data centers to cloud infrastructures are similarly leveraged. At a high level this cloud centric approach views infrastructure as a combined set of services, where business outcomes are more easily mapped to a set of integrated IT technologies.
Automation, artificial data intelligence, pro-active remediation, advanced telemetry, virtualization, segmentation, video broadcasting, and simplified topology designs are just several of the technologies that embody a cloud centric network. All of these technologies are directly applicable to campus networks. The combination of these technologies, working together as a solution rich with a number of services, is what Arista defines as the Cognitive Unified Edge (CUE) and has many use cases from single site deployments to distributed branch and cloud:
CUE Hardware Portfolio
CUE Use Cases
To overcome the new security challenges and the explosion of clients in today’s perimeter-less enterprise networks, Arista delivers a novel AI-driven network Identity service, Arista Guardian for Network Identity or AGNI to connect the network, users, and devices across remote and geographically dispersed locations. Based on Arista’s flagship CloudVision, the new AGNI platform brings a revolutionary improvement to scale, simplicity, and security across users, their associated endpoints, and IoT devices.
Featured Video: Introducing Arista Guardian For Network Identity
CloudVision AGNI embraces modern design principles, Cloud native microservices architecture, and Machine Learning / Artificial Intelligence (ML/AI) technologies to significantly simplify administrative tasks and reduce complexities. It offers a comprehensive range of features to meet the requirements of modern networks.
CloudVision AGNI provides simple self-service onboarding using single sign-on (SSO) for wireless unique pre-shared keys and dot1x digital certificates, complete certificate life cycle management with cloud-native PKI infrastructure, authorization and segmentation, behavioral profiling, and visibility of all connected devices. AGNI integrates with all the leading Identity Providers including Okta, Google Workspace, Microsoft Azure, OneLogin, and Ping Identity. Devices are discovered, profiled, and classified into groups for single-pane-of-glass visibility and control.
CloudVision AGNI integrates with network infrastructure devices (wired switches and wireless access points) through a highly secure TLS-based RadSec tunnel. The highly secure and encrypted tunnel offers complete protection to the communications that happen in a distributed network environment. This mechanism offers much greater security to AAA workflows when compared with traditional RADIUS environment workflows, which are not encrypted. AGNI integrates with Arista products to enable the exchange of important user and client context, secure group segmentation (MSS-G), and authentication telemetry data. Additionally, AGNI can fetch consumer advanced profiling, posture, and network inventory data to provide comprehensive policy management and insights into network security. The platform’s API-first approach enables seamless integration with third-party solutions, allowing for the exchange of user and client context, authentication telemetry, and endpoint protection status. AGNI offers Arista’s Unique PSK (UPSK) solutions to enable secure authentication mechanisms for BYOD, IoT/IoMT, and gaming devices. AGNI extends its feature set to accommodate a wide range of client devices with its support for Captive Portal and MBA authentications.
AGNI integrates with Arista NDR and other third-party XDR and EDR solutions for post-admission control functionality.
Arista CUE for Distributed Enterprises
Connect and Secure Branch Offices
The way we work is evolving. Enterprises have adapted to new cloud-based technologies and applications that have increased employee efficiency and provided a scalable pathway to continued business growth. Work teams, now composed of employees working in headquarter offices, remotely or in branch offices have become spread across increasingly large distances with a growing number of branch offices. While these distributed enterprises realize a range of important benefits in this transformative era, managing these dispersed networks and their connected devices can bring new challenges of cost, complexity, and control. Network administrators cannot be in all locations at once, however at any time they could be required to provide network expertise to adjust network configurations or resolve issues to maintain the network.
Arista’s Cognitive Unified Edge (CUE) helps distributed enterprises optimize their networks with centralized management, while also safeguarding their data and devices. CUE redefines enterprise networks with enhanced management, security, connectivity, flexible PoE switching, and Wi-Fi 6/6E offerings that work together seamlessly to ensure connectivity, protection, monitoring, and control across the entire network from headquarters to the network edge.
CUE Benefits
Remote management - centralized cloud-based management makes it easy to deploy, configure and manage on-premises, cloud-hosted and remote office appliances from any browser. Centralized management streamlines configuration of intelligent traffic routing between headquarters, branch offices and the cloud. Alerting, reporting, and policy management across sites has never been easier.
Business reliability and continuity - ensure secure connectivity to business-critical, cloud-hosted applications like accounting and CRM systems, as well as internal network resources. Sites with less reliable Internet service can leverage LTE for backup connectivity. Access points provide full functionality even when access to the cloud is not available. When an AP detects the loss of connectivity to the cloud, it continues operating normally which gives unmatched network uptime.
Optimize connectivity - comprehensive VPN options that work seamlessly with complete bandwidth shaping and optimization, and WAN balancing and WAN failover for locations with multiple WAN connections.
Right size form factor - efficiently connect smaller sites or sites with Internet Service Provider bandwidth limitations. Easily scale as the number of users at locations increase and as more locations are brought online.
Protect the growing attack surface - Broad endpoint device coverage, including IoT device protection and automatic detection and blocking of wireless threats.
Flexible deployment - Layer products into an existing network, with standards based interoperability and many physical and software appliances to service locations with just a few users to locations with hundreds of users.
Arista believes that all students deserve equal and affordable access to the Internet, especially within underprivileged school communities. As a such, Arista is actively participating in the US FCC funded E-rate program, where their enterprise class wired and wireless category-2 products meet service provider and eligibility guidelines set forth by USAC (the FCC governing body).
Most notably, Arista PoE switches, Wi-Fi access points lower the total cost of ownership over the three and five year project periods, based upon superior software features, including Arista’s highly reliable network extensible operating system (EOS®) and their multi-functional CloudVision® operations management platform. Further these wired and wireless products leverage Arista’s patented cognitive distributed control plan. This greatly improves uptime, and facilitates hitless upgrading. Students benefit as they are always connected while attending school.
For more information about these category-2 broadband products please reference the following:
- .Jayshree Ullal's Blog: Unveiling Cognitive Campus Networking
- .Ken Duda's Blog: CloudVision: A Cognitive Management Plane
CUE Literature
- .CloudVision CUE White Paper
- .CloudVision CUE Datasheet
- .CloudVision CUE Brochure
- .CUE Solution Guide
- .Edge Threat Management Datasheet
- .710P Datasheet
- .AP Product Portfolio
- .HIPAA Compliance for Remote Employees Guide
FAQs
Case Studies
- .TAO Case Study
- .Merseyrail Case Study
- .Walsh University Case Study
- .Noodles Company Case Study
- .EPB Case Study
- .UAX Case Study
- .Fireman Hospitality Group Case Study
- .JCT600 Case Study
White Papers
- .Cognitive Campus White Paper
- .Introduction to Cognitive PoE
- .The Cognitive Campus Architecture White Paper
- .Arista WIPS and the Marker Packet White Paper
- .Arista WIPS White Paper
- .Security of the Arista Wi-Fi Cloud White Paper
- .Migrating Your Controller-based WLAN to Arista Cognitive Wi-Fi White Paper
- .The Network as the IT Backbone within Healthcare White Paper
Solution Briefs
- .Arista-Medigate Securing Your Connected Care Devices Solution Guide
- .Primary Network Considerations within Healthcare Organizations Solution Brief
- .Arista Cognitive Wi-Fi Solution Brief
- .Arista Guest Wi-Fi Solution Brief
- .E-Rate Quick Solution Guide
- .Modernizing Higher Education Network Infrastructures
- .Wi-Fi 6E WLAN Deployment Findings & Recommendations
- .Accessing IT Resources Securely, with Single Sign On