무선 네트워크를 사용하여 학습, 예측, 보호 및 진행하는 Arista의 CloudVision CUE™ 솔루션에서는 무선 환경을 최적화합니다. CloudVision CUE에서는 클라우드, 빅데이터 분석 및 자동화를 활용하여 인텔리전스, 속도 및 정확도로 네트워크 관리 기능을 강화합니다. 근본 원인 분석 및 사전 예방식 문제 해결 옵션을 통해 CloudVision CUE에서는 평균 문제 해결 시간을 줄이므로 네트워크 문제 해결 작업을 최소화할 수 있습니다.

 

주요 비디오: Arista Networks CloudVision CUE

Centralized Management with CloudVision CUE

Wi-Fi access points are centrally managed without the need for additional hardware appliances. Access points directly connect to CloudVision CUE, Arista’s centralized cloud management solution for wireless access points, that offers seamless scalability as your network expands.

CloudVision CUE is at the core of Arista’s cloud-native approach to enterprise Wi-Fi networks. It enables centralized management of wireless access points (APs) simplifying policy management and provisioning of Wi-Fi networks. At the network edge, APs are equipped with distributed algorithms to handle control plane functions locally. This decoupling of management and control planes, along with a flexible data plane that allows wireless access points to provide customizable traffic redirection at the network's edge, results in a more robust network, without single points of failure. Coupled with zero-touch provisioning, CloudVision CUE enables seamless scaling of the network from a few to 100,000s of APs.

Virtually unlimited and elastic availability of storage and compute resources eliminates artificial boundaries inherent in controller-based WLAN architectures. Many innovative and previously unforeseen applications in big data analytics, machine learning and cognitive computing are now possible with Arista Wi-Fi.

Cognitive Management Plane

The Arista Wi-Fi cognitive management plane simplifies configuration and troubleshooting while delivering rich telemetry information to network administrators. Arista leverages the power of the cloud and the massive data sets available across the user base to continuously perform supervised and unsupervised learning to apply AI concepts. Inference models are created to arrive quickly at the root cause of any poor experience and proactively provides this information along with suggested remediation to provide the smallest mean time to resolution.

Key Wi-Fi Features

Network Baselining Baselines network behavior and automatically detects and highlights anomalies, using ML algorithms.
Root Cause Analysis Engine Automatically detects and classifies Wi-Fi clients’ connection failures and pinpoints the root cause in real-time.
Single Client Inferencing Identifies clients facing poor QoE, based on RF, network and application KPIs and performs root cause analysis as well as providing remediation recommendations for specific clients.
Automatic Packet Capture Proactively captures packet traces to help diagnose problems; traces are stored alongside related failures or symptoms to simplify troubleshooting later.
Client Emulation and Network Profiling Takes advantage of the multi-function radio, present in most Arista Wi-Fi APs, turning it into a client to run a wide variety of tests and proactively identify problems before users do.

The Cognitive Management Plane is driven by Arista’s NetDB, a state-based, cloud-hosted, network-wide database that collects real-time data streamed from wired and wireless devices for cognitive analytics. CloudVision CUE’s capabilities can be extended further by integration with 3rd party applications using OpenConfig via Webhooks and Arista’s ReST API framework.

Wireless Intrusion Prevention

With a multi-function radio acting as a wireless intrusion prevention (WIPS) sensor, wireless threats are detected and blocked almost instantly in your network. CloudVision CUE works with the APs, which are powered by patented techniques such as Marker PacketsTM, to enable surgical over-the-air intrusion prevention, automatically and accurately creating alerts and automatically classifying wireless threats. CloudVision CUE uses behavior based detection of threats; rather than a signature based approach; to enable zero day protection without chasing exploits, tools and their signatures.
Learn More >

Secure Client Access

Arista Guardian for Network Identity or AGNI connects the network, users, and devices across remote and geographically dispersed locations. Based on Arista’s flagship CloudVision, the new AGNI platform brings a revolutionary improvement to scalability, simplicity, and security across users, their associated endpoints, and IoT devices.
Learn More >

Additionally, CloudVision CUE supports flexible end user access management in enterprise Wi-Fi networks by enabling seamless integration with leading identity management solutions such as Aruba ClearPass, ForeScout NAC, Cisco ISE etc. Arista Guest Manager provides multiple ways for guest access in the enterprise including Guestbook, vouchers, OTP-based etc.

Let us show you the benefits of centralized management with CloudVision CUE.
Contact Us >

Get a Free Arista Access Point

Join our webinar to learn how Arista Wi-Fi provides reliable wireless connectivity, automatically optimizes connections as network conditions change and delivers actionable intelligence directly to network administrators for a chance to get a free access point. *Free AP offer is only available in the US and Canada and the recipient must meet the Terms & Conditions to qualify.

Get A Free AP >

 

 

Arista offers a broad range of indoor and outdoor access points including the latest in wireless technology, Wi-Fi 7, providing reliable and high performing wireless connectivity for users.

Advanced access point features include:

  • Zero-touch deployment for plug and play provisioning that takes less than two minutes to activate and configure an access point after connecting to the cloud.
  • Multifunction radios to provide critical functions to monitor, manage and protect the network. CloudVision CUE optimizes and protects the network by leveraging continuously monitored data sources using multifunction radios including client locationing information, packet capture analysis, client simulation/network assurance testing, RRM scanning, rogue access point detection, and spectrum analysis.
  • Advanced network protection with built-in Arista WIPS technology provides the highest security on the wireless and wired network.

Wi-Fi 7 Access Points

Embrace the newest Wi-Fi technology available with the Arista Wi-Fi 7 access points. Wi-Fi 7 builds on top of the 6 GHz spectrum that was made available with Wi-Fi 6E, and previous generation standards including Wi-Fi 6, to make Wi-Fi more efficient & reliable, while providing higher bandwidth and lower latency. Arista’s Wi-Fi 7 enterprise grade access points feature concurrent 6GHz, 5GHz and 2.4GHz 4 stream 802.11be operation, integrated IoT support, and integrated GNSS radio for location based applications. The multi-function, tri-band radio provides security, network assurance and AI/ML driven troubleshooting.
Explore Wi-Fi 7 Access Points

Wi-Fi 6E Access Points

Arista Wi-Fi 6E access points provide maximized wireless performance for high bandwidth, ultra low-latency applications and IoT connectivity. Wi-Fi 6E access points are designed for immediate and future worldwide operation with investment protection.
Explore Wi-Fi 6E Access Points

Wi-Fi 6 Access Points

All Arista Wi-Fi Access Points support WIPS functionality, either via the multi-function radio or with background scan enabled on the access radios. Wi-Fi 6 is ideal for critical, high-density networks serving a high volume of diverse clients and applications. Common deployment scenarios include large schools, large remote offices, auditoriums, meeting rooms, and enterprise campuses. A variety of access points for indoor or outdoor use is available.
Explore Wi-Fi 6 Access Points

Legacy Access Points

Get a Free Arista Access Point

Join our webinar to learn how Arista Wi-Fi provides reliable wireless connectivity, automatically optimizes connections as network conditions change and delivers actionable intelligence directly to network administrators for a chance to get a free access point. *Free AP offer is only available in the US and Canada and the recipient must meet the Terms & Conditions to qualify.

Get A Free AP >

There are a number of wireless threat vectors that network managers need to defend against. One of the more common types of threats to WLANs is from rogue APs. An analysis of Wireless Intrusion Prevention Systems (WIPS) that are available today reveals that many require a high level of administration and often provide less-than-trustworthy rogue AP detection. Organizations that depend on these less capable systems often have a false sense of security as their networks are in fact vulnerable to breaches via rogue APs. Less capable WIPS are also prone to raising false alarms, which can lead administrators to ignore alerts or turn notifications off altogether, leaving their organizations unprotected. In contrast to competing WIPS offerings, the industry leading solution from Arista Networks requires a minimal amount of management overhead while providing reliable rogue AP detection and prevention.

Rogue Access Points

Rogue APs can be defined as any unauthorized AP that is connected to an authorized network. Rogue APs can appear on the enterprise network either due to naïve acts of employees or due to malicious attempts by insiders. Rogue APs are a serious threat to enterprise networks as they allow unauthorized wireless access to the private network and data, as shown in the diagram below.

Rogue Access Points

Rogue AP detection approaches

A naïve way to detect rogue APs in the LAN is to declare every AP seen in the air that does not belong to the list of authorized APs as rogue. In fact, many WIPS available in the market will actually follow this approach, by default. Such an approach has the following disadvantages:

  • False alarms: A security alert would be raised even if the non-authorized AP seen in the air but not actually connected to the monitored wired network and as such it does not pose any security threat
  • Manual intervention:The system administrator has to manually examine the non-authorized APs visible in the air to decide which of them are actual rogue APs and which of them are external APs (i.e. neighbor APs).
  • No automatic instantaneous prevention: Since it is highly undesirable to block neighbors' APs accidentally or indiscriminately, instantaneous and automatic blocking of rogue APs is not possible with such an approach.

Arista Approach

Using Arista's patented Marker Packet™ techniques, Arista Wireless Intrusion Prevention System (WIPS) automatically and quickly classifies wireless devices detected in the airspace as Authorized, Rogue and External. As a result, security administrators do not need to manually inspect devices or define complex rules to identify rogue wireless devices. This is better than the error-prone device classification integrated into most other WLAN solutions, which relies on slow and inconclusive CAM table lookups and MAC correlation, signatures, or passive wired network sniffing.

Arista WIPS focuses on the primary threat vectors and vulnerabilities that form the building blocks for all known and emerging Wi-Fi hacking attacks and tools. It offers comprehensive protection from all types of wireless threats, including Rogue APs, Soft APs, Honeypots, Wi-Fi DoS, Ad-hoc networks, Client misassociation, and Mobile hotspots.

Arista Approach

Highlighted capabilities

  1. Automatically detects, blocks and locates all types of wireless threats
  2. Patented Marker Packet&trade techniques eliminate false alarms in 'on wire' Rogue AP detection
  3. Secure BYOD policy enforcement
  4. Off-line sensor mode for fault tolerant continuous policy enforcement
  5. Detects and locates 'non Wi-Fi' interference & RF jamming
  6. Remote troubleshooting including remote 'live packet capture'
  7. Management options include virtual server or cloud

Hardware Data Sheets

Software and Services Data Sheets

Guides and FAQs

White Papers and Application Notes

Wireless Intrusion Prevention System (WIPS)