Arista Launches Next Generation Multi-Domain Segmentation for Zero Trust Networking
Microsegmentation solution mitigates threats across east-west lateral networks
Enterprise-wide Zero Trust Requires Effective Microsegmentation
Today’s distributed IT infrastructure with work-from-anywhere, the explosion of IoT devices and multi-cloud applications has upended the traditional security perimeter and led to a dynamic and unpredictable attack surface. To improve their defensive posture, organizations have embarked on zero trust efforts that require granular control of both north-south and east-west communication paths. Firewalls are simply not optimized to protect against all lateral movement, which would require a proliferation of security appliances, soaring costs, and an explosion of complex rule sets that still fail to protect against lateral movement.
To address this challenge, the
Standards-based Network Microsegmentation
Arista MSS offers standards-based microsegmentation using existing network infrastructure while overcoming the challenges of existing solutions. MSS is network-agnostic and endpoint-independent. It avoids proprietary protocols and can thus seamlessly integrate into a multi-network vendor environment. The solution also does not require endpoint software, avoiding the portability limitations and operational complexity typical of agent-based microsegmentation solutions.
"We are very impressed with the potential of Arista's MSS microperimter segmentation technology,” said
Arista MSS combines three capabilities that enable organizations to build microperimeters around each digital asset they seek to protect, whether in the campus or the data center. Arista MSS enables:
- Stateless Wire-speed Enforcement in the Network: Arista EOSⓇ-based switches deliver a simple model for fine-grained, identity-aware microperimeter enforcement. This enforcement model is independent of endpoint type and identical across campus and data center environments, simplifying day two operations. Importantly, Arista MSS thus enables lateral segmentation that is often missing today and offloads the capability from firewalls that would have to be explicitly deployed for this purpose.
- Redirection to Stateful Firewalls: Arista MSS can seamlessly integrate with firewalls and cloud proxies from partners such as Palo Alto Networks and Zscaler for stateful network enforcement, especially for north-south and inter-zone traffic. MSS thus ensures the right traffic is sent to these critical security controls, allowing them to focus on L4-L7 stateful enforcement while avoiding unnecessary hairpinning of all other traffic.
- CloudVision for Microperimeter Management: Arista CloudVisionⓇ powered by NetDL™ provides deep real-time visibility into packets, flows, and endpoint identity. This, in turn, enables effective east-west lateral segmentation. In addition, MSS dashboards within CloudVision ease operator effort to manage the microperimeters. MSS extends Arista’s Ask AVA™ (Autonomous Virtual Assist) service to provide a chat-like interface for operators to navigate the dashboard data and query and filter policy violations.
“As a bank, we are committed to delivering comprehensive financial products and solutions, while putting customer's data and security as our top priority. Security is also embedded in one of our core architectural principles when designing our data center networks,” said
Zero Trust Ecosystem
Arista MSS seamlessly integrates with the broader Arista Zero Trust Networking solution, including Arista CloudVision, CV AGNITM and Arista NDR. It also integrates with industry-leading firewalls such as Palo Alto Networks, IT service management (ITSM) such as ServiceNow, and virtualization platforms such as VMware.
"Arista MSS has been a welcome addition to our zero trust strategy,” said
Availability
Arista MSS is in trials now, with general availability in Q3 2024.
Visit us at booth #6453 in the North Hall at the
About Arista
ARISTA, AGNI, AVA, CloudVision, MSS and NetDL are among the registered and unregistered trademarks of
View source version on businesswire.com: https://www.businesswire.com/news/home/20240430857259/en/
Media Contact
Corporate Communications
Tel: (408) 547-5798
amanda@arista.com
Investor Contact
Investor Relations
Tel: 408-547-5885
liz@arista.com
Source: