News
Arista Integrates Threat Detection and Response into the Cognitive Campus
February 2022 by Marc Jacob
Arista Networks announced that its 720XP series of switches for campus deliver embedded security and packet analysis. By embedding NDR (Network Detection and Response) capabilities into the Arista EOS-based switches themselves, customers derive broader visibility and threat hunting across the modern cognitive campus. The secure infrastructure optimizes existing human workflows and drives automated risk mitigation without the need to deploy additional and external network security products.
Powered by AVA™ (Autonomous Virtual Assist), this AI-driven function has two key components: AVA Sensors and the AVA Nucleus. AVA Sensors support a variety of form factors from stand-alone appliances and virtual to cloud workloads and now, within campus power over ethernet (PoE) switches. These sensors curate and transfer the “just right” deep-packet data to the AVA Nucleus, which is offered as both on-premises and SaaS. With a simple switch software upgrade and minimal impact on switch performance or reliability, the Arista NDR platform delivers:
? Enhanced visibility: Identify mal-intent, profile, and track all users, apps, and devices –whether managed desktops and workstations or unmanaged contractors, supply chain, cloud, and IoT workloads.
? Correlate these entities based on behavioral analysis to build an entity-centric view and declutter a security analyst’s threat hunting workflow.
? Real-time Situational Awareness: Understand the entire threat landscape and scope of any attack so that security analysts can make intelligent and risk-based decisions.
? AI-Driven Threat Detection: Automate threat detection and response on the network with a platform that identifies underlying attacker tactics, techniques, and procedures rather than just known indicators of compromise.
? Managed NDR: Leverage the power of the Arista NDR platform coupled with skilled resources from Awake Labs that bring decades of experience to enhance the customer’s 24x7 security operations, threat hunting, and incident response programs.
Legacy NetFlow-based solutions are limited in their depth of visibility (port, IP address, and basic protocol information) and lack the context to identify modern devices or threats. In stark contrast, AVA Sensors analyze the full packet, including application layer data which sets the stage for automated and manual threat hunting. Innovations like this have led Arista NDR to be recognized as a leader in the KuppingerCole Network Detection & Response Leadership Compass 2021 Report. The platform also received the AI Breakthrough award for the Best AI-based Solution for CyberSecurity.
AVA Availability
The new capabilities are expected to be generally available in Q2, 2022, with early trials in March 2022.
