Arista Networks integrates NDR capabilities into the switching infrastructure
Arista Networks announced that its 720XP series of switches for campus deliver embedded security and packet analysis.
By embedding NDR (Network Detection and Response) capabilities into the Arista EOS-based switches themselves, customers derive broader visibility and threat hunting across the modern cognitive campus. The secure infrastructure optimizes existing human workflows and drives automated risk mitigation without the need to deploy additional and external network security products.
“As a highly respected network infrastructure provider, Arista is well-positioned to bake security into the core of the network. Bringing artificial intelligence techniques such as deep learning, belief propagation, and natural language processing to data captured directly off the switch has the potential to grossly simplify network security for customers,” said Dr. Edward Amoroso, Chief Executive Officer, TAG Cyber and Research Professor, New York University. “Being a former security practitioner myself, the ability to avoid the operational burdens of bolting security on, is very appealing.”
High fidelity NDR with Arista AVA
Powered by AVA (Autonomous Virtual Assist), this AI-driven function has two key components: AVA Sensors and the AVA Nucleus. AVA Sensors support a variety of form factors from stand-alone appliances and virtual to cloud workloads and now, within campus power over ethernet (PoE) switches.
These sensors curate and transfer the “just right” deep-packet data to the AVA Nucleus, which is offered as both on-premises and SaaS. With a simple switch software upgrade and minimal impact on switch performance or reliability, the Arista NDR platform delivers:
- Enhanced visibility: Identify mal-intent, profile, and track all users, apps, and devices –whether managed desktops and workstations or unmanaged contractors, supply chain, cloud, and IoT workloads.
- Correlate these entities based on behavioral analysis to build an entity-centric view and declutter a security analyst’s threat hunting workflow.
- Real-time Situational Awareness: Understand the entire threat landscape and scope of any attack so that security analysts can make intelligent and risk-based decisions.
- AI-Driven Threat Detection: Automate threat detection and response on the network with a platform that identifies underlying attacker tactics, techniques, and procedures rather than just known indicators of compromise.
- Managed NDR: Leverage the power of the Arista NDR platform coupled with skilled resources from Awake Labs that bring decades of experience to enhance the customer’s 24×7 security operations, threat hunting, and incident response programs.
“Network security has been an ongoing challenge for most organizations due to hardware deployments and configuration changes needed at the network infrastructure level. While organizations acknowledge that the network presents a unique vantage point, security teams have been forced to trade off network visibility and ongoing operational costs,” said Rahul Kashyap, Vice President and General Manager of Cybersecurity and CISO at Arista Networks. “By building NDR capabilities into the switching infrastructure itself, Arista enables a built-in, secure network that reduces organizational risk by speeding up both time to detection and time to remediation.”
Legacy NetFlow-based solutions are limited in their depth of visibility (port, IP address, and basic protocol information) and lack the context to identify modern devices or threats. In stark contrast, AVA Sensors analyze the full packet, including application layer data which sets the stage for automated and manual threat hunting. Innovations like this have led Arista NDR to be recognized as a leader in the KuppingerCole Network Detection & Response Leadership Compass 2021 Report. The platform also received the AI Breakthrough award for the Best AI-based Solution for CyberSecurity.
The new capabilities are expected to be generally available in Q2, 2022, with early trials in March 2022.