CloudVision: The First Decade
As I think about the evolution of the CloudVisionⓇ platform over the last 10 years, and our latest announcement today, I’m reminded of three...
Paradigm Shift to Zero Trust Networking
The new age of edge, multi-cloud, multi-device collaboration for hybrid work has given rise to a new network. Historically, adding multiple layers of network security with the consequential add-on hardware deployments, ongoing operational costs, and configuration changes needed at the network infrastructure level has been cumbersome. These mechanisms are even less effective for the new network. Security teams are, therefore, forced to reckon with bare minimum network visibility and tactical solutions.
The paradigm shift to a vanishing perimeter has prompted organizations to embed security into the network infrastructure as a proactive zero trust approach to tracking and successfully managing risk from the wider attack surface. Arista’s zero trust networking is based on these prescriptive principles and builds security into the network by default.
Time to Rethink Firewalls with Microperimeters
Classical perimeter firewalls have three essential functions: network routing, segmentation with access lists ( ACLs), and stateful inspection of L4-L7 traffic for compliance purposes. The CISA Zero Trust Maturity Model, based on NIST 800-207, requires perimeters around each asset the organization seeks to protect. Putting classical firewalls all across the enterprise is not a practical option. Instead, Arista’s network-based approach delivers zero trust segmentation and enforcement to prevent east-west lateral movement. Thus, the network switch creates the microperimeters, while the classical firewall can continue inspecting north-south L4-L7 traffic. The combination delivers an elegant and secure network, bringing the best of both worlds, as shown in the figure below.
Arista MSS: Enabling Microperimeters
Arista MSS delivers three capabilities that enable organizations to build microperimeters:Summary
It is the right time to unify the network and security world as organizations look for zero trust at terabit scale with flexible support for identity and microperimeters. Security must permeate everything we do on the network today to bring a proactive and continuous approach to active and pervasive segmentation, enforcement, and threat mitigation. Lethal threats must be detected and intercepted before they can expand to a massive data breach. Welcome to the holistic zero trust networking era built on Arista MSS microperimeters!
To learn more or see a demo, visit booth #6453 in the North Hall at the RSA Conference in San Francisco.
As I think about the evolution of the CloudVisionⓇ platform over the last 10 years, and our latest announcement today, I’m reminded of three...
In 1984, Sun was famous for declaring, “The Network is the Computer.” Forty years later we are seeing this cycle come true again with the advent of...
Paradigm Shift to Zero Trust Networking