Arista Networks introduced an enterprise network identity management capability that leverages AI/ML to simplify the secure onboarding and troubleshooting for users and devices and the management of ever-expanding security policies.
Arista Guardian for Network Identity (CV AGNI) is based on Arista’s foundational NetDL architecture and leverages AVA (Autonomous Virtual Assist) for a conversational interface that removes the complexity inherent in managing network identity from a traditional legacy NAC solution. AVA codifies real-world network and security operations expertise and leverages supervised and unsupervised ML models into an ‘Ask AVA’ service, a chat-like interface for configuring, troubleshooting and analyzing enterprise security policies and device onboarding. CV AGNI also adds user context into Arista’s network data lake (NetDL), greatly simplifying the integration of device and user information across Arista’s products and third-party systems.
CloudVision AGNI’s key features include the following:
- User self-service onboarding for wireless with per-user unique pre-shared keys (UPSK) and 802.1X digital certificates.
- Certificate management with a cloud-native PKI infrastructure.
- Enterprise-wide visibility of all connected devices. Devices are discovered, profiled and classified into groups for single-pane-of-glass control.
- Security policy enforcement that goes beyond the traditional inter-group macro-segmentation and includes intra-group micro-segmentation capabilities when combined with Arista networking platforms through VLANs, ACLs, Unique-PSK and Arista MSS-Group techniques.
- AI-driven network policy enforcement based on AVA for behavioral anomalies. When a threat is detected by Arista NDR, it will work with CV AGNI to quarantine the device or reduce its level of access.
