Arista Networks Unveils Zero Trust Networking Vision

November 9, 2023

Key partnership with Zscaler accelerates customers zero trust journey

Arista Networks (NYSE: ANET), a leading provider of cloud networking solutions, today announced an expanded zero trust networking architecture that uses the underlying network infrastructure to break down security silos, streamline workflows and enable an integrated zero trust program. Through a combination of Arista-developed technologies and strategic alliances with key partners, this approach uses the network to compensate for harder-to-implement zero trust controls across the domains of devices, workloads, identity, and data.

Arista and Zscaler expand their partnership (Graphic: Business Wire)

Arista and Zscaler expand their partnership (Graphic: Business Wire)

A Standards-Based Approach to Zero Trust

Enterprise networks today range from traditional campuses and data centers to IoT, work from anywhere, and cloud. Defending this distributed infrastructure requires a “microperimeter” around each critical digital asset. With this in mind, the United States Cybersecurity and Infrastructure Security Agency (CISA) laid out a Zero Trust Maturity Model with prescriptive guidance across five foundational pillars: Identity, Devices, Networks, Applications and Workloads, and Data.

“Arista’s suite of zero trust solutions maps tightly to the networking pillar in the CISA model and is designed to help organizations accelerate their journey toward zero trust maturity,” said Rahul Kashyap, Vice President and General Manager for Cybersecurity at Arista Networks. “Our ability to do this friction-free via the network helps overcome roadblocks across the other domains of identity, devices, workload, and data.”

Building Blocks of the Arista Zero Trust Architecture

The Arista zero trust architecture uses the underlying network infrastructure from switches to WAN routers to deliver key security capabilities while integrating seamlessly with the organization’s existing security program and tools. The key components of this integrated security solution are:

  • Arista CloudVision AGNI greatly simplifies the secure onboarding and troubleshooting for users and devices, as well as ongoing posture analysis and network access control.
  • Arista Macro Segmentation Service (MSS) enables the creation and enforcement of microperimeters through edge switches that can protect or isolate each asset without requiring the deployment of firewalls all across the enterprise network. Segmentation policies can be defined once in Arista CloudVision and enforced dynamically based on real-time network, application, device, or user identity information.
  • Arista NDR autonomously discovers, profiles, and classifies every device, user, and application across the distributed network. Based on this deep understanding of the attack surface, the platform detects threats to and from these entities while providing the context necessary to respond rapidly.
  • Arista natively supports encryption capabilities such as MACsec and Tunnelsec, enabling organizations to encrypt data to and from legacy applications and workloads without changing those systems but instead relying on the network to protect data from unauthorized access, interception, and tampering.

Powered by Arista NetDL and AVA AI Insights

Arista’s zero trust architecture is built on the foundations of a unified operating system in EOS and a common management plane in CloudVision. The EOS Network Data Lake (NetDL™) provides a single source of network data ‘truth’ and a common sensor/collector architecture that enables forensics and analytics for threat hunting, network, and application observability, as well as network detection and response.

Arista Autonomous Virtual Assist (AVA™) utilizes machine learning and other artificial intelligence (AI) technologies to augment pervasive visibility, continuous threat detection, segmentation, and access control. Combined with distributed network-wide state and telemetry data and third-party integrations, AVA drives automation and extensibility to greatly reduce the manual operational burden of operating and securing networks.

Extending the Client to Cloud Ecosystem with Zscaler

The Arista zero trust architecture is designed to be open and API-friendly. This approach is focused on leveraging the underlying network to eliminate blindspots and silos while streamlining workflows across key security pillars that sit above the network stack. Partners within the Arista zero trust ecosystem include Microsoft, CrowdStrike, and our newest partner Zscaler. Arista is a member of the Microsoft Intelligent Security Association (MISA), having integrated with Microsoft’s security technology offerings.

The newly introduced integration with the Zscaler Zero Trust Exchange platform, the cloud-native platform that connects and secures users, workloads, and devices over any network and any location, brings critical domain and attacker infrastructure intelligence into Arista NDR. Additionally, this integration allows Zscaler Internet Access (ZIA) to block access from devices Arista identifies as compromised or domains or IP addresses Arista has discovered to be malicious.

“With the acceleration of cloud adoption and blurring perimeters, organizations' legacy approach to security is proving ineffective. It is crucial to adopt a zero trust approach to ensure the security of users and assets," said Amit Raikar, VP of Business Development and Technology Alliances at Zscaler. "Zscaler and Arista’s joint customers will be able to control risk and enforce policy for the entire workforce, ultimately making their enterprises more secure."

For more insight on this announcement, read our zero trust whitepaper here. For more information on our partnership with Zscaler, read the solution brief here.

About Arista

Arista Networks is an industry leader in data-driven, client-to-cloud networking for large data center, campus and routing environments. Arista’s award-winning platforms deliver availability, agility, automation, analytics and security through an advanced network operating stack. For more information, visit https://www.arista.com.

ARISTA, AGNI, AVA, CloudVision, and NetDL are among the registered and unregistered trademarks of Arista Networks, Inc. in jurisdictions worldwide. Other company names or product names may be trademarks of their respective owners. Additional information and resources can be found at www.arista.com. This press release contains forward-looking statements including, but not limited to, statements regarding the performance and capabilities of Arista’s products and services. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Forward-looking statements are subject to risks and uncertainties that could cause actual performance or results to differ materially from those expressed in the forward-looking statements, including rapid technological and market change, customer requirements and industry standards, as well as other risks stated in our filings with the SEC available on Arista's website at www.arista.com and the SEC's website at www.sec.gov. Arista disclaims any obligation to publicly update or revise any forward-looking statement to reflect events that occur or circumstances that exist after the date on which they were made.

Media Contact
Amanda Jaramillo
Corporate Communications
Tel: (408) 547-5798
amanda@arista.com

Investor Contact
Liz Stine
Investor Relations
Tel: (408) 547-5885
liz@arista.com

Source: Arista Networks