Arista embraces segmentation as part of its zero-trust security

Arista expands its Macro-Segmentation Service (MSS) to include MSS-Group, software that enables creation of logically assigned security groupings.

Zero trust Netskope
Netskope

Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.

The new software, Macro-Segmentation Service (MSS)-Group, expands the company’s MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company’s MSS Host focuses on data-center security policies.

MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision’s network information can be utilized by Arista networking partners including VMware, Microsoft and IBM’s Red Hat.

MSS-Group authorizes access based on logical groups rather than traditional approaches based on interfaces, subnets, or physical ports, according to Jeff Raymond, vice president of Arista EOS Product Management and Services.

Unlike proprietary products, the MSS-Group segmentation architecture does not rely on proprietary Ethernet tags or protocols to work, Raymond said. That means upstream and downstream leaf and spine switches can be mixed and matched across multiple vendors. Arista MSS-Group-capable switches are agentless and can be deployed across client to campus to cloud in network-wide deployment, all orchestrated via CloudVision, Arista stated.  

To continue reading this article register now

SD-WAN buyers guide: Key questions to ask vendors (and yourself)