Arista Networks this week extended its controller software with the ability to activate firewalls and application delivery controllers for workloads and workflows across its switches.
The company’s Macro-Segmentation Services (MSS) is a feature of the company’s CloudVision software, which maintains a database of network state. MSS works across Layer 2 and 3 topologies and network virtualization overlays to insert security services for data centers with physical and virtualized workloads, extending the separate capabilities of virtualization hypervisors with micro-segmentation, and physical firewalls.
Arista is working with Check Point, F5 Networks, Fortinet, Palo Alto Networks and VMware in this effort.
MSS acts as security-as-a-service for Arista switch networks, logically inserting physical or virtual security devices and workloads into the path of traffic. The software is dynamic and location independent, Arista says, does not require any change in frame formats, and accommodates defined firewall rules and security policies.
MSS integrates with native firewall APIs to learn what workloads the security policy needs to address or monitor. If the security policy requires a specific logical network topology, MSS can instantiate that into the network in real-time, Arista says.
MSS is in field trials today and will be generally available in the first half of 2016.
Sign up for CIO Asia eNewsletters.