Transcription
CloudVision OverviewData SheetCloudVision HighlightsOverviewArista has pioneered the cloud networking movement with its software drivenapproach, built on cloud principles with consistent, reliable software o ering,open standards-based designs, and native programmability. CloudVision extends the same architectural approach of simpli cation through softwareconsistency as a multi-domain management plane for automating the entirenetwork, across private, public and hybrid clouds as well as wired and wirelesscampus. CloudVision enables enterprises to gain the bene ts of cloud-classautomation and telemetry via a turnkey software package. CloudVision is anetwork-wide approach for cloud networking, including software suite ofcapabilities for automated provisioning, compliance, telemetry, analytics andorchestration.Cloud Automation for EveryoneArista EOS CloudVision simpli es complextime and resource intensive tasks in aturnkey software solution designed to helpcustomers move to a more automated,cloud-like infrastructure.A Multi-Domain ServiceNetDL is a state-based, cloud-hosted,network-wide database that collects realtime data streamed from wired andwireless devices for cognitive analytics.This time-series data is anonymized andstored in a multi-tenant, cloud-nativeKubernetes cluster architecture for realtime and historical services.Network Telemetry & AnalyticsCloudVision brings a modern approach tonetwork telemetry and a replacement forlegacy polling mechanisms. AVA, Arista’sAutomated Virtual Assist engine foranalytics, takes full advantage of the statestreaming infrastructure of EOS and NetDLto give Arista customers anunprecedented level of visibility with atime-series view of the entire network,across data center, campus, and publicclouds.With CloudVision, the physical network continues to operate in a familiarmodel, following the Universal Cloud Network design principles. The wellknown control and data plane features continue to be distributed in eachphysical device. The same command-line (CLI) and APIs are available to theoperator.Work ow AutomationWork ow monitoring and provisioning iscontrolled centrally with pre-integratedtool sets for provisioning, changemanagement, network-wide upgrades &rollback, and compliance management.However, CloudVision enhances the traditional operational model with acentralized network data lake, NetDL hat leverages real-time state-streaming tocollect an aggregate view of the physical network state. NetDL is built on acloud-native architecture leveraging scale-out technologies such as Kubernetesand Hadoop and serves as a basis for cognitive analytics. With NetDL,CloudVision becomes the point of abstraction of and interface to the physicalnetwork enabling enterprise-grade network-wide automation, time-seriesvisibility with state streaming analytics, and 3rd party integrations from acentral perspective.Complements the CloudfffffiCloudVision can be deployed as a traditional on-premises virtual or physicalappliance, or can be consumed as a SaaS-based service, for both wired andwireless. CloudVision as-a-Service is a fully Arista managed software service thatruns in the cloud and provides the same functionality as the on-prem o ering.The cloud service takes full advantage of CloudVision’s cloud-nativearchitecture helping customers achieve faster time-to-value, elastic scaling, andcontinuous network assurance with a connected support experience in a secureenvironment.fififlflCloudVision is Arista’s API gateway forphysical network integration with thirdparty services. This includes integrationwith network overlay controllers, DevOpsplatforms and network services solutionssuch as Palo Alto Networks, ServiceNowand others. Using JSON-based REST andgRPC-based streaming APIs, CloudVisionhelps to both simplify and scale thisintegration through an abstracted networkview and a single point of integration.
CloudVision FeaturesCloudVision provides the following features and bene ts:State Streaming Telemetry. Traditional polling mechanismssuch as SNMP do not provide the ne grain visibility required intoday’s cloud data center networks. They are limited in scopeand lack the data granularity required to monitor networks atcloud scale. CloudVision Telemetry provides real-timestreaming of state from network devices for analytics at anetwork-wide scope. This provides visibility for both livemonitoring and historic forensic troubleshooting. In addition,Cloud Tracer provides visibility into the reachability ofnetworks and services across private, public, and hybrid cloudenvironments.and con glet builders simplify the deployment of Aristavalidated network designs with built-in, point and click, guidedwork ows for con guration and image management.Abstraction of the con guration syntax supports multi-domainoperators with varying skillsets to deploy, customize or createadvanced work ows with a low-code, template basedapproach.Change Control. Automate network maintenance with a coordinated and controlled approach for rolling out changeswhile maintaining a documented audit trail and ensuringminimal network downtime. Review and approval stages allowpeer review of changes or integration with IT operationsmanagement systems like ServiceNow and Remedy. Leverageunderlying EOS features like SSU maintenance mode and leafSSU combined into an automated work ow for performingsoftware image upgrades across a group of devices. LetCloudVision visually present a summarized view of the networkstate di erences, giving the operator the ability to quicklyassess and diagnose network inconsistencies across changecontrolsTime Series View of the Network. Just as EOS leverages acentral state database on each individual switch, CloudVisionprovides a network-wide state database for real-time networkstate in one consolidated location with historical state forforensic troubleshooting. This foundation provides operationale ciency gains by moving from a manual box-by-boxapproach to an automated network-wide operational model.Analytics. Get noti ed about network events with correlatedmetrics or before a network event with predictive analytics .The analytics engine in CloudVision leverages big dataanalytics and machine learning to provide root cause analysiswith metric correlation and to prevent network outages withanomaly detection and predictive events that can alert userswell before the event.Compliance Dashboard. To improve operational security,CloudVision provides visibility compliance to con guration andimage standards. The dashboard also provides a real-timeassessment of exposure to known software defects, PSIRTissues and life cycle events that a ect the install base, therebyallowing users to make informed decisions on softwareupgrade across the network.Controller Integration. A simpli ed approach for integrationwith third party overlay controllers is essential in today’scombined physical and virtual world. CloudVision supports avariety of overlay and orchestration controllers, includingVMware NSX , OpenStack, and any other OVSDB-basedcontrollers and aggregates the network to provide a singlepoint of integration to these controllers. This gives customersthe exibility of choice in their orchestration and overlayapproach and helps scale the performance of the pen API Integration. RESTful APIs for all CloudVisionfunctionality that can be used for scripting as well asintegration with other management platforms and work owtools.fiAutomated Provisioning. For initial deployments throughongoing con guration changes, CloudVision reduces the timeto deploy network changes and the likelihood of humaninduced errors. Con guration Studios along with con gletsfiMacro-Segmentation Services (MSS). CloudVision is acentral point for services integration to the physical networkthrough the MSS framework. With MSS, network services likesecurity policy can be dynamically instantiated in the networkin an open approach and without changing operational oradministrative security models.fiDevice Analyzer. Gain visibility into tra c patterns in thenetwork with real-time streaming of ow records visualized intime series graphs and heat maps for improved capacityplanning. Inventory of all connected IP endpoints with tra canalytics for security baseline, trend analysis and anomalydetection.flHardware and Software Abstraction. Does the northboundcontroller integrate with the new hardware platform? Or newswitching feature? Which software version is certi ed with anorthbound controller? A third party controller can be certi edto work against CloudVision and not be as dependent on thehardware or software versions running in the actual network.fiNetwork-Wide Search. Search the network wide database fornetwork elements such as MAC address and IP address. Thesearch functionality provides visibility into historical changesfor these network elements thereby reducing time to rootcause. The search result is enhanced with correlated metrics forassociated Layer2 or Layer3 interfaces.fiffflflffiTopology View. Visualize the network topology in a way thataligns with the network design. CloudVision’s Topology Viewprovides an intuitive approach to mapping the networktopology not just based on LLDP neighbors but also backendanalytics and heuristics that automatically calculate devicetype, neighbor relationships and common layouts. Identifycommon network hotspots such as congestion, tra cimbalance by visualizing metrics in Topology View. Visualizethe network path for tra c ows on your topology diagramwith the ability to identify problems in the path with link anddevice level events.
CloudVision FeaturesCloudVision SolutionThe CloudVision solution is comprised of three components: CloudVision eXchange, CloudVision Portal and CloudVision CUE(Cognitive Uni ed Edge). These components provide the platform for both orchestration and automation for wired and wirelessnetworks as follows:CloudVision eXchange is a EOS-based network-wide multi-function control point providing a single access point for realtime provisioning, orchestration and integration with third party controllers and services.CloudVision Portal is a web platform and associated historical database built to automate the work ows for a variety ofnetwork provisioning, change management, and monitoring tasks.CloudVision CUE (Cognitive Uni ed Edge) is a centralized management plane that simpli es policy management,provisioning and troubleshooting of WiFi networks while delivering richer telemetry to network administrators. For moredetails, consult the CloudVision CUE Datasheet.CloudVision eXchange FeaturesThe following table summarizes the main features of Arista’s CloudVision eXchange. For more information about the availability ofthese features by release please refer to ionFeatureDescriptionBase InfrastructureRuns in an EOS VM as a virtual applianceSingle node Deployment (Lab use only)Three node cluster with high availability for production deploymentsGraceful rebootEOS operating environment (CLI, APIs, management features, etc.)VXLAN and EVPN ServicesVXLAN Control Services (VCS) for dynamic control plane learning of VXLAN mappinginformationCloudVision eXchange Federation across multiple Data Centers using BGP-EVPNAPIsEOS command lineeAPI for EOSOpen Virtual Switch Database(OVSDB) ServicesLayer 2 hardware VTEP integration for synchronizing network topology information, MAC toVXLAN endpoints, and VXLAN ID bindings with overlay controllers.Layer 3 hardware VTEP integration for logical routing functionality in VxLAN overlaynetworks.OpenStack ServicesIntegration with OpenStack via ML2 driver plugin for provisioning of network services(VLAN, VXLAN, etc) for VMs and with OpenStack Ironic to extend network provisioning tobare-metal serversMacro-Segmentation ServicesMSS-Host: Extend common policy enforcement for VMs and bare-metal workloads.Integration available with VMware-NSX-TMSS-Firewall: Dynamically instantiate network services policy in the physical network byintegrating with rewall services from Palo Alto, Fortinet, Checkpoint*Partner IntegrationContainer Tracer support for Docker and Kubernetes based containerized environmentsO cial support for VMware NSX and OpenStack integration.Other technology partner integration details available upon request.flfififififfi* Indicates features planned for a future release.
CloudVision FeaturesCloudVision Portal FeaturesThe following table summarizes the main features of Arista’s CloudVision Portal. For more information about the availability ofthese features by release please refer to ionFeatureDescriptionUser SecurityAAA Local Authentication and Role-based AuthorizationTACACS / RADIUS Authentication and Role-based AuthorizationRBAC - Custom role de nition for authorizationOne-time password/Multi-factor AuthenticationSingle sign on integration with OAUTH Providers (Microsoft, Google, Okta, OneLogin, Custom) and SAMLProviders (Launchpad, Okta, OneLogin, Custom)APIsJSON-based REST and streaming APIs (gRPC)Network Provisioning - DiscoveryDevice inventoryAutomatic device provisioning via Zero Touch Provisioning (ZTP) for EOS and CloudEOS devicesPer device logs of all actions taken by the portalZero Touch Replacement (ZTR)Cloud-based ZTP as-a-Service**Network Provisioning - ImagesRepository for Images and ExtensionsAssign image bundles for initial provisioning across device groupsNetwork Provisioning Con gurationSwitch con guration management via Studios and con gletsBuilt-in guided work ows to provision Arista validated network designs and manage ongoingcon guration changesFlexibility to customize built-in work ows or create new and advanced work owsCon glet Builder for con g templating and scriptingBuild, validate and review con guration di erences of proposed and running con guration for devicesCon g reconcile for source of truth managementComplianceCon guration and Image compliance for managed devicesBug exposure assessment for managed devices based on operational state of devicesPSIRT assessment for managed devices for security complianceHardware and Software Lifecycle events for product complianceChange ControlAutomated ongoing device con guration change managementFlexible change control work ow for task execution with support for snapshots and user de ned actions.Review and approve stage to authorize changes with support for Role based access controlAutomated software upgrades across groups of devices leveraging BGP Maintenance mode and MLAGhealth checks for hitless upgradesChange Control Templates to automate repeatable operational run booksNetwork-wide RollbackTelemetry ViewsReal-time state streaming from devicesBackend state repository and analytics engineComparison application for easy comparison of state across devices and historic timelineReal-time analytics for event detection and noti cationCloudTracer for endpoint reachability monitoring across private, public, and hybrid cloud environmentsTopology Views, with Metric Layers, visibility for VLAN/VxLAN segmentsCustom dashboards to monitor metrics network wide with built-in widgets for tra c ows, Top Kinterface graphs and moreFlow visibility with sFlow and IPFIX ow records from devices with trend analysis and path visibility inTopology ViewInband Network Telemetry based hop-by-hop latency for ow records (on supported EOS platforms) inToplogy ViewEndpoint Inventory for all connected IP endpointsNetwork-wide search for MAC address and IP addressPartner IntegrationO cial support for ServiceNow, Remedy, Forescout and Ansible integration. Other technology partnerintegration details available upon ififififfi** Applicable to CloudVision as-a-Service o ering only
CloudVision Technical Speci cationsCloudVision Deployment Models:The following describes the deployment models for CloudVision Portal:CloudVision as-a-ServiceDescriptionConnectivity RequirementsIP connectivity to www.arista.io (port 443) / apiserver.arista.io (port 443)ProtocolsBrowser over HTTPS. gRPC for device connectivity.Supported SSO ProvidersOAUTH (Microsoft, Google, Okta, OneLogin, Custom)SAML (Launchpad, Okta, OneLogin, Custom)CloudVision Virtual ApplianceDescriptionHardware Platform RequirementsPlease consult the CloudVision Con guration Guide for the latest hardware platformrequirements. A 3-node cluster is recommended for production deployments.Hypervisor RequirementsVMware ESXLinux KVMFor supported Hypervisor versions, please refer to the software release notes.ProtocolsBrowser over HTTPS. Admin access over SSH, SCP. NTP for time synchronizationbetween nodes. gRPC for device connectivity.Software Version RequirementsCloudVision eXchange and CloudVision Portal are deployed as virtual machines onsupported hypervisors. For software recommendations, please refer to the softwarerelease notes.CloudVision Physical ApplianceDescriptionPhysical Appliance PlatformSpeci cations for DCA-350E-CVCPUs:DRAM:Hard Drives:Network Interfaces:Power Supply:Power Cord:Dimensions (HxWxD):Weight:Remote management:fififffiPhysical Appliance Software VersionRequirementsTwo Intel Xeon Silver 4316 2.3GHz, 20C/40T128 GB (Eight 16GB RDIMM)Five 2TB SSD Drives (7.6 TB e ective). Drives are EncryptedFour port 10Gb Ethernet (RJ-45), Dedicated 1Gb IPMI portDual, Hot-plug, Redundant Power Supplies (1 1), 550WC13 to C14, PDU Style, 12A, 2 Feet (North America)1.68”x17”x25.87” (4.26cm x 43.38cm x 65.70cm)38.9 lbs (17.64 kg)iDRAC9 Enterprise controllerDCA-350E-CV supports software applications for CloudVision Portal Server,CloudVision eXchange Server and CloudVision CUE
CloudVision Technical Speci cationsCloudVision Physical ApplianceDescriptionPhysical Appliance PlatformSpeci cations for DCA-250-CVCPUs:DRAM:Hard Drives:Network Interfaces:Power Supply:Power Cord:Dimensions (HxWxD):Weight:Remote management:Physical Appliance Software VersionRequirementsTwo Intel Xeon 10 Core, 2.2 GHz CPUs64 GB (Two 32GB RDIMM)Four 2TB SSD Drives (5TB e ective)Four port 1Gb Ethernet (RJ-45), Dedicated 1Gb IPMI portDual, Hot-plug, Redundant Power Supplies (1 1), 550WC13 to C14, PDU Style, 12A, 2 Feet (North America)1.68”x17”x25.87” (4.26cm x 43.38cm x 65.70cm)38.9 lbs (17.64 kg)iDRAC9 Enterprise controllerDCA-250-CV supports software applications for CloudVision Portal Server,CloudVision eXchange Server and CloudVision CUEfifffiFor recommended releases, please refer to the Recommended Releases page.
CloudVision Ordering InformationCloudVision is available as a software subscription via the following feature set o erings: A CloudVision license (SKUs starting with ‘SS-CV’) which includes all available CloudVision functionality. A CloudVision Lite license (SKUs starting with ‘SS-CV-LT’) which includes a subset of CloudVision functionality. A CloudVision license (SKUs starting with ‘SS-CVS’) is for CloudVision as-a-Service, and includes all available functionality. A CloudVision Lite license (SKUs starting with ‘SS-CVS-LT’) is for CloudVision as-a-Service and includes a subset of functionality.CloudVision Lite Provisioning: Zero Touch Provisioning(ZTP), Con g/Image Management, CloudVision Studios, ChangeControls Inventory: Device Inventory, Endpoint inventory, BaseTopology View General: Base APIs, State Streaming, User Controls, EOS/CloudEOS (basic provisioning)CloudVision All CloudVision Lite Features Telemetry: Device Views, Metrics, Topology Views,Topology Overlays, Snapshots, Di Views Compliance Checking, Dashboard, Bug Visibility Advanced: Search, Noti cations, Partner Integrations, V2(for 10G platforms) and Z licensed features Analytics: Events, Device Analyzer, Flow/INT Use-cases: Wired Wireless, CloudEOS TerraformProviderProduct NumberOn-Premises SKU OptionsSS-CV-SWITCH-1MCloudVision SW Subscription License for 1-Month for 1 Switch. 10G Platforms. Includes Z, V2Features.SS-CV-G-SWITCH-1MCloudVision SW Subscription License for 1-Month for 1 Switch. 1G Platforms. Includes Z.SS-CV-MOD-G-SWITCH-1MCloudVision SW Subscription License for 1-Month for 1 Switch. Arista 5 and 8 slot Modular 1G/mGEthernet SwitchesSS-CV-CG-SWITCH-1MCloudVision SW Subscription License for 1-Month for 1 Switch. 1G/mG Compact Platforms. IncludesE, FLX-Lite.SS-CV-LT-SWITCH-1MCloudVision Lite SW Subscription License for 1-Month for 1 Switch. 10G PlatformsSS-CV-LT-G-SWITCH-1MCloudVision Lite SW Subscription License for 1-Month for 1 Switch. 1G Platforms.SS-CV-LT-MOD-G-SWITCH-1MCloudVision Lite SW Subscription License for 1-Month for 1 Switch. Arista 5 and 8 slot Modular 1G/mG Ethernet SwitchesSS-CV-LT-CG-SWITCH-1MCloudVision Lite SW Subscription License for 1-Month for 1 Switch. 1G/mG Compact Platforms.SS-CV-SWITCH-LAB-1MLab Use Only: CloudVision SW Subscription License for 1-month for up to 10 SwitchesDCA-250-CV1 unit CloudVision Physical Appliance, Model 250 (Includes CVX , CVP Server). No CV device licenses.SVC-DCA-250-CV-NBD1 Month A-Care Software & NBD Hardware Replacement/Same Day Ship for DCA-CV-250 ApplianceDCA-350E-CV1 unit CloudVision Physical Appliance, Model 350 (Includes CVX , CVP Server). No CV device licenses.1 Month A-Care Software & NBD Hardware Replacement/Same Day Ship for DCA-CV-350EffAppliancefifffiSVC-DCA-350E-CV-NBD
Product NumberCloud Service SKU OptionsSS-CVS-SWITCH-1MCloudVision as-a-Service Subscription Lic for 1-Month for 1 Switch. 10G Platforms. Includes Z, V2Features. Electronic Delivery Only.SS-CVS-G-SWITCH-1MCloudVision as-a-Service Subscription Lic for 1-Month for 1 Switch. 1G/mG Platforms. ElectronicDelivery Only.SS-CVS-MOD-G-SWITCH-1MCloudVision as-a-Service Subscription Lic for 1-Month for 1 Switch. Arista 5 and 8 slot Modular 1G/mG Ethernet Switches. Electronic Delivery OnlySS-CVS-CG-SWITCH-1MCloudVision as-a-Service Subscription Lic for 1-Month for 1 Switch. 1G/mG Compact Platforms.Includes E, FLX-Lite. Electronic Delivery Only.SS-CVS-LT-SWITCH-1MCloudVision as-a-Service Lite Subscription Lic for 1-Month for 1 Switch. 10G Platforms. Includes Z,V2 Features. Electronic Delivery Only.SS-CVS-LT-G-SWITCH-1MCloudVision as-a-Service Lite Subscription Lic for 1-Month for 1 Switch. 1G/mG Platforms.Electronic Delivery OnlySS-CVS-LT-MOD-G-SWITCH-1MCloudVision as-a-Service Lite Subscription Lic for 1-Month for 1 Switch. Arista 5 and 8 slot Modular1G/mG Ethernet Switches. Electronic Delivery OnlySS-CVS-LT-CG-SWITCH-1MCloudVision as-a-Service Lite Subscription Lic for 1-Month for 1 Switch. 1G/mG Compact Platforms.Electronic Delivery OnlySS-CVS-SWITCH-LAB-1MLab Use Only: CloudVision as-a-Service Subscription License for 1-month for up to 10 Switches.Any platform. Electronic Delivery OnlySS-CVSC-CG-SWITCH-1MCloudVision CUE as-a-Service Subscription Lic for 1-Month for 1 Switch. 1G/mG CompactPlatforms. Electronic Delivery Only.Service and SupportSoftware support for CloudVision Virtual Appliance is included in the CloudVision software subscription license. Hardware supportfor the CloudVision Physical Appliance requires a corresponding A-Care service contract. Support for each EOS device managed byCloudVision is covered by standard A-Care o erings for each particular device. For more details on A-Care service o erings acrossall Arista products, see: tSales5453 Great America ParkwaySanta Clara, California opyright 2022 Arista Networks, Inc.Arista logo and EOS are trademarks of Arista Networks. Other product or service names may be trademarks orservice marks of otherswww.arista.comffff05/2022
consistency as a multi-domain management plane for automating the entire network, across private, public and hybrid clouds as well as wired and wireless . CloudVision becomes the point of abstraction of and interface to the physical network enabling enterprise-grade network-wide automation, time-series . today's cloud data center networks .
