Transcription
CloudVision CUE OverviewData SheetKey Features Centralized configuration andpolicy management Cognitive cloud-based networkbaselining and troubleshootingwith root cause analysis engine forWiFi APs and access switches. Application QoE Monitoring Wi-Fi analytics for businessintelligence Wireless Intrusion Prevention (WIPS) Application Visibility and Control Visual packet trace and analysisOverviewArista has pioneered the cloud networking movement with its software drivenapproach, built on cloud principles with consistent, reliable software offering,open standards-based designs, and native programmability. CloudVision extendsthe same architectural approach of simplification through software consistencyas a multi-domain management plane for automating the entire network, acrossprivate, public and hybrid clouds as well as wired and wireless campus.Harnessing the power of the cloud, big data analytics, machine learning andautomation, CloudVision Cognitive Unified Edge (CV-CUE) brings the power ofintelligence, speed and accuracy to wireless and wired networks. Through rootcause analysis and proactive problem resolution options, CV-CUE reduces themean-time-to resolve problems minimizing network troubleshooting effort whilereducing total cost of ownership. Wireless Access Security Client location trackingEnterprise ready cloud architecture Wired-wireless monitoringCV-CUE is powered by a cognitive management plane which simplifiesconfiguration and troubleshooting while delivering richer telemetry to networkadministrators. A centralized management plane remarkably simplifies policymanagement and provisioning of campus networks. A flexible data plane allowswireless access points to provide customizable traffic redirection at the network’sedge. A distributed control plane enables enterprise Wi-Fi features without thescalability issues of older architectures - and an innovative cognition plane withstreaming telemetry automates network monitoring and troubleshooting tooptimize the user experience and minimize the mean time to resolution (MTTR)for network access and performance issues. Management of multi-functionradio for network assurance, RFmonitoring and WIPS API Integration Cloud and On-Premises optionsML/AI based PlatformMachine learning based self-aware,self-healing network with applicationperformance assuranceAPI DrivenAPI driven architecture makes a breeze ofnetops and other automation. APIs alsoenable extensions and custom applicationNetDBState-based, cloud-hosted, networkwide database that collects realtime data streamed from wiredand wireless devices for cognitiveanalytics.Know WiFi clientsKnowthe rootcause offailureMonitornetworkTroubleshootSimplicity RedefinedCentrally managing a Wi-Fi network has many advantages - it is simple to changea network configuration globally, physically locate a Wi-Fi device, view real-time orhistorical experience of Wi-Fi users or capture and visualize a packet trace from aremote site.Mission-critical ReliabilityArista’s distributed architecture ensures there is no loss of functionality ifconnectivity to the management plane is lost. The Wi-Fi network continues tosupport mission-critical applications and secure airspace at all times. Automateddisaster recovery and high-availability ensures users do not experience downtimeeven in the event of a datacenter- or region-wide incidence.
CloudVision CUE OverviewData SheetFederal-grade SecurityThe Arista Cloud implements multiple tiers of security—including strong access controls, two-factor authentication,regular vulnerability scanning and management, encryptionof data in transit (TLS) and at rest (EBS and S3), and PII dataprivacy. Arista Cloud is certified for SSAE SOC 2 Type II.Cognitive Management PlaneArista uses cognitive computing to deliver the best experiencepossible to Wi-Fi administrators and users.Seamless ScalabilityWith virtually unlimited and elastic availability of storageand compute resources, the Arista cloud eliminates artificialboundaries inherent in controller-based WLAN architectures.Naturally, it enables many innovative, previously unforeseenapplications in big data analytics, machine learning andcognitive computing in the context of Wi-Fi.Flexible Data PlaneDecoupling of data, management and control planes resultsin tremendous flexibility in data traffic forwarding. Trafficfrom the Arista APs can be locally routed or tunnelled to acentral aggregation point, e.g., an Arista switch. APs supportVXLAN and EoGRE based tunnelling. This allows enterprisesto migrate their existing controller-based Wi-Fi networksto Arista’s controller-less cloud architecture without havingto change the design of their underlying campus network.Tunneling of data to a central aggregation point may also berequired by certain enterprises for regulatory compliance andby service providers for ease of billing. CV-CUE enables theconfiguration and monitoring of EoGRE and VXLAN endpointson Wi-Fi APs. Tunnels can be configured in redundant modewith automatic failover.Distributed Control PlaneArista’s Wi-Fi solution is based on intelligent-edgearchitecture where each AP is capable of autonomouslytaking control plane decisions such as channel/powerselection, admission control, QoS management, clientsteering, roaming, etc. To enable this, APs periodically sharestate information with each other using a highly-efficientand secure protocol over the wired network. The distributedcontrol plane provides unparalleled scalability, without theneed for any controller.Location TrackingCV-CUE supports tracking location of any Wi-Fi APs andclients on a floor. It enables visualization of Wi-Fi associationsand includes filtering based on client or user information,or connectivity or performance issues. It can be used formapping of Wi-Fi client connectivity and performance issuesin the context of their physical location.Unified MonitoringCV-CUE gives a single pane of glass to monitor WiFiaccess points and switches to which these APs are directlyconnected. CV-CUE shows switch details and also providesinformation about connectivity, performance and securityrelated issues.This results in the fastest mean time toresolution, for troubleshooting and restoring networkingservices that impact users and endpoint devices.
CloudVision CUE FeaturesData SheetClient JourneyTMCV-CUE provides direct and real-time insight into the experienceof Wi-Fi clients as they journey on the network. Client Journeytracks when and why clients fail to connect to the network,reporting latencies of network services such as AAA, DHCP, andDNS. Administrators can drill down and access live and historicalclient connection logs to aid troubleshooting.Network BaseliningUsing ML algorithms on the data it collects, CV-CUE baselinesnetwork behavior and automatically detects and highlightsanomalies. Baselining is done for connection failures, RFperformance KPIs and application QoE. AI algorithms detectpoor performance, identifies root causes and providesrecommendations to resolve network problems.Applications HealthCV-CUE monitors the Quality of Experience (QoE) of businesscritical applications and identifies users facing poor QoE issues.A total of 25 applications can be selected for monitoring. Thisincludes video collaboration applications such as Hangouts,Zoom, Teams as well as a wide variety of Web applications fromenterprise app providers such as Adobe, Google, Microsoft,Oracle etc. Users can also add custom applications for QoEmonitoring. For each application, CV-CUE tracks the percentageof time for which QoE was poor and displays the informationon the Application dashboard. QoE baseline is also tracked perapplication as well as over all applications, for upto 30 days.RF ExplorerLeveraging the round-the-clock scanning capabilities ofArista APs, CV-CUE provides in-depth, live and historical,information about the RF environment seen by each AP. TheRF Explorer is a powerful tool for monitoring, managing andproactively troubleshooting radio spectrum related issues.Root Cause Analysis EngineCV-CUE employs built-in domain expertise and protocollevel intelligence to help administrators maintain thenetwork. In real time, it automatically detects and classifiesWi-Fi clients’ connection failures and pinpoints the rootcause—if it is related to Wi-Fi or to a network service suchas DHCP or DNS, a client device, or an application. Similarly,it automates root cause analysis of poor performance, suchas poor coverage, high retry rate and sticky clients.Single Client InferencingWi-Fi clients may face poor experience due to variousreasons. CV-CUE identifies such clients based on RF andapplication KPIs and then uses the Single Client Inferencingengine for automated root cause analysis of problems facedby clients.
CloudVision CUE FeaturesData SheetAutomatic Packet CaptureCV-CUE proactively captures packet traces to helpdiagnose problems. The traces are stored alongside relatedfailures or symptoms to simplify troubleshooting later.Packet traces can be downloaded or directly visualizedin Arista Packets, the cloud based, visual Wi-Fi packetanalyzer.Spectrum AnalyzerArista APs can be configured to run on-demand spectralscans to get an in-depth view of the RF activity on Wi-Fispectrum bands, i.e 2.4GHz, 5GHz, 6GHz. SpectrumAnalyzer illustrates the output of a spectral scan usinga set of charts. Spectrogram shows the RF energy levelacross the band, as a function of time. The SpectrumDensity chart indicates the relative distribution of differentsignal levels across the spectrum band. The SignalStrength chart shows the instantaneous and average RFenergy level in different parts of the band. The Duty Cyclechart shows the percentage of time each channel is busy,based on the presence of RF activity above a certain signallevel.Intelligent RF OptimizationsUnparalleled visibility in 2.4 GHz, 5 GHz and 6 GHz enablesautomatic RF optimizations such as band steering, smartsteering, auto channel selection and auto transmit powercontrol to maximize Wi-Fi capacity. CV-CUE shows detailedinformation about the metrics used during channel selection toprovide deep insights into the reasons why a particular channelwas chosen. Real-time application performance is furtherenhanced with multicast-to-unicast conversion and smartblocking, pruning and optimization of broadcast and multicasttraffic.Remote Workspace APRemote Workspace AP (RWAP) solution empowers enterprisecustomers with the ability to extend Corporate SSID to aremote workplace such as a teleworkers’ home office or a smallremote branch office. It uses industry-standard protocols tosecurely connect the AP deployed at a workplace with theEnterprise datacenter (DC) over the public Internet. With anIPSec VPN tunnel from the AP to the DC: Wi-Fi traffic mapped to the SSID flows via the tunnel to/fromDC VPN setup not required individually on the Wi-Fi end clients Split tunnel functionality limits only corporate traffic throughthe tunnelActive Network AssuranceCV-CUE takes advantage of the multi-function radio,present in most Arista Wi-Fi APs, turning it into a clientto run a wide variety of tests and proactively identifyproblems before users do. This helps validate the network’sreadiness for supporting business-critical applications.RWAP feature is available for on-premises customers also.Web ShellCV-CUE provides a Web-based SSH login to a specific AccessPoint CLI. Web Shell is helpful to troubleshoot AP issues,especially if an AP is behind a NAT.
CloudVision CUE FeaturesData SheetWireless Intrusion PreventionWith the multi-function radio acting as a dedicated wirelessintrusion prevention (WIPS) sensor, wireless threats aredetected and blocked almost instantly in your network. CVCUE works with the APs, which are powered by patentedtechniques such as Marker PacketsTM, to enable surgicalover-the-air intrusion prevention, automatically andaccurately creating alerts and classifying wireless threats.All Arista Wi-Fi 5 and Wi-Fi 6 APs can be configured to runas dedicated WIPS sensors. Arista APs equipped with BLEradios can also scan for BLE devices. Network administratorscan view these devices on CV-CUE and also change theirclassification from ‘Uncategorized’ to ‘Authorized’ and viceversa.Edge Threat ManagementSecurity being a key element of Arista’s campus solution,CV-CUE provides Wireless IPS, Next Gen Firewall and MicroEdge for threat management. This integrated approachprovides network administrators with the ability toensure protection, monitoring and control across devices,applications, and network airspace, enforcing a consistentsecurity posture over the entire digital attack surface.Engagement AnalyticsIntegration with social networks and third-party loyaltysystems can be leveraged to collect demographics and otherinformation from Wi-Fi users who opt in to share their personaldetails. This in turn can be used to engage with the opt-in Wi-Fiusers, e.g., retail business can provide special deals to their loyalcustomers and convert them into brand ambassadors.Wi-Fi AnalyticsAnalytics based on presence and behavior of Wi-Fi devicescan provide significant business intelligence, and caninform business functions such as marketing research (A/B testing of storefront displays,measure ROI of marketing campaigns, context-basedguest engagement) operations (staff planning, optimize facility utilization), IT (network planning and design based on user density).Presence AnalyticsPresence analytics provide anonymous, statisticalinformation about the footfall (number of Wi-Fi devicesdetected), dwell time (duration for which Wi-Fi devices arepresent) and repeat versus new customers. These trendscan be viewed for a site or aggregated across multiple sites,and across different time periods: intra-day, daily, weekly,monthly and year-over-year.Zone AnalyticsZone analytics provide insight into the density and flow of Wi-Fiusers by visualizing it on a floor map. This allows administratorsto monitor how various parts of a facility are populated over aperiod of time. Zones can be demarcated as a region aroundWi-Fi APs on a floor maps.Content analytics and application visibilityWeb analytics and application visibility based on deep packetinspection can provide insight into Wi-Fi usage patterns andallow you to enforce policies in terms of the type of content orapplications that can or cannot be accessed based on the typeof Wi-Fi network (e.g., Corp vs. Guest) and user privileges (e.g.,students vs. teachers) and assign the desired quality of service.
CloudVision CUE FeaturesData SheetWireless Access Security and ControlWith a suite of features to identify users, devices, OS, andapplications and to control the access and privileges they geton the network, Arista provides a comprehensive solutionto enforce context-based policies and protect the networkfrom abuse. CV-CUE also enables integration with 3rd partyNAC solutions. The latest Wi-Fi security protocols such asOpportunistic Wireless Encryption (OWE) and WPA3 aresupported by CV-CUE.Integration with Google G SuiteGoogle G Suite for business or education, can be used toenforce an additional layer of security for Wi-Fi users withArista’s Wi-Fi integration. No additional hardware, softwareor license is required. Regardless of whether PSK or 802.1X isbeing used for authentication, network access control for Wi-Fiusers and devices can be enforced based on a users’ Googleaccount privileges and organization unit (OU) membership.Role Based ControlRole based controls can be enforced on a per SSID basis.Role profiles can be created to match roles configured in theRADIUS server, Google G Suite or both. Rules of precedencecan be used to combine settings defined in a role profile andSSID, and enforce policies in terms of role attributes such asVLAN access, firewall rules, application firewall rules, per userbandwidth control and redirection to a captive portal.APIs and Third-party IntegrationWith Single Sign-On, powerful Web APIs, and securetunneling, integrating the Arista Cloud with third-partysystems, in-cloud, or on-premises, is easy. Both push and pullmechanisms are available. Using custom applications, Wi-Fianalytics can be pulled from the Arista Cloud or configurationand policy changes can be pushed to it. Wi-Fi analytics fromthe Arista Cloud or directly from the Arista APs can also bepushed to third-party Web services. RSSI data for BLE clientscan also be pushed to 3rd-party servers, e.g. location-basedsystems.Social Wi-FiInbuilt integration with Facebook, Google , Twitter, LinkedIn,Instagram and Foursquare enables guest on-boarding usingsocial login.Bonjour GatewayWi-Fi ReportsCV-CUE supports on-demand and pre-scheduled generationof reports for inventory management, compliance andoperational status updates. This includes inventory ofmanaged Wi-Fi devices, in-depth compliance reports for WIPS,list of Wi-Fi and WIPS alerts etc.Arista APs can be configured as a Bonjour Gateway to allowWi-Fi clients to discover and access Bonjour services acrossVLANs. This feature can be enabled on a per SSID basis andworks for both static and dynamic VLANs.
CloudVision CUE FeaturesData SheetCloud Integration PointWhether you are using Arista WIPS or transitioning to cloudbased Wi-Fi, integrating the Arista cloud Wi-Fi server with youron-premise systems allows you to leverage key advantages of thecloud server while continuing to use your existing infrastructure.It also saves you the time, effort, and cost of installing andmaintaining an on-premise Arista Wi-Fi server. A CloudIntegration Point (CIP) is an Arista AP that enables the integrationof the Arista Wi-Fi cloud server with existing third-party serviceson-premises.SyslogAES-256 encryptedArista CloudArcSightArista CIPNMSThe data exchanged between Arista Cloud and an onpremise Cloud Integration Point (CIP) is secured withAES-256 encryption. The CIP contains a firewall that onlyforwards traffic to the specified local destinations on thedefined ports. It also isolates the network with NAT so clientconnections cannot be established through the CIP.Enterprise Security Management (ESM)Integration with Enterprise Security Management serversenables Arista Cloud to send events and audit logs toSyslog and ArcSight servers, allowing customers to use theirexisting logging infrastructure to manage Arista events andlogs.GDPR ComplianceArista Networks provides General Data Protection Regulation(GDPR) compliant Arista Cloud Wi-Fi to its partners, resellers,and customers in the European Union. The Arista Cloud actsas a GDPR Processor of personal data.
CloudVision CUE Technical SpecificationsData SheetCV-CUE System RequirementsFeature/PlatformCV-CUE(Cloud Subscription)Supported BrowserClient JourneyApplication Visibilityand ControlWIPSBaseliningRCA EngineAuto Packet Captureand TroubleshootingNetwork ProfilingRF OptimizationWi-Fi AnalyticsGuest and CaptivePortal ManagementWi-Fi ACLsRBACAutomatic Updates andUpgradesCV-CUE(KVM on-prem)CV-CUE(CVP Cluster on-prem)Latest version of Chrome / Firefox / Microsoft EdgeBase OSSystem RequirementsCV-CUE(ESXi on-prem)Centos 7.5Up to 1000 APsCPU - 4vCPUs@2.933GhzReservedRAM – 8GB ReservedHard Disk - 250GB, ThinProvisioningUp to 1000 APsCPU - 4vCPUs@2.933GhzReservedRAM – 8GB ReservedHard Disk - 250GB, ThinProvisioningUp to 5000 APsCPU - 8vCPUs@2.933GhzReservedRAM – 32GB ReservedHard Disk - 500GB, ThinProvisioningUp to 5000 APsCPU - 8vCPUs@2.933GhzReservedRAM – 32GB ReservedHard Disk - 500GB, ed2PPLimited3Limited4PPCustomer Managed1Baselining: Based on only 7 days of history and drilldown not available from baseline charts.2Auto Packet Capture & troubleshooting: Automatic display of packet capture in “Packets” not available.3WiFi Analytics: No visualization of association and presence analytics data. No guest analytics.4Guest and Captive Portal Management: No “Canvas” to create captive portal and landing pages or campaigns. No social media authentication.No captive portal hosting capabilities.
CloudVision CUE SupportData SheetSKUs, Service and SupportThe CloudVision solution comprises three components: CloudVision eXchange, CloudVision Portal and CloudVision CognitiveUnified Edge. These components provide the platform for both orchestration and automation for wired and wireless networks asfollows:CloudVision eXchange is a EOS-based network-wide multi-function control point providing a single access point for real-timeprovisioning, orchestration and integration with third party controllers and services.CloudVision Portal is a web platform and associated historical database built to automate the workflows for a variety of networkprovisioning, change management, and monitoring tasks.For more details of CloudVision eXchange and CloudVision portal, consult the CloudVision Datasheet.Software support for CV-CUE is included in the CloudVision software subscription license. Hardware support for the CloudVisionPhysical Appliance requires a corresponding A-Care service contract. Support for each EOS device managed by CloudVision iscovered by standard A-Care offerings for each device. For more details on A-Care service offerings across all Arista products, nSS-COGWIFI-1MCognitive Cloud SW Subscription License for 1-Month for 1 x Wireless Access PointSS-PREMWIFI-1M-DCAOn-premises SW Subscription License for 1-month for 1 x wireless access point.For sale only with DCA-250 applianceSS-PREMWIFI-1M-VMOn-premises SW Subscription License for 1-month for 1 x wireless access point for virtualenvironment. For electronic delivery onlyDCA-250-CV1 unit CloudVision Physical Appliance, Model 250 (Includes CVX, CVP and Server).No device licenses.HeadquartersSupportSales5453 Great America Parkwaysupport@arista.comsales@arista.comSanta Clara, California 000866-497-0000www.arista.comCopyright 2022 Arista Networks, Inc. The information contained herein is subject to change without notice. Arista,the Arista logo and EOS are trademarks of Arista Networks. Other product or service names may be trademarks orservice marks of others.April 19 , 2022
With virtually unlimited and elastic availability of storage and compute resources, the Arista cloud eliminates artificial boundaries inherent in controller-based WLAN architectures. Naturally, it enables many innovative, previously unforeseen applications in big data analytics, machine learning and cognitive computing in the context of Wi-Fi.
