Arista extends security of EOS, doubles R3 router portfolio

Arista extends security of EOS, doubles R3 router portfolio

Vendor adds package of encryption options, 26 new router configuration options

Credit: Dreamstime

Arista Networks has added security, cloud and mobile connectivity to its flagship operating system and doubled its portfolio of routing products giving enterprises new network configuration options.

Arista’s Extensible Operating system (EOS) now includes encryption options called TunnelSec, a new ethernet VPN (EVPN) MPLS gateway for data centre-connectivity, and improved timing-protocol support aimed at improving the handling of mobile communications.

EOS is Arista’s Linux-based modular, programmable software that controls and manages all of Arista’s switches and routers.

The new TunnelSec feature supports three encryption services — IPSec, MACsec, and VXLANsec — that address a end-to-end security needs. IPsec is the most traditional  and can be used to set up VPNs and other Layer 3 IP tunnels.

MACsec is a Layer 2 protocol that typically secures line rate traffic traversing LANs as well as traffic from higher layer protocols. VXLANsec offers Layer 2 and 3 encryption between VXLAN implementations.

TunnelSec is embedded in the forwarding engine of EOS and users have the options to encrypt end-to-end traffic from the enterprise edge, data centre or clouds in the way they need to, and at wire rates from 10G to 400G said Shyam Kota, director of product management with Arista. “TunnelSec eliminates the need for the customers to have different devices to support encryption, which saves operational costs and administration.”

The EVPN MPLS gateway which allows data centres connected over an MPLS WAN to more easily communicate.

“The EVPN MPLS gateway collapses two operational domains and protocols into a single platform rather than having it on multiple locations that would be needed today,” Kota said. The idea is to better support new applications or application extensions as well as better disaster recovery operations.

The precision-timing capability, aimed at mobile service providers, is support for precision timing of 5G and other new mobile applications where timing is critical to delivering mobile support services, Kota said.

Specifically, EOS now supports Synchronous ethernet (SyncE) and Precision Time Protocol (PTP) to ensure that device clock signals over the ethernet physical layer are timed correctly.

On the router side, Arista announced 26 new 7280R3 router products aimed at data centre and service provider customers with fixed and modular configurations and system support anywhere from 7.2Tbps to 460Tbps performance.

The 7280R3 family options include a choice of 1U to 4U systems with support for 10Gps to 800Gbps interfaces. Each 7280R3 modular system is configurable with SFP, QSFP and OSFP/QSFP-DD interfaces to support connectivity from 10G to 400G and supports dense 400G-ZR DWDM. Further options include large scale routing and policy resources.

The new devices expand the existing R3 portfolio to 51, but the new R3s’ feature the new Broadcom 14.4Tbps Jerico2c+ chip, which can handle very high traffic volumes, according to John Peach, technical director with Arista. 

“We have also seen an average of 50 per cent reduction in power requirements per 100 gig, and we were very, efficient  compared to many of the more traditional vendors,” he said.

The latest EOS release 4.28 is available now as are the new R3 models except for the 7280R3A Data Center SwitchRouter configuration which will be available in Q4.

Tags Aristacyber security

Show Comments