Jun 5, 2018

Apstra Makes EVPN Easy — IBA, OPX and More


I am delighted to introduce Apstra Operating System (AOS®) 2.2, the latest release of our Intent-Based Networking software, which provides turnkey data center network operations.

AOS 2.2 delivers on a key set of features that our customers have requested, following through on our commitment to deliver unmatched feature velocity while maintaining the highest quality. See it for yourself.

Apstra Makes EVPN Easy

One of the highlights of this release is the support for multi-tenancy and enhanced inter-rack Layer 2 (L2) connectivity through Ethernet VPN (EVPN).

EVPN provides a scalable control plane for VXLAN and enables a multi-tenant deployment via VRFs, exposed in AOS as security zones. This enables you to quickly transition to modern Layer 3 (L3) leaf-spine Clos architectures while addressing your traditional applications’ L2 connectivity and security requirements.

evpn_button_200x200However, in spite of being an industry standard, EVPN has taken a long time to mature, and implementations still vary widely between vendors. This compounds the inherent complexity of the technology and makes it extremely hard to configure and troubleshoot, which has been a major obstacle to its adoption.

AOS 2.2 removes the EVPN implementation obstacles. AOS’ intent-based approach abstracts the complexity and automates all aspects of EVPN configuration and operations across vendors, effectively providing an “easy button” for your EVPN deployments.

Increased Choice of Hardware and Software

We continue to deliver on our mission to provide you with choice of switch hardware and software. Our role is to make the breakthrough innovation coming from the network disaggregation trend consumable to the broad enterprise and service provider markets.

With this release, we are introducing for the first time support in AOS for a fully open source network operating system: OpenSwitch (OPX). What this means is that you will receive direct support from Apstra if you use OPX as part of your AOS production deployment!  It’s that simple. We are also working closely with the SONiC community to provide the same level of production support soon.


AOS 2.2 also extends our hardware compatibility list with new switches across Cisco, Arista, Mellanox and Dell EMC. It has also never been easier to add new switches in AOS. With our brand new device profile editor, you can add new hardware and/or model new device capabilities in minutes directly from the GUI.

We are also keeping up with recent versions of AOS-supported software and NOS, including Cumulus 3.6, Ubuntu 16.04, and the Free-Range-Routing (FRR) routing stack for managed L3 servers.

Intent-Based Analytics (IBA) Enhancements and Brownfield Network Discovery

Another key area of focus for this release is day 2 operations – where you spend most of your time.

With AOS 2.2, you can now – directly from the AOS GUI – configure the AOS analytics pipeline or instantiate one of our pre-defined IBA probes to set up proactive closed-loop monitoring and actionable alerts, as well as detect gray failures and other anomalies. You can also extend AOS telemetry to collect any device information and then use IBA probes to reason about this data, leveraging all the context that AOS has about the network.

AOS can now also be deployed in monitoring mode on existing data center leaf-spine deployments. After automated discovery of the network, AOS offers the same continuous validation and intent-based analytics capabilities in a risk-free, read only fashion. Connect with us and give it a spin on your existing data center network!

Enterprise-Class and Compliance Audit

New capabilities in this release make AOS an even better fit in the most demanding environments.

In addition to TACACS+ integration and security hardening, we are introducing support for customizable RBAC roles, which allow you to tailor user permissions at a granular level to create user profiles that match your specific organizational boundaries and policies. You can also share read-only views of the network with the rest of your organization, streamlining the communication between server, storage, and network teams and reducing the typical blame game when something goes wrong.

Further, we are introducing an audit trail feature that allows you to track the origin and content of any change going through AOS to the entire network. You can now correlate directly from the AOS GUI any specific line of device configuration change to the actual operator intent and identity. This brings an unprecedented level of change traceability to the network industry, which  is a game changer for both troubleshooting and compliance audit use cases.

New Services and Usability Improvements

Aside from these major new features, AOS 2.2. includes other improvements, driven directly by our customers’ and market feedback.

In term of AOS services, we are delivering on the first phase of our IPv6 roadmap by supporting IPv6 on leaf-spine links, addressing the need to save precious IPv4 address space. We are also introducing dual-attachment of L3 servers for more resilient routing on the host deployments.

Last but not least, we are continuously improving existing capabilities, not only based on your feedback but also from our internal learnings, all as part of our goal to provide a truly outstanding product. You will find for example in AOS 2.2, a new, beautiful topology view, improved GUI around device profiles viewing and editing, as well as management of AOS device agent lifecycle directly from the GUI.

This is amongst many other usability and look-and-feel enhancements that you will discover when trying out our new release or check us out during our upcoming AOS 2.2 webinar.

The Apstra team is very excited to make this new release available to you and we are eager to hear your feedback!


Ping us for a demo or evaluation to get a first hand experience. Register for our AOS 2.2 Webinar and Demo, download the AOS 2.2 data sheet, or if you are heading to Cisco Live in Orlando next week, we’d love to schedule a private demo for you.