See and Secure

Securing your data center network requires an understanding of its intended design, the mission-critical applications it supports, and how those applications are delivered. The Apstra Intent-Based Networking platform provides a comprehensive view of your network design, enhanced visibility during outages or breaches, and the ability to segment your network by application.

Prevent Network Compromises Caused 
by Passively Approved Changes

Onboarding new team members can lead to security gaps and unintended states in the network that can seriously compromise applications.

With tools for segmenting the network into security zones and further defining the virtual networks that operate inside them, operations and security teams can virtually eliminate the potential risk of an unknown breach or a passively approved change that can compromise the network.

Eliminate security gaps

Transfer knowledge about business processes and security policies to new team members faster.

Propagate security policies

Get a common, validation-driven toolset for propagating security policies across the network and into cloud environments.

Self-documenting infrastructure

Ensures there is no deviation between intended state and actual state — which is a critical foundation to a secure infrastructure — with a single source of truth.

Identify compromising events

Easily identify network events that could have caused breaches or impacted data accessibility.

Advanced Features

Seamless Integration with VMware NSX, vSphere and Nutanix

Focus on applications rather than network complexity. Apstra AOS reads directly from a VMware environment, providing simple visibility across the network fabric and compliance checks between server and network security policies. AOS also supports direct integration with Nutanix hyper-converged infrastructure.

Group-Based Policy Enhancements

Simplify your network access management and tenant segmentation across all vendors, with no need to manage individual access-control lists or command-line interface syntax.

5-Stage Clos

Apstra AOS scales to support the largest data centers around the world. Manage thousands of connected devices as a single logical element, with a complex EVPN overlay that can be instantiated with a few simple clicks. Create tenant isolation in a simple workflow that allows you to reconfigure a multivendor fabric in seconds and automatically enforce policy changes no matter how large your network grows.

Advanced Root Cause Identification

Dramatically improve MTTR (mean-time-to-repair) by pointing operators directly to the cause of service-affecting problems. Accelerate troubleshooting with predefined, customizable, automated probes and an enriched view of anomalies with context and summary of root causes.

Zero-Touch Provisioning

Reduce the time and complexity associated with initial device provisioning with integrated support for device management and control right out of the box. Plug in a single network cable and use AOS to manage nodes regardless of the vendor type or network operating system.

IPv6 Application Support

Future-proof your network addressing with both IPv4 and IPv6 simultaneously supporting massive virtual and containerized compute environments.

Cloud-scale Infrastructure

AOS simplifies scaling to handle the largest data center requirements, including 5-Stage Clos for massive cloud and compute farms of over 100,000 servers. Unified system monitoring and management based on simple design patterns and rules.

Network Lifecycle Day 0, 1, 2+ Move/Add/Change Automation

Grow, shrink, and move your network and servers without affecting business applications. Use a simple browser-based management tool to drain network traffic off devices before upgrading or remediating problems with network hardware.

Rapid Network Operating System Upgrades

Ensure the latest verified software is running on all devices at all times. Control the certified operating system level of every device in a single location and employ automated workflows to remediate deviations for security compliance.

Multi-vendor Support

There’s no need to know what label is on the front of the network devices. Easily add/remove devices from vendors including Cisco, Arista, Juniper, Cumulus, with underlying support for white-box network solutions and free NOS alternatives like Microsoft SONiC.

Intent-Based Analytics (IBA)

IBA draws from your intent to determine how to check each condition. Explore the state of the network in real-time, and commit your best practices and predefined industry-best checks to real time validation, with no delay and no need for future modification.