See and Secure
Securing your data center network requires an understanding of its intended design, the mission-critical applications it supports, and how those applications are delivered. The Apstra Intent-Based Networking platform provides a comprehensive view of your network design, enhanced visibility during outages or breaches, and the ability to segment your network by application.
Prevent Network Compromises Caused by Passively Approved Changes
Onboarding new team members can lead to security gaps and unintended states in the network that can seriously compromise applications.
With tools for segmenting the network into security zones and further defining the virtual networks that operate inside them, operations and security teams can virtually eliminate the potential risk of an unknown breach or a passively approved change that can compromise the network.
Eliminate security gaps
Transfer knowledge about business processes and security policies to new team members faster.
Propagate security policies
Get a common, validation-driven toolset for propagating security policies across the network and into cloud environments.
Ensures there is no deviation between intended state and actual state — which is a critical foundation to a secure infrastructure — with a single source of truth.
Identify compromising events
Easily identify network events that could have caused breaches or impacted data accessibility.
Seamless Integration with VMware NSX, vSphere and Nutanix
Focus on applications rather than network complexity. Apstra AOS reads directly from a VMware environment, providing simple visibility across the network fabric and compliance checks between server and network security policies. AOS also supports direct integration with Nutanix hyper-converged infrastructure.
Group-Based Policy Enhancements
Simplify your network access management and tenant segmentation across all vendors, with no need to manage individual access-control lists or command-line interface syntax.
Apstra AOS scales to support the largest data centers around the world. Manage thousands of connected devices as a single logical element, with a complex EVPN overlay that can be instantiated with a few simple clicks. Create tenant isolation in a simple workflow that allows you to reconfigure a multivendor fabric in seconds and automatically enforce policy changes no matter how large your network grows.
Advanced Root Cause Identification
Dramatically improve MTTR (mean-time-to-repair) by pointing operators directly to the cause of service-affecting problems. Accelerate troubleshooting with predefined, customizable, automated probes and an enriched view of anomalies with context and summary of root causes.
Reduce the time and complexity associated with initial device provisioning with integrated support for device management and control right out of the box. Plug in a single network cable and use AOS to manage nodes regardless of the vendor type or network operating system.
IPv6 Application Support
Future-proof your network addressing with both IPv4 and IPv6 simultaneously supporting massive virtual and containerized compute environments.
AOS simplifies scaling to handle the largest data center requirements, including 5-Stage Clos for massive cloud and compute farms of over 100,000 servers. Unified system monitoring and management based on simple design patterns and rules.
Network Lifecycle Day 0, 1, 2+ Move/Add/Change Automation
Grow, shrink, and move your network and servers without affecting business applications. Use a simple browser-based management tool to drain network traffic off devices before upgrading or remediating problems with network hardware.
Rapid Network Operating System Upgrades
Ensure the latest verified software is running on all devices at all times. Control the certified operating system level of every device in a single location and employ automated workflows to remediate deviations for security compliance.
There’s no need to know what label is on the front of the network devices. Easily add/remove devices from vendors including Cisco, Arista, Juniper, Cumulus, with underlying support for white-box network solutions and free NOS alternatives like Microsoft SONiC.
Intent-Based Analytics (IBA)
IBA draws from your intent to determine how to check each condition. Explore the state of the network in real-time, and commit your best practices and predefined industry-best checks to real time validation, with no delay and no need for future modification.
Improving Your Security Posture Through Intent-Based Networking
Read how IT organizations can ensure security is a top priority by taking a software-first approach and deploying Intent-Based Networking.
Doyle Research: Intent-Based Data Center Automation for the Enterprise
Doyle Research shows how Intent-Based data centers solve for the new challenges IT organizations are facing as they deploy new resources.