Overview:
CloudVision is Arista’s modern, multi-domain management platform that leverages cloud networking principles to deliver a simplified NetOps experience. Unlike traditional domain-specific management solutions, CloudVision enables zero-touch network operations with consistent operations enterprise-wide, helping to break down the complexity of siloed management approaches.
As Arista’s platform for Network as-a-Service, CloudVision is designed to bring OpEx efficiency through automation across the entire network lifecycle - from design, to operations, to support and ongoing maintenance.
CloudVision is built on a Network Data Lake (NetDL) architecture that leverages realtime state to provide an abstraction of the physical network to a broader, network-wide perspective allowing for a more efficient approach for several operational and network telemetry capabilities including the following highlights:
- Multi-domain scope, bringing consistent network operations to Data Center, Campus, WAN/Interconnect, Media & Entertainment, and multi-cloud use-cases
- Cloud-native architecture, offered with the same feature set across both cloud service (SaaS) and on-prem appliance (virtual or physical) deployment options.
- Real-time state streaming for network telemetry and analytics - a modern approach to replace legacy polling per device
- State repository, analytics engines and telemetry views to provide an unprecedented level of granularity in real-time monitoring and historic network state for forensic troubleshooting
- Cognitive analytics, leveraging the rich NetDL data source as the basis for training AI/ML models to generate better recommendations and insights for operators
- Turn-key automation with CloudVision Studios for initial and ongoing provisioning, ZTP as-a-Service, configuration management and network-wide change control–including automated upgrades, network rollback, and network snapshots
- Compliance dashboard for security audit, patch and lifecycle management
- Support for the Unified edge, with wired and wireless views and dashboards, including IoTvision™
- NetDevOps workflows, providing extensibility for CloudVision to integrate into a broader continuous integration (CI) pipeline
- Cloud Tracer™ for visibility into the availability of network connectivity and services across private, public, and hybrid cloud environments
- Macro-Segmentation Services to provide automated and seamless service insertion with integrations by partner security platforms
- IP Broadcast operations, including specific dashboards and Media Control Services (MCS) integration with technology partners
- Centralized API gateway for both northbound and southbound integrations, leveraging OpenConfig, gRPC, and REST APIs
Ecosystem Integration
Arista’s customers are trying to orchestrate workflows across their physical and virtual infrastructure. Arista CloudVision is the platform for deeper integration with a broad array of Arista’s ecosystem partner solutions, including Ansible, Forescout, Palo Alto Networks, ServiceNow, VMWare NSX and many others.
CloudVision Highlights
Cloud Automation for Everyone
Arista CloudVision simplifies complex time and resource intensive tasks in a turnkey software solution designed to help customers move to a more automated, cloud-like infrastructure.
Multi-Domain Service
Real-time state is streamed from wired and wireless devices from the entire enterprise, from DC to campus to WAN. This state is stored in NetDL, a state-based, cloudhosted, network-wide data lake, enabling cognitive analytics as a multi-domain service.
Network Telemetry & Analytics
CloudVision brings a modern approach to network telemetry and a replacement for legacy polling mechanisms. AVA, Arista’s Autonomous Virtual Assist engine for analytics, takes full advantage of the state streaming infrastructure of EOS and NetDL to give Arista customers an unprecedented level of visibility with a time-series view of the entire network, across data center, campus, public clouds and WAN.
NetOps Automation
Addressing the spectrum of operator types in NetOps environments, CloudVision includes out-of-the-box, point n’ click automated provisioning, through to integration with CI pipelines. All aligned with Arista best practice designs for a consistent experience.
Open API Integrations
CloudVision is Arista’s API gateway for physical network integration with third party services. Integrate with network overlay controllers, DevOps platforms and network services solutions such as Palo Alto Networks, ServiceNow and others. Built on modern REST and gRPC-based APIs, to both simplify and scale network integration.
CV UNO:
CloudVision Universal Network ObservabilityTM(CV UNOTM) is Arista’s modern, multi-domain network observability platform that integrates application visibility with CloudVision’s already powerful network telemetry base in providing unparalleled insights into application and workload performance across data centers, campuses, and wide area networks. It harnesses the power of NetDL architecture and AVA-driven proactive analysis and prescriptive recommendations, accelerating root-cause identification and propelling rapid issue resolution. This innovative solution proactively reduces human error, streamlines issue resolution for unforeseen events and provides precise root cause analysis of network events and their impact on application delivery.
Key CV UNO benefits:
- Integrated Workload Application and Infrastructure Visibility
CV UNO constructs a composite picture of the entire network and application environment - essentially an application-to-network graph. This graph is continually refreshed and stored in a time-series database, providing a dynamic, historical account of the environment's evolution and state, ensuring deep visibility and understanding of application flows through the network at any given moment.
- Proactive Risk Analysis
CloudVision’s change control workflows (including AVD) leverages CV UNO’s application intelligence, empowering organizations to scrutinize potentially disruptive network changes rigorously before their deployment into production and mission-critical networks, ensuring operational resilience and stability.
- Realtime Impact Analysis
When an application performance is impacted, CV UNO, without deploying any host-based agents, is able to quickly help the operator or engineer answer the critical question “is the issue on the network or in the application?” by driving to the accurate root cause of the issue, thereby reducing the resolution time and simplifying cross-functional coordination for the operations team.
CV UNO - Arista’s Platform for Network Observability
CloudVision Universal Network Observability Enabling Self-Diagnostic Networks
Available as a premium feature set on Arista CloudVision as-a-Service(CVaaS), CV UNO leverages one or more CV UNO Sensor VMs, strategically deployed on-premises to collect, normalize, and meticulously curate flow/SNMP data from diverse sources such as physical/virtual compute and third-party network devices. This holistic data is then coupled with CloudVision’s deep view of the networking state and stored into NetDL. CV UNO then harnesses machine intelligence-based analysis on this composite NetDL data to identify application and topology-aware correlations across events, application behavior changes, and application flow anomalies. This advanced functionality accelerates impact analysis and expedites issue resolution with unprecedented efficiency delivering a comprehensive, 360o observability powered by the following key feature highlights:
- Private cloud visibility, leveraging API integration with VMware vCenter to augment application, flow and event information into NetDL data
- Application Discovery workflows to discover and classify applications
- Application Dashboard page, that shows all the applications, application health, performance, services, critical events, top bandwidth consumers and more
- Application Dependency Mapping topology overlaid with flow metrics (like latency, data usage etc) to not only visualize interaction between application services but also enable faster root cause analysis
- Application Flow graph, that visualizes directional, bandwidth-aware, inter-service application flows
- DANZ Monitoring Fabric (DMF) as a Data source to support collection of end-to-end TCP analysis and flow data generated from DMF
- Enhanced 3rd Party Device Visibility to also support flow data collection from 3rd party devices into NetDL. This extends CV’s SNMP based 3rd Party Device support.
- End-to-End Visualization that elevates CV’s network topology visualization to now display physical / virtual end hosts in the topology, showing how applications are connected to the network and also identifying application flow-level potential bottlenecks or performance issues.
- Enhanced CV’s Fault / Anomaly Detection, Event Correlation, Inference and Alerting algorithms to also take application context, application events, end-to-end TCP analysis events in consideration in addition to CV’s network-centric events.
Features:
CloudVision Solution
The CloudVision solution is comprised of three components: CloudVision Portal, CloudVision eXchange, and CloudVision CUE (Cognitive Unified Edge). These components provide the platform for both orchestration and automation for wired and wireless networks as follows:
- CloudVision Portal is a web platform and associated historical database built to automate the workflows for a variety of network provisioning, change management, and monitoring tasks. Available for on-premises deployments (virtual or physical appliance) as well as cloud service delivery with CloudVision as-a-Service.
- CloudVision eXchange is a EOS-based network-wide multi-function control point providing a single access point for realtime provisioning, orchestration and integration with third party controllers and services.
- CloudVision CUE (Cognitive Unified Edge) is a centralized management plane that simplifies policy management, provisioning and troubleshooting of WiFi networks while delivering richer telemetry to network administrators.
CloudVision Portal Features
The following table summarizes the main features of Arista’s CloudVision Portal.
General Platform and Telemetry Features
| Feature |
Description |
| User Security |
Local and TACACS / RADIUS Authentication and Role-based Authorization
Role Based Access Control (RBAC) - Custom role definition for authorization
One-time password/Multi-factor Authentication
Single sign on integration with OAUTH Providers (Microsoft, Google, Okta, OneLogin, Custom) and SAML Providers (Launchpad, Okta, OneLogin, Custom) |
| APIs |
JSON-based REST and streaming APIs (gRPC) |
| Device Management |
Device inventory
Per device logs of all actions taken by CloudVision
Device snapshot configuration and scheduling
Third party system data source management |
| Compliance |
Configuration and Image compliance for managed devices
Bug exposure assessment for managed devices based on operational state of devices, including EOS devices and Arista wireless access points
PSIRT assessment for managed devices for security compliance
Hardware and Software Lifecycle events for product compliance |
| Telemetry Views |
Real-time state streaming from devices
Backend state repository and analytics engine
Comparison application for easy comparison of state across devices and historic timeline
Real-time analytics for event detection and notification
CloudTracer for endpoint reachability monitoring across private, public, and hybrid cloud networks
Topology Views, with Metric Layers, visibility for VLAN/VXLAN segments
Custom dashboards to monitor metrics network wide with built-in panels for traffic flows, Top K interface graphs and more
Flow visibility with sFlow and IPFIX flow records from devices with trend analysis and path visibility in Topology View
Inband Network Telemetry based hop-by-hop latency for flow records (on supported EOS platforms) in Topology View
Endpoint Inventory for all connected IP endpoints
Network-wide search for MAC address and IP address |
| Partner Integration |
Official support for ServiceNow, Remedy, Forescout and Ansible integration. Other technology partner integration details available upon request |
Provisioning Features
| Feature |
Description |
| Device Onboarding |
Automatic device provisioning via Zero Touch Provisioning (ZTP) for EOS and CloudEOS devices
Zero Touch Replacement (ZTR)
Cloud-based ZTP as-a-Service* |
| Configuration Management |
Device configuration provisioning via Studios and configlets
Built-in guided workflows to provision Arista validated network designs and manage ongoing configuration changes
Flexibility to customize built-in workflows or create new and advanced workflows
Configlet Builder for config templating and scripting
Build, validate and review configuration differences of proposed and running config for devices
Config reconcile for source of truth management |
| Software Management |
Repository for Images and Extensions
Assign image bundles for initial provisioning across device groups
Preload images onto devices prior to upgrading |
| Change Control |
Automated ongoing device configuration change management
Flexible change control workflow for task execution with support for snapshots and user defined scriptable actions, and the ability to schedule deployment of changes
Review and approve stage to authorize changes with support for Role based access control
Automated software upgrades across groups of devices leveraging BGP Maintenance mode, SSU and MLAG health checks for hitless upgrades
Change Control Templates to automate repeatable operational run books
Network-wide Rollback |
CloudVision eXchange Features
The following table summarizes the main features of Arista’s CloudVision eXchange.
| Feature |
Description |
| Base Infrastructure |
Runs in an EOS VM as a virtual appliance
Three node cluster with high availability for production deployments
Single node Deployment (Lab use only)
Graceful reboot
EOS operating environment (CLI, APIs, management features, etc.) |
| VXLAN and EVPN Services |
VXLAN Control Services (VCS) for dynamic control plane learning of VXLAN mapping information
CloudVision eXchange Federation across multiple Data Centers using BGP-EVPN |
| APIs |
EOS command line
eAPI for EOS |
| Open Virtual Switch Database (OVSDB) Services |
Layer 2 hardware VTEP integration for synchronizing network topology information, MAC to VXLAN endpoints, and VXLAN ID bindings with overlay controllers
Layer 3 hardware VTEP integration for logical routing functionality in VXLAN overlay networks |
| OpenStack Services |
Integration with OpenStack via ML2 driver plugin for provisioning of network services (VLAN, VXLAN, etc) for VMs and with OpenStack Ironic to extend network provisioning to bare-metal servers |
| Macro-Segmentation Services |
MSS-Firewall: Dynamically instantiate network services policy in the physical network by integrating with firewall services from Palo Alto and Fortinet |
| Partner Integration |
Container Tracer support for Docker and Kubernetes based containerized environments
Official support for VMware NSX and OpenStack integration
Other technology partner integration details available upon request |
* Applicable to CloudVision as-a-Service offering only
Specifications:
CloudVision Deployment Models
The following describes the deployment models for CloudVision Portal
| CloudVision as-a-Service |
Description |
| Connectivity Requirements |
IP connectivity to www.arista.io (port 443) / apiserver.arista.io (port 443) |
| Protocols |
Browser over HTTPS
gRPC for device connectivity |
| Supported SSO Providers |
OAUTH (Microsoft, Google, Okta, OneLogin, Custom)
SAML (Launchpad, Okta, OneLogin, Custom) |
| CloudVision Virtual Appliance |
Description |
| Hardware Platform Requirements |
Please consult the CloudVision Configuration Guide for the latest hardware platform requirements. A 3-node cluster is recommended for production deployments. |
| Hypervisor Requirements |
VMware ESX
Linux KVM
For supported Hypervisor versions, please refer to the software release notes. |
| Protocols |
Browser over HTTPS
Admin shell access over SSH, SCP
NTP for time synchronization between nodes
gRPC for device connectivity |
| Software Version Requirements |
CloudVision Portal and CloudVision eXchange are deployed as virtual machines on supported hypervisors. For software recommendations, please refer to the software release notes. |
| CloudVision Physical Appliance |
Description |
| Physical Appliance Platform
Specifications for DCA-350E-CV
|
CPUs: Two Intel Xeon Silver 4316 2.3GHz, 40C/80T
DRAM: 128 GB (Eight 16GB RDIMM)
Hard Drives: Five 2TB SSD Encrypted Drives (7.6 TB effective)
Network Interfaces: Four port 10Gb Ethernet (RJ-45), 1Gb IPMI (RJ-45)
Power Supply: Dual, Hot-plug, Redundant 550W Power Supplies (1+1)
Power Cord: International, UL/EURO/CCC, C13 - C14, 2M, 18AWG, 1.0MM, 10A/250V
Dimensions (HxWxD): 1.68”x17”x25.87” (4.26cm x 43.38cm x 65.70cm)
Weight: 38.9 lbs (17.64 kg)
Remote management: iDRAC9 Enterprise controller |
| Physical Appliance Software Version
Requirements |
DCA-350E-CV supports software applications for CloudVision Portal, CloudVision eXchange and CloudVision CUE. For software recommendations, please refer to the appliance release notes. |
| CloudVision Physical Appliance |
Description |
| Physical Appliance Platform
Specifications for DCA-300-CV
|
CPUs: Two Intel Xeon Silver 4310 2.1GHz, 24C/48T
DRAM: 64 GB (Two 16GB RDIMM)
Hard Drives: Four 2TB SSD Drives (5 TB effective)
Network Interfaces: Four port 10Gb Ethernet (RJ-45), 1Gb IPMI (RJ-45)
Power Supply: Dual, Hot-plug, Redundant 550W Power Supplies (1+1)
Power Cord: International, UL/EURO/CCC, C13 - C14, 2M, 18AWG, 1.0MM, 10A/250V
Dimensions (HxWxD): 1.68”x17”x25.87” (4.26cm x 43.38cm x 65.70cm)
Weight: 38.9 lbs (17.64 kg)
Remote management: iDRAC9 Enterprise controller |
| Physical Appliance Software Version
Requirements |
DCA-300-CV supports software applications for CloudVision Portal, CloudVision eXchange and CloudVision CUE. For software recommendations, please refer to the appliance release notes. |
| CloudVision Physical Appliance |
Description |
| Physical Appliance Platform
Specifications for DCA-250-CV
|
CPUs: Two Intel Xeon 10 Core, 2.2 GHz CPUs, 20C/40T
DRAM: 64 GB (Two 32GB RDIMM)
Hard Drives: Four 2TB SSD Drives (5TB effective)
Network Interfaces: Four port 1Gb Ethernet (RJ-45), 1Gb IPMI (RJ-45)
Power Supply: Dual, Hot-plug, Redundant 550W Power Supplies (1+1)
Power Cord: International, UL/EURO/CCC, C13 - C14, 2M, 18AWG, 1.0MM, 10A/250V
Dimensions (HxWxD): 1.68”x17”x25.87” (4.26cm x 43.38cm x 65.70cm)
Weight: 38.9 lbs (17.64 kg)
Remote management: iDRAC9 Enterprise controller |
| Physical Appliance Software Version
Requirements |
DCA-250-CV supports software applications for CloudVision Portal, CloudVision eXchange and CloudVision CUE. For software recommendations, please refer to the appliance release notes. |
