New cloud routing protocols combine functions across cloud, carrier, and enterprise networks.
High-performance network software maker Arista Networks today unveiled what it describes as next-generation cloud-grade routing. The logic behind this is that routing needs to evolve to meet the demands of the cloud.
The concept is certainly sound because networks now do much more than simply connect branch offices to a company data center.
Historically, companies have thought of networks as discrete entities: mobile, carrier, and business networks. But most cloud apps traverse all three, so experience and security depend on interoperability between the domains.
Arista introduced the concept of cloud-grade routing a little over half a decade ago with the idea of having a single software stack with a set of routing capabilities that could meet the needs of enterprises, service providers, and cloud operators. This week, it introduced several net solutions, capabilities, and platforms to evolve that cloud-grade routing.
Arista introduces TunnelSec to simplify encryption
One of the new capabilities Arista has introduced is called TunnelSec, which simplifies the use of different encryption technologies. As an example, it’s common for companies to deploy overlay networks to use both IPsec and MACsec encryption. TunnelSec encryption eliminates the need for external encryption traditionally used in networking. It does this by securing data in transit and provides in-line encryption at data rates ranging from 10G to 400G in Arista’s R3 Series routing platforms. As a result, TunnelSec removes the performance bottlenecks associated with legacy encryption deployments.
With a single network platform, companies can deploy MACsec, IPsec, and VXLANsec encryption. This delivers better network economics but also improves performance and network throughput.
“We’re seeing a trend where there is demand for encryption. In fact, we have customers who have asked us to do encryption in the data center itself, starting right from the top-of-rack switch,” said Jeff Raymond, vice president of Extensible Operating System (EOS) product management and services at Arista. “We’ve extended that concept, where customers can have encryption end-to-end.”
TunnelSec now comes embedded in Arista’s cloud-grade routing platforms. All of Arista’s products are powered by EOS and Network Data Lake (NetDL), which provides a single software base for switching, routing, telemetry, and a common set of data across all Arista platforms.
The single OS and data lake are Arista’s secret sauce. More and more network operations require AI-driven insights to optimize performance and secure the network. One set of data and its OS enable Arista to analyze information much faster than if it had to aggregate silos of information.
Arista’s reach has expanded past cloud titans
By innovating in this space, Arista was able to cross the chasm from the data center to modern routing. The Santa Clara, Calif.-based vendor has a sizable base of customers that have successfully deployed its cloud-grade routing. The list includes cloud giants (Microsoft, Meta), specialty cloud providers (Netflix, CDLAN, Zenlayer), service providers (Comcast, Arelion, Vocus), and internet exchanges (Netnod, Equinix, Seattle Internet Exchange). Vocus, for example, has refreshed its entire backbone and edge by tapping Arista across its 200 sites.
New edge capabilities introduced
In addition to TunnelSec, Arista revealed a secure enterprise edge capability, which combines the data center and data center interconnect (DCI) domains. Traditionally, the technology has been used to connect two or more data centers together. Arista is bringing in a gateway functionality that allows customers to simplify their multicloud deployments.
The last capability Arista launched is encryption and timing, designed for compact modular routing. A key aspect of the current 5G network buildout is timing. It requires highly accurate timing enabled by segment routing in order to develop the infrastructure for smart cities, autonomous vehicle connectivity, and other use cases. Arista’s new capability provides modular routing with precision timing and encrypts the traffic.
Arista rolls out Jericho 2C+ hardware platforms
Parallel with this announcement, Arista has expanded its R3 Series portfolio by adding 26 new products based on the Broadcom Jericho 2C+ silicon. The portfolio now includes the new R3A Series with integrated TunnelSec, 800G-ready 7800R3 with 12- and 16-slot modular systems, 7280R3A compact modular for metro, mobile, and DCI apps, and the 7280R3A Series with a 50% performance increase.
“The products are an extension of our existing R3 family. Within the 26 products, we have some fixed systems and new modular systems as well,” Raymond said. “We’ve been able to not just integrate the scale we need for routing but also build encryption directly into all of these products.”
The expanded features/products are available now in the latest EOS release. According to Raymond, customers can choose from three “flavors,” depending on their needs. The base model is focused on the data center. The middle-scale model provides encryption with a level of scalability. Lastly, the full-scale model offers both routing and encryption.
Arista, once thought of as a network vendor that only served the needs of cloud titans, has come a long way in the past half-decade. It now has solutions for companies of all sizes, including midmarket enterprises. This release expands its move into routing with the aim of helping businesses shift to a cloud-first organization.