Arista’s CloudVision Guardian for Network Identity uses AI to implement, troubleshoot, and enforce NAC policies. Arista Networks has rolled out a SaaS-based service aimed at helping enterprises more network access control (NAC) more easily. The service, called CloudVision Guardian for Network Identity (CV-AGNI) uses real-time telemetry from Arista’s network products, combines it with data from its CloudVision management platform, and uses artificial intelligence to evaluate the information and implement security policies. The service can also onboard new devices, authenticate existing users, segment devices on the network, or help troubleshoot problems from a cloud-based system, according to Pramod Badjate, group vice president and general manager, of Arista’s Cognitive Campus group. “Historically the enterprise identity store would be in some on-prem system like Active Directory that has hardware or a series of VMs associated with it, and making changes to that system requires lots of manual work. In addition they’re very costly to scale up, and difficult to scale down. So if you had a really small organization, NAC almost cost prohibitive because of the starting scale to deploy the solution,” Badjate said. “But as cloud application authentication increases we think it only makes sense to do NAC from a cloud, AI-based system that can be updated quickly,” Badjate said. He said that CV-AGNI can cut policy deployment time by up to 75%. Arista has implemented a natural-language, generative AI-based system in CV-AGNI called Autonomous Virtual Assist (AVA) that utilizes Arista and third-party datasets in Arista’s NetDL architecture to support the service. The Ask AVA service brings a chat-like interface for configuring, troubleshooting, and analyzing enterprise security policies and device onboarding, Badjate said. “The typical troubleshooting scenario is somebody couldn’t connect and you’re trying to figure out what happened. So you can just ask the question, ‘Why is Bob not able to connect?’ and the system goes and identifies all relevant components or policies related to that person offers up what might be the reason that somebody is not able to connect,” Badjate said. THe company plans to expand AVA’s capabilities, wrote Arista’s CEO Jayshree Ullal in a blog about the news. “In the future, AVA will extend these AI-driven capabilities to other parameters, including anomaly detections,” she wrote. In its first iteration AGNI integrates with third-party products including: Endpoint Management systems: Medigate by Claroty, CrowdStrike XDR, Palo Alto Cortex XDR. Identity Management: Okta, Google Workspace, Microsoft Azure, Ping Identity and OneLogin. Mobile device management: Microsoft Intune, JAMF SIEM: Splunk The AGNI software subscription will be license up to three devices per user and will be available in the second quarter. Related content news Cisco marries AI and security with cloud-based data center offering Cisco announces AI-based Hypershield, a self-upgrading security fabric that's designed to protect distributed applications, devices and data. By Michael Cooney Apr 18, 2024 5 mins Network Security Data Center how-to Shredding files on Linux with the shred command The shred command is a good option for removing files from a Linux system in a way that makes them virtually impossible to recover. By Sandra Henry-Stocker Apr 18, 2024 4 mins Linux news Intel announces edge AI processors New edge-optimized processors and FPGAs will power AI-enabled devices in vertical industries including retail, industrial and healthcare. By Andy Patrizio Apr 18, 2024 3 mins CPUs and Processors Edge Computing news HPE sues China’s Inspur Group for server patent infringement HPE has accused Inspur of infringing on more than 10,000 active patents, specifically those related to its server technologies, such as general-purpose servers, rack servers, high-density servers, and AI servers. By Sandeep Budki Apr 18, 2024 4 mins Technology Industry Servers PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe