{"id":5803,"date":"2025-11-14T15:20:44","date_gmt":"2025-11-14T15:20:44","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=5803"},"modified":"2025-11-14T15:20:44","modified_gmt":"2025-11-14T15:20:44","slug":"arista-palo-alto-bolster-ai-data-center-security","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=5803","title":{"rendered":"Arista, Palo Alto bolster AI data center security"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Arista Networks<\/a>\u00a0and Palo Alto Networks have extended their partnership to offer customers a framework for implementing zero-trust security inside the data center.<\/p>\n

The new framework is intended to offer customers a way to blend networking control and management activities with security policies to allow integrated automation and consistent enforcement across the enterprise. In the past, Arista and Palo Alto worked together to share information but acted on it separately, and customers basically had to do any integration on their own, the vendors stated. That changes with the new agreement.<\/p>\n

DevOps teams build and update apps automatically using continuous integration\/continuous delivery and other methods, and to keep those apps running smoothly as usage grows, they need systems that can automatically add resources and coordinate them,\u00a0<\/strong>including when it requires orchestration across cloud environments, according to Kumar Srikantan, vice president and general manager, campus, at Arista, and\u00a0Alessandro Barbieri<\/a>, director of product management at Arista.<\/p>\n

\u201cThis demand for agility and geo-distributed scale compounds the already profound security challenges stemming from the sheer scale of east-west traffic, which dramatically expands the attack surface. To exacerbate these issues, a new breed of AI-powered threats, where adversaries are leveraging AI to launch highly evasive attacks with a new level of sophistication and scale, significantly raises the impact of any security incident,\u201d Srikanta and Barbieri wrote in a\u00a0blog about the partnership<\/a>. \u201cFurthermore, AI-powered attacks are designed to slip past legacy defenses at increased speeds. Data exfiltration attacks, vulnerability exploits, or the development of ransomware that used to take weeks or days can now take hours or minutes.<\/p>\n

With the expanded partnership, Arista and Palo Alto intend to address these issues.<\/p>\n

The first of four key features is zero-trust segmentation for data centers, which unifies segmentation, visibility and inter-zone protection via Palo Alto\u2019s next-generation firewall (NGFW) and\u00a0Arista\u2019s Multi-Domain Segmentation Services (MSS) fabric<\/a>. With this feature, the Arista fabric, which has complete network visibility, intelligently steers east-west application traffic to the Palo Alto\u2019s NGFW for deep, Layer 7 inspection, according to a\u00a0blog<\/a>\u00a0by Srini Kotamraju, vice president of products at Palo Alto.\u00a0<\/p>\n

\u201cBased on this inspection, the NGFW creates a comprehensive, application-aware security policy. It then instructs the Arista fabric to enforce that policy at wire speed for all subsequent, similar flows,\u201d Kotamraju wrote.\u00a0\u201cThis \u2018inspect-once, enforce-many\u2019 model delivers granular zero trust security without the performance bottlenecks of hairpinning all traffic through a firewall or forcing a costly, disruptive network redesign.\u201d<\/p>\n

The second capability is a dynamic quarantine feature that enables the Palo Alto NGFWs to identify evasive threats using Cloud-Delivered Security Services (CDSS). \u201cThese services, such as Advanced WildFire for zero-day malware and Advanced Threat Prevention for unknown exploits, leverage global threat intelligence to detect and block attacks that traditional security misses,\u201d Kotamraju wrote.<\/p>\n

The Arista fabric can intelligently offload trusted, high-bandwidth \u201celephant flows\u201d from the firewall after inspection, freeing it to focus on high-risk traffic. When a threat is detected, the NGFW signals\u00a0Arista CloudVision<\/a>, which programs the network switches to automatically quarantine the compromised workload at hardware line-rate, according to Kotamraju:\u00a0\u201cThis immediate response halts the lateral spread of a threat without creating a performance bottleneck or requiring manual intervention.\u201d<\/p>\n

The third feature is unified policy orchestration, where Palo Alto Networks\u2019 management plane centralizes zone-based and microperimeter policies, and CloudVision MSS responds with the offload and enforcement of Arista switches. \u201cThis treats the entire geo-distributed network as a single logical switch, allowing workloads to be migrated freely across cloud networks and security domains,\u201d Srikanta and Barbieri wrote.<\/p>\n

Lastly, the Arista Validated Design (AVD) data models enable network-as-a-code, integrating with CI\/CD pipelines. AVDs can also be generated by Arista\u2019s AVA (Autonomous Virtual Assist) AI agents that incorporate best practices, testing, guardrails, and generated configurations.<\/p>\n

\u201cOur integration directly resolves this conflict by creating a clean architectural separation that decouples the network fabric from security policy. This allows the NetOps team (managing the Arista fabric) and the SecOps team (managing Palo Alto Networks security) to scale, upgrade, and innovate independently,\u201d Kotamraju wrote.\u00a0\u201cNetOps can focus on building a high-performance, reliable network, while SecOps can focus on delivering best-in-class security services. Each team uses their own domain-specific management tools, and the integration layer automatically synchronizes policy and enforcement actions.\u201d<\/p>\n

Arista works with a number of security vendors such as Fortinet, Check Point, Splunk and more but none are as deeply integrated as Palo Alto is now. The networking vendor, too, offers its own security packages, including\u00a0CloudVision<\/a>\u00a0MSS and its AI-driven network detection and response platform.<\/p>\n

This story, Arista, Palo Alto bolster AI data center security<\/a>, first appeared on Network World.
<\/em><\/p>\n

<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Arista Networks\u00a0and Palo Alto Networks have extended their partnership to offer customers a framework for implementing zero-trust security inside the data center. The new framework is intended to offer customers a way to blend networking control and management activities with security policies to allow integrated automation and consistent enforcement across the enterprise. In the past, […]<\/p>\n","protected":false},"author":0,"featured_media":5804,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-5803","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5803"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5803"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5803\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/5804"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}