VXLAN: security recommendations

Abstract This document provides recommendations that are advised to implement in order to increase the security in multitenant network environments built on Arista Networks devices using VXLAN. Introduction One of the crucial qualities of modern cloud network infrastructure is scalability. Scalability can’t be achieved if security of the network operations inside the cloud is compromised. As for example, load scalability is not achievable in environments where the VMs are not able to operate when the network between them is not working properly due to hijacked MAC-addresses. One of the technologies used nowadays to address the challenges with scalability inside the cloud networks...
Continue reading →

How to Install & Configure Arista’s DirectFlow Assist for Palo Alto Firewalls

Contents Summary Prerequisite Summary Prerequisite Concepts Configuring QoS Markings Configuring the DFA Modes DFA Installation Palo Alto Configuration Troubleshooting SUMMARY For the high level solution brief, view the Palo Alto Solution Brief. One of the many features of having an Arista switch is the ability to install extensions on the box. Remember that you can manage the Arista switch as if it was a Linux server (it actually is, but that’s outside the scope of this article) – and because of this we can install RPM packages. One of the packages we can install is Arista’s DirectFlow Assist (DFA), which...
Continue reading →