Tag :: CVP

The disk usage prediction event monitors the historical device disk usage on a given disk partition and from this data

This feature adds additional functionality to OAuth and SAML providers in the the Settings > Access Control > Providers page. This new functionality is gated behind the “Email Domains for Providers” beta toggle. Enabling the toggle will allow users to specify a list of allowed email domains for provider login.

The figure below shows a conceptual overview of the Arista CVW solution. . As shown in the figure, CVW

For these events user rules need to be configured for each event. The user needs to define what the threshold is for the HTTP response time or jitter. After the rules are configured the events will trigger if values above these thresholds are seen. 

The Event Notification system is the mechanism that sends alerts when certain events occur the behavior of which is specified by the user.

CloudVision allows you to generate event notifications so that you can stay up to date on your network's status and performance. Notification configuration involves formatting notifications, configuring notification platforms, assigning notification receivers, and configuring notification rules.

This TOI captures new categories of events that have been added in CVP release 20202.1.0. Network

Rule Labels are optional conditions in Event Notifications for sending notifications to receiver platforms. Using rule labels allows you to create more complex notification rules in relation to generated events.

In order to minimize the volume of change control events, CloudVision has introduced a new event, Change Control Events. Change Control Events is generated when 2 or more of the following events are triggered for the same change control:

CloudVision will generate a Disk Utilization on CloudVision Node Breached Threshold event when disk utilization for a CloudVision node has either exceeded the default threshold or breached the user-configured threshold set in event rules.

Users will now be able to minimize the number of CloudVision events by grouping related events together. Groups typically include events of the same type or those that are triggered on the same devices or interfaces.

This document presents several procedures to reduce the time taken to upgrade CVP between major releases. This can

Use an External Certification Authority (ECA) to ensure secure communication and authentication with CloudVision..By default, Streaming Agent and other applications communicate with CloudVision using mutual-TLS certificates signed by a local certificate authority (CA). You now have the option to integrate CloudVision with Venafi,  an external CA, to sign and verify these certificates.

Flow Analytics (Beta). NOTE: This is a beta feature in the 2019.1.0 and 2020.1.0 release and is not enabled by

Two events are now available in CloudVision to track hardware table usage, a threshold event on the current percentage usage of a hardware table and a prediction event where the historical trend of hardware table usage is used to predict when the table will be full. 

The Help Center is an in-product documentation service. You will have access to new and detailed information on all CloudVision features and functionalities. The Help Center is designed to provide this information quickly and with minimal user effort.

CVP will generate events when a provisioned device goes out of config or image compliance.  When a device is assigned

Input errors from a failed build are now highlighted in Studios. Previously, after a workspace build failed, the Workspace Build Summary will show a list of reasons for the failure.

The Interface Diagnostics quick action provides you with a fast and efficient way to run interface cycles and cable diagnostics on your campus devices from the Campus Health Overview Dashboard. The devices available are those with a Campus tag, which is automatically assigned to devices configured with the Campus Fabric Studio (L2/L3/EVPN).

You can use the Access Interface Configuration quick action to assign configuration profiles to devices. The guided workflow will display an illustration of device front panels, which you can use to select interfaces from.

You can use the Access Interface Configuration quick action to assign configuration profiles to devices. The guided workflow will display an illustration of device front panels, which you can use to select interfaces from.

This integration uses TrustSec data from Cisco ISE to create MSS-G configuration to distribute to switches via CloudVision.

CloudVision now allows you to manage feature licenses for EOS devices in addition to CloudEOS (formerly vEOS) devices. License files, such as those for IPsec, MACsec, and TunnelSec licenses, can be uploaded to CloudVision in order to be viewed, downloaded, or installed onto EOS and CloudEOS devices.

MAC/IP Address Search (Beta Feature) NOTE: This is a beta feature and is not enabled by default. In order to enable

The Management Connectivity Studio is used to configure out-of-band (OOB) management interfaces. You’ll create a profile of configured attributes for management interfaces, which can be assigned to multiple devices at once using tags.

CloudVision supports Single Sign-On (SSO) that allows a user to log in once with a single credential from a third-party identity provider. This opt-in feature is introduced to support mapping roles from the identity provider to roles defined in CloudVision in SSO login.

CloudVision provides support for microperimeter segmentation and enforcement as part of Arista’s Multi-Domain Segmentation Service (MSS) for Zero Trust Networking (ZTN).

ZTN works to reduce lateral movement into increasingly smaller areas where workloads are granularly identified and only approved connections are permitted.

Port mirroring allows you to duplicate ethernet packets or frames on a source interface to send to a remote host, like DANZ Monitoring Fabric (DMF). The mirrored packets or frames can be sent via a SPAN interface dedicated for communication with the host or over an L2 Generic Routing Encapsulation (L2GRE) tunnel.

MSS-G or Group-Based Segmentation Security is a security feature that allows users to classify network endpoints into segments and define forwarding policies between segments. A given segment contains a set of hosts that should have identical security properties within the network. 

This feature adds additional functionality to the Settings > Access Control > Providers page behind the “Expanded Custom Provider Creation” beta toggle. Enabling the toggle will allow users to create and name multiple custom OAuth and SAML providers. 

This TOI covers the new Omnibox feature released in 2020.3.0. The Omnibox allows users to search across

Starting from CVP 2022.1.0 it is possible to generate a CSR from the Certificates UI on the Settings and Tools page with an optional SAN IP field. Once an external CA provides the certificate from the CSR, it then can be uploaded back to CVP.

The Packaging feature is used to export custom change control actions from one CloudVision cluster and install them in another. Package IDs and version numbers can be used to update existing packages with version control.

In addition to change control actions, users can now package custom dashboards, export them from one CloudVision cluster, and install them in another. Package IDs and version numbers can be used to update existing packages with version control.

Per-Studio RBAC is a new feature that provides CloudVision users with granular control over access permissions for individual studios. A relevant user can grant differing permissions to other users for both management and input configuration of individual studios. 

View PTP counters to identify the types of messages being sent and received by PTP-enabled devices. Use this to troubleshoot issues with your network PTP configuration and connectivity. When announce and sync messages are present but delay request messages are missing, for instance, it may suggest that a host is having trouble locking to the boundary clock.

A new suite of actions are available in Actions, which can perform additional operations on devices. Just like with the existing actions, they are added to a change control operation. Being able to provision devices during a change control provides you with more granular control over the actions in a change control operation.

Provisioning Settings allows you to configure a common set of settings to be used when executing provisioning actions.This gives you more control over how Change Control executes actions, such as the ability to tune provisioning timeouts. To configure provisioning settings, go to Settings > Provisioning Settings.

Provisioning Settings allows you to configure CloudVision's default behavior when pushing configuration and image changes to devices. Each setting relates to an action used in Change Control. Ordinarily you should only need to use the default settings, but you can alter them for more control over CloudVision and EOS interactions for devices in your network. 

Users will now be able to view a new slave port interface metric in Devices and Dashboards for any device with PTP enabled. The metric communicates which interface is marked as the slave port at a given time, according to the PTP algorithm.

CloudVision provides more than 20 overlay options to help you visualize the properties of network devices, interfaces, and links. Use the PTP overlay to visualize the topology of PTP enabled devices and their links. At a glance, you can see which device in a PTP domain is the grandmaster and which devices belong to a PTP domain.

Auth connection timeout configuration allows the user to configure timeout duration that must elapse before an authentication/authorization connection request to RADIUS/TACACS server is retried.

RADIUS/TACACS Server Ordering allows users to change the priority of RADIUS and TACACS servers and specify which server to try and authenticate with first. It is currently an on-prem only beta feature that can be toggled

RADIUS/TACACS Server Ordering allows users to change the priority of RADIUS and TACACS servers and specify which server to try and authenticate with first.

You can enable login to CloudVision via an Identity Provider (IDP) instead of directly through the CloudVision application. When a user logs in to the IDP and their identity is verified, that verification will be used to access CloudVision.

Session Management is a new section on the CloudVision Settings > General Settings page that allows users to

The Software Management Studio is used to manage EOS images and extensions and assign them to devices. You’ll use the studio’s Software Repository to upload EOS images, Streaming Agents, and extensions. You’ll then  assign software from the Software Repository to devices using a new or open workspace.

 The Software Management Studio is used to manage EOS images and extensions and assign them to devices. You’ll use the studio’s Software Repository to upload EOS images, Streaming Agents, and extensions. You’ll then create or edit a workspace in Studios to assign software from the Software Repository to devices.

The Static Configuration Studio is used to manage static configuration for devices, provide configuration not created by any other studio, and reconcile differences between CloudVision’s designed configuration and device running configuration. Devices are assigned to containers using tags that can identify one or more devices by hostname, role, or location in the network. Each container has configlets of EOS configuration, which are pushed to the EOS devices.

The Streaming Telemetry Agent studio now allows you to enable streaming to multiple clusters. In addition, you can now configure a number of flags, including OpenConfig streaming, which previously had to be configured via EOS CLI.