Yet clearly, there are times when these switches need to be managed as one entity for customers to build and operate flexible designs and topology. In the 1990s, this was done with proprietary cabling hardware and closed stackable ring or chain topologies. This is a closed and cumbersome approach as the management scope is restricted to small numbers (less than 10) of switches and relies on proprietary mechanisms.

Bringing SWAG to Switching

Arista customers recognized the limitations of this legacy stacking approach and encouraged us to help them break free from these shackles. So, we are embarking on yet another breakthrough innovation for modern enterprises. The pioneering efforts began in the early 2010s with MLAG, whereby one could aggregate multiple active-active links and enable alternate and redundant paths to switches in the data center.

Building upon that MLAG experience, Arista SWAG™ (Switch Aggregation Group) brings modern stacking to campus switches. Arista SWAG allows a set of switches to be grouped and share a centralized control plane, thus providing the ability to operate the group of switches through a single IP address and a single CLI interface for automation.  SWAG is based on Arista EOS^Ⓡ and supports multiple topologies, including Arista’s universal Leaf-Spine design and the more traditional ring or chain. Importantly, it can scale up to 48 campus stacking elements.

Imagine providing all the benefits of legacy stacking without the limitations! Some of these benefits include:

• Can scale to up to 48 switches in a single group, allowing for increased IP address conservation
• Can extend the scope of the cluster beyond just ‘IDF closet’ to a larger domain in the network
• Supports the highly resilient and the high capacity Arista validated Leaf-Spine topology in addition to Ring and Chain topologies
• Minimal downtime due to key capabilities such as smart software upgrades (SSU) that are inherited since SWAG is built on the same proven EOS software

Our customers now have the flexibility to perform network operations on a logical stack of switches in a standards-based, open, modern leaf spine architecture, as shown in the figure below.

Arista’s SWAG for Modern Campus Stack

The Road Ahead – Avoid the Stackable Tax

Arista CloudVision LSS™(Leaf Spine Stack) management brings swagger to switches! CV LSS reduces complexity in configuration and maintenance by allowing multiple switches to operate under single-entity management. By linking switches together into a “virtual stack,” administrators get the best of both worlds. Customers can logically organize groups of switches based on real-world constructs, such as buildings or floors within CloudVision LSS Management, and then perform network operations such as onboarding, provisioning, monitoring, upgrading, and configuring seamlessly across the entire group. Enterprises also benefit from flexible network designs, whether the grouped switches are in standalone mode, a chassis, MLAG, or SWAG-based stack mode.

Arista’s modern software is inherently designed with key availability and segmentation techniques that separate management and control planes, thus avoiding the pitfalls of proprietary stacking. This simplified stacking approach improves operations, minimizes downtime, and reduces TCO—an advancement that has been a long time coming.

The networking industry has been operating in cumbersome silos and closed proprietary networks for too long. It is the right time to transform into a new, modern operating model. Welcome to the new world of SWAG!

source of information: Arista Networks site – Blog

 Praful Bhaidasna : Mar 12, 2025 6:00:00 AM 

The post Bringing SWAG to Enterprise Campus Networking appeared first on GCC HELLAS - ICT DISTRIBUTION.

While computational power is an essential factor in AI development, optimized networking has emerged as a key enabler for maximizing AI efficiency and economic feasibility of large-scale AI initiatives.

The Hidden Costs of Suboptimal Networking

Many organizations diving into generative AI deployments focus primarily on computational power, often overlooking the crucial role of networking. This oversight can lead to:

• Extended Training Times: Network bottlenecks can significantly prolong model training, delaying project timelines and increasing resource allocation.
• Increased Energy Consumption: Inefficient data movement causes hardware to remain active longer, resulting in higher power usage and electricity costs.
• Underutilized Hardware: When network capacity can’t keep pace with computational power, expensive GPUs and TPUs sit idle, wasting investment.

Optimized Networking is Transforming AI Economics

Enterprises deploying AI are recognizing that networking is as critical as computational power. Investing in AI-optimized networking solutions offers substantial economic advantages:

• Reduced Time-to-Market: Faster data transfer and low latency reduce model training and inference times, allowing companies to capitalize on AI innovations more quickly.
• Lower Operational Costs: Optimized networking reduces energy consumption and cooling requirements, leading to significant savings in data center operations.
• Improved Resource Utilization: Load-balancing and congestion avoidance ensure that computational resources are used efficiently, maximizing return on hardware investments.
• Enhanced Scalability: As AI models grow, networking solutions that can scale seamlessly prevent the need for costly overhauls and minimize downtime.

By prioritizing networking optimization, businesses can shift from bottlenecks to breakthroughs, accelerating AI deployment while enhancing efficiency and reducing costs.

Is it really possible to optimally connect thousands, or even hundreds of thousands, of XPUs without adding unnecessary complexity, cost, or latency?

The UEC-ready, Arista Etherlink^TM AI platforms, revolutionize AI networking with a single-tier topology for over 10,000 XPUs and a two-tier architecture scaling beyond 100,000 XPUs. These platforms dramatically optimize performance, reduce costs, and improve reliability. Unlike traditional networking and conventional load balancing technologies that fail with AI workloads, Arista’s AI-based Cluster Load Balancing (CLB) maximizes bandwidth, eliminates bottlenecks, and minimizes tail latency, ensuring smooth, congestion-free AI job execution. And finally, CV UNO™—an AI-driven, 360° network observability feature set within CloudVision^Ⓡ—integrates AI job visibility with network and system data, providing real-time insights to optimize AI job performance, pinpoint bottlenecks and hardware issues with unmatched precision for rapid resolution.

The Future AI Economic Landscape

As generative AI evolves, the economic importance of optimized networking—an essential driver of AI innovation—will become increasingly significant. Organizations that invest in advanced networking solutions today position themselves for a competitive advantage by accelerating the deployment of AI innovations, which can secure market leadership and unlock new revenue streams. Additionally, as AI models expand, robust networking infrastructure will be crucial for cost-effective scaling, enabling companies to manage costs while growing their capabilities. Efficient networking for AI supports sustainability goals by reducing carbon footprints, aligning with corporate sustainability initiatives, and potentially helping businesses avoid future carbon taxes.

source of information: Arista Networks site – Blog

 Praful Bhaidasna : Mar 12, 2025 6:00:00 AM 

The post Faster, Smarter, Cheaper: The Networking Revolution Powering Generative AI appeared first on GCC HELLAS - ICT DISTRIBUTION.

The Role of Artificial Intelligence and Machine Learning

Whether we realize it or not, artificial intelligence (AI) and machine learning (ML) play a part in every second of our lives. From the moment we wake, smart devices decide what time to turn on our heaters and our lights, social media uses complex algorithms to select what news to promote to us, and Google Maps navigates us through our day. Even while we sleep, AI monitors our sleeping patterns—with the proliferation of smart devices like Google Home and Apple Watches—identifying when we have had a good night’s sleep and even monitoring our health.

ML and AI in our daily lives have slowly changed how we interact with technology. We use this technology for good by helping the elderly with virtual chatbots, preventing poaching, and providing real-time translation for migrants.

The cybersecurity world has been at the forefront of this technology in the last decade, using artificial intelligence and machine learning in various applications such as tackling huge volumes of malware, detecting spam and business email compromises, analyzing network traffic, using facial recognition, and more. It’s hard to get away from a vendor’s presentation without hearing about their ML and AI nowadays. This blog will demystify and hopefully bring some new angles to our readers in the decision-making around “ML-enabled” security solutions.

What Are Machine Learning and Artificial Intelligence?

Let’s start with simple definitions of machine learning and artificial intelligence. Machine learning involves enabling computers to learn how to do something. This requires input such as training data and knowledge, while AI is the goal of applying the knowledge learned. AI attempts to solve data-based business or technical problems, assisting users in the decision-making process or making judgment itself (if we programmed it in such a way). When it needs to, it can be used to rapidly analyze large sets of data that no human brain could possibly process and can come up with AI-assisted decisions and conclusions on an issue.

Is artificial intelligence perfect? Not always. Any computer program is only as good as its writer, and any ML or AI is only as good as the information it has been fed. There are well-known examples of programmatic biases in some AI algorithms and examples where chatbots have gone rogue after being trained with the wrong data. So, while there is still work to be done, these algorithms can deliver significant benefits over even more fallible humans.

AI-Driven Malware – Myth or Reality?

Despite a large amount of hype and clickbait, there is little evidence to support the belief that criminal cyber gangs are already using AI to help generate new strains of malware, however there is evidence that artificial intelligence and machine learning are being used in other areas to circumvent protective security measures:

• Generating deep fake videos and images to phish users and bypass security measures. This is particularly prevalent on social media sites to create fake identities.
• Solving CAPTCHAs to bypass authentication protections.
• To gather open source intelligence on organizations in order to target attackers.

AI and ML for Cybersecurity: Always Consider Your Use Case

When considering investment priorities among security solutions, evaluate the use cases you’re trying to achieve. Understand how threats are evolving and what tactics and techniques black-hats use. Then ask why you couldn’t stop these attacks with the investment you have so far. It’s pretty easy to get caught up with the AI/ML hype. But customers are starting to move cleverly to consider practical use cases, whether this is detection, forensics, hunting, or mitigation.

How Does Fortinet Use AI and ML-Driven Cybersecurity?

The big change in the malware industry that triggered the need for AI was heuristics and adaptive malware. We went almost overnight from a volume of malware that could be handled manually to a situation with exponential growth in the number of samples. We had to adapt and take advantage of artificial intelligence and machine learning to support our malware analysts.

Fortinet has been in the AI business for more than a decade. At a high level, Fortinet uses artificial intelligence and machine learning in multiple areas:

Scale

One of the first use cases 10 years ago was the advent of the virtual FortiGuard threat analyst. The huge growth in samples meant that analysts could no longer handle the volumes of samples they were receiving, so we created an artificial neural network (ANN) for sub-second sample classification. Over six generations of this solution, this grew into FortiAI, which analyzes millions of samples per day with near-perfect accuracy—a task that would normally require thousands of human analysts.

Enhance

An ML use case is a great way to enhance traditional security solutions. Some examples are:

• Adding ML analysis of malicious vectors in FortiSandbox
• ML-enabled AV engine in FortiOS
• Widely adopt ML in other solutions such as FortiWeb, FortiGuard Security Services, and many more. This enables better and more accurate detections of malicious activities or anomalies for our customers. In this area, innovation is key.

Predict

ML/AI is particularly good at drawing relationships and making predictions. An example is comparing two infections’ “DNA” and tracing the source of a problem. This is a more advanced application of AI, as prediction has a time element—meaning you can tell ahead of time what will happen. Based on the historical data points, trending, etc., it is possible to predict what might happen to your network.

Reduce time to detect

Fortinet pushes the physical limit to “sub-second” detection of malicious code, enabling SecOps solutions to integrate with our flagship FortiGate NGFW for inline blocking, stopping patient zero. While reducing the time to detect from minutes to sub-second might not sound significant, it’s crucial when a major, widespread outbreak occurs. Customers should have the ability to react quickly to threat actors.

Diagram: Fortinet Security Fabric – AI and ML

What Makes One ML-Driven Cybersecurity Solution Better Than the Others?

Fortinet embarked on the artificial intelligence and machine learning journey over a decade ago. The Fortinet Security Fabric includes ML and AI applied to the areas that will benefit users the most—whether this is on-premises investigating web traffic, gathering useful NOC data, using face recognition to detect malicious objects, or in the cloud (FortiGuard) for tracking malicious web campaigns, zero-day detection with inference training, and more. Not only are our NGFWs ML-enabled, but we provide a complete ML-enabled Security Fabric. Customers can rely on Fortinet for our experience, innovation, and competitive edge, delivered in our broad, integrated, and automated Security Fabric. In the next decade, watch our space! Fortinet will continue to bring more innovative ML-enabled solutions to our valued customers.

source of information Fortinet’s website (Blog)

Machine Learning Across the Digital Attack Surface

The post AI and Machine Learning in the Cybersecurity Battle appeared first on GCC HELLAS - ICT DISTRIBUTION.

By Carl Windsor | February 23, 2022

The post Data Breach 2025: Meta, Coinbase, AT&T, Google, Apple, M&S, and More appeared first on GCC HELLAS - ICT DISTRIBUTION.

By Carl Windsor | February 23, 2022

The post The Art of War (and Patch Management) appeared first on GCC HELLAS - ICT DISTRIBUTION.

As a driving force in the evolution of cybersecurity, Fortinet has long been at the forefront of the industry in embracing and advocating for cybersecurity best practices. We are committed to being a role model for ethical product development and vulnerability disclosure, which includes embracing responsible transparency, holding ourselves to robust disclosure practices, and adhering to international and industry-recognized standards. Fortinet continues to collaborate with the industry to develop and implement stronger practices and standards for the benefit of all our customers, including through ongoing threat research, delivering automatic upgrade features, cybersecurity training and education, and responsible and proactive communications about best practices and cyber hygiene.

Recent incidents continue to bring this into focus with active exploitations of known vulnerabilities as investigations by Fortinet have discovered a post exploitation technique used by a threat actor.

During this investigation, a threat actor was observed using known vulnerabilities (e.g. FG-IR-22-398, FG-IR-23-097, FG-IR-24-015) to gain access to Fortinet devices. The targeting of known, unpatched vulnerabilities by a threat actor is not new and has been previously examined; this specific finding is the result of a threat actor taking advantage of a known vulnerability with a new technique to maintain read-only access to vulnerable FortiGate devices after the original access vector was locked down. Immediately upon discovery, we activated our PSIRT response efforts, developed necessary mitigations and have communicated with affected customers. We continue to work directly with those customers to ensure they have taken steps to remediate the issue.

Fortinet diligently balances our commitment to the security of our customers and our culture of responsible transparency and commits to sharing information with that goal in mind. The following describes the situation.

Description

A threat actor used a known vulnerability to implement read-only access to vulnerable FortiGate devices. This was achieved via creating a symbolic link connecting the user filesystem and the root filesystem in a folder used to serve language files for the SSL-VPN. This modification took place in the user filesystem and avoided detection. Therefore, even if the customer device was updated with FortiOS versions that addressed the original vulnerabilities, this symbolic link may have been left behind, allowing the threat actor to maintain read-only access to files on the device’s file system, which may include configurations.

Notably, if the customer has never had SSL-VPN enabled, then the customer is not impacted by this issue.

As part of our investigation, Fortinet performed scans to identify impacted devices using internal telemetry and in collaboration with third party organizations. The data indicates that this threat actor activity was not targeted to a specific region or industry.

Mitigation

Upon discovering the new technique used by the threat actor described above, Fortinet took steps to mitigate this issue and balance varying levels of cyber hygiene and challenges that the customer may face. Fortinet mitigation efforts included:

• An AV/IPS signature was created to detect and clean this symbolic link from impacted devices.
• Changes were made to the latest releases to detect and remove the symbolic link and ensure the SSL-VPN only serves the expected files.
• Proactive communications urging customers to update their devices, carefully balancing our communications to protect against further inadvertent compromise while delivering on our commitment to responsible transparency.

Specific to the findings detailed in this blog, we have released multiple FortiOS mitigations, including:

• FortiOS 7.4, 7.2, 7.0, 6.4: The symbolic link was flagged as malicious by the AV/IPS engine so that it would be automatically removed if the engine was licensed and enabled.
• FortiOS 7.6.2, 7.4.7, 7.2.11 & 7.0.17, 6.4.16: Upgrading to this release will remove the malicious symbolic link.
• FortiOS 7.6.2, 7.4.7, 7.2.11 & 7.0.17, 6.4.16: The SSL-VPN UI has been modified to prevent the serving of such malicious symbolic links.

We have communicated directly with customers identified as impacted by this issue based on the available telemetry and are recommending that they take the following steps:

• Upgrade all devices to 7.6.2, 7.4.7, 7.2.11 & 7.0.17 or 6.4.16.
• Review the configuration of all devices.
• Treat all configuration as potentially compromised and follow the recommended steps below to recover:
  • https://community.fortinet.com/t5/FortiGate/Technical-Tip-Recommended-steps-to-execute-in-case-of-a/ta-p/230694

Do I need to upgrade?

It is critically important for all organizations to keep their devices up to date. A variety of government organizations have reported state sponsored threat actors are targeting all vendors, including known but unpatched vulnerabilities. In general, the best defense against any known vulnerability is following good cyber hygiene practices, including upgrading.

The 2H 2023 Global Threat Landscape Report from FortiGuard Labs research found that threat actors are taking advantage of a known vulnerability on average 4.76 days after a new vulnerability was publicly disclosed. In this climate, both vendors and customers have a role to play. Vendors must introduce robust security scrutiny at all stages of the product development life cycle and dedicate themselves to responsible transparency in their vulnerability disclosures. With more than 40,000 vulnerabilities recorded in 2024 based on data provided by NIST, it is also critical that customers maintain a strict patching regimen to reduce the risk of exploitation.

With regard to this incident, we have communicated directly with identified impacted customers who need to take action based on available telemetry. However, we recommend all customers to upgrade to one of these recommended versions regardless.

Fortinet has also incorporated many changes to further enhance security features that address key customer challenges and are available for customers to take advantage of once upgraded to the latest release, including but not limited to:

• Additional compile-time hardening to raise the barrier for attack on products.
• Virtual patching to allow mitigation of issues prior to patching.
• Implementation of firmware integrity validation in hardware (BIOS).
• Introduction of Integrity Measurement Architecture (IMA)  / Filesystem Integrity.
• Auto-updates to seamlessly patch devices against vulnerabilities without administrator intervention.

Fortinet continues to encourage customers to leverage FortiOS best practice resources, including guidance for system hardening, as well as features that help customers automate the upgrade process, such as Uninterrupted Cluster Upgrade, Sub-second failover, Fail-over protection, Auto-restore configs / Configuration revisions, and Automatic / Scheduled patch upgrades.

The post Analysis of Threat Actor Activity appeared first on GCC HELLAS - ICT DISTRIBUTION.