Apstra Overview
SUMMARY Apstra manages network security and workload isolation via the Policy Assurance feature. This feature allows you to create policies that are decoupled from enforcement mechanisms and enables the specification of the intent in an implementation-independent way.
Background
Using Juniper Apstra and our Intent-Based Networking approach, you can efficiently enhance and scale your security posture. By avoiding some of the most common causes of security mishaps — including lack of visibility, consistency, accountability, and inability to resolve problems quickly — Apstra brings structure to the operational process by using one central source of reliable information. This helps maintain consistency in policies and workflows and allows for real-time testing and visibility. It also helps quickly identify and address any issues or security concerns that may arise.
The closed-loop validation capability in Apstra continuously provides assurance checks about the drift between the intended "Golden Configuration" and the operational state. Compliance enforcement is done under real-time evaluation, and any violations are flagged to the user—no need for lengthy and tedious device-by-device, line-by-line auditing efforts. An audit trail feature allows you to track the origin and content of any change going through Apstra to the entire network. You can correlate any specific line of a device configuration change directly from the GUI to the actual operator intent and identity.
Apstra manages network security and workload isolation via the Policy Assurance feature. This feature allows you to create policies that are decoupled from enforcement mechanisms and will enable the specification of the intent in an implementation-independent way. As a note, you can see demos of this feature in action at https://www.juniper.net/us/en/dm/apstra-demos.html .