Skip to main content

Aviz ONES for BRCM Enterprise SONiC 4.5.1 details security, scale, and campus features

Aviz ONES for BRCM Enterprise SONiC 4.5.1 adds security and compliance features, scaling for large routing environments, and campus/operations capabilities. For enterprise network and security leaders, the update targets federated compliance support, authentication controls, and expanded observability in SONiC deployments.

Research Overview

The vendor brief describes Aviz ONES for BRCM Enterprise SONiC 4.5.1 as an enterprise-class SONiC distribution. The release is positioned for use across data centers, campuses, and broader network environments, with emphasis on federal compliance, routing and switching enhancements, telemetry, and operational management.

The brief frames the update as relevant to organizations upgrading SONiC-based infrastructure, including deployments that require large-scale routing and campus-specific access features. It also references support for telemetry, QoS, SNMP traps, Precision Time Protocol, and other operational tools.

Key Findings

On the security and compliance side, the release includes federal certification compatibility, FIPS REST services, improved authentication, and password hashing changes. The brief lists additional controls such as ACL logging, IPsec authentication of OSPFv3, TACACS Accounting, and Blast RADIUS attack prevention.

For scale and high-performance networking, the brief cites support for up to 1K BGP neighbors and 1 million routes. It also names enhanced ECMP, MC-LAG, VXLAN, and routing support, along with features tied to IP Fabric, EVPN with MLAG, adaptive routing, and VRF route leaking.

Technical Breakdown

The security-related additions described include ACL logging, IPsec authentication of OSPFv3, TACACS Accounting, and Blast RADIUS attack prevention. The brief also states that upgrading to Debian 11/12 provides additional choices of password hashing algorithms.

For campus and access networking, the brief highlights 802.1X, MAC Authentication Bypass, Downloadable ACLs, guest VLAN, unauth VLAN, LLDP-MED, PoE, and MSTP. It also lists integration compatibility with Aruba ClearPass, Cisco ISE, and FreeRADIUS.

Operational Impact

The release’s operations and observability features include SNMP traps for PSU and fan failures, KLISH for reboot causes, Precision Time Protocol via LinuxPTP, drop monitor, sFlow, IFA 2.0, and tail stamping capabilities. The brief also connects these tools to operational management enhancements for campus readiness.

On routing and fabric capabilities, the brief references IPv6 underlay with IP Fabric, Layer 3 VXLAN, and EVPN with MLAG. It further names support for IPv6 Segment Routing in TH5 and Layer 2/Layer 3 MC-LAG on Z9664, including routing behaviors such as VRF route leaking.

Aviz ONES for BRCM Enterprise SONiC 4.5.1 bundles changes aimed at federal compliance options, authentication and hashing controls, large-scale routing, and campus operations features such as 802.1X, SNMP traps, and PTP. Blog Signals brief is a fact-based summary of the vendor blog.