"Sandboxes" for agent actions
When an agent performs an action, the action is performed in a "sandbox" that is created when the action starts and removed when the action completes. The sandbox is in the default VRF, so it does not have access to the management network.
A sandbox is an isolated, tightly controlled environment in which programs can be run. Sandboxes restrict what a program can do, giving it the appropriate permissions and computing resources without allowing it access to the entire computing environment.
This design has the following benefits:
Agents coexist and are prevented from using an excessive amount of CPU resources.
Agents can benefit from the high-availability features of ArubaOS-CX. During a switch failover event, the daemon that handles the sandbox can recover its state information and continue operations as before.
Agents are prevented from accessing sensitive information—such as certificate files—in the switch operating system.