LLMpediaThe first transparent, open encyclopedia generated by LLMs

EVE-NG

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Cisco Certified Network Associate Hop 5
Expansion Funnel Raw 104 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted104
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
EVE-NG
NameEVE-NG
DeveloperEVE-NG Labs
Released2012
Latest release2024
Programming languagePython, PHP, Bash
Operating systemLinux
LicenseProprietary / Community

EVE-NG is a commercial network emulation platform used for designing, testing, and validating complex network topologies in virtualized environments. It provides a unified laboratory for networking professionals from organizations such as Cisco Systems, Juniper Networks, Arista Networks, Palo Alto Networks, and Fortinet to model multi-vendor scenarios side-by-side. Widely adopted by training programs at institutions like Cisco Networking Academy, SANS Institute, ISACA, and GIAC Certification candidates, it supports research efforts at universities such as Massachusetts Institute of Technology, Stanford University, and ETH Zurich.

Overview

EVE-NG functions as a multi-vendor, multi-hypervisor emulator that aggregates virtualized images from vendors including Cisco Systems, Juniper Networks, Arista Networks, Huawei Technologies, and F5 Networks into a single canvas. Network engineers and architects from enterprises like Amazon Web Services, Microsoft Azure, Google Cloud Platform, Facebook, and Oracle Corporation employ it for proof-of-concept testing prior to deployments on platforms such as VMware ESXi, KVM, and Proxmox VE. Security teams at organizations like CrowdStrike, Symantec Corporation, and McAfee leverage the lab for intrusion simulation and incident response playbooks. Certifications including CCIE, JNCIA, PCNSE, and Fortinet NSE often list similar lab environments for candidate preparation.

Features and Architecture

The platform exposes a web-based topology designer that integrates node types from vendors such as Cisco Systems, Juniper Networks, Palo Alto Networks, Arista Networks, and F5 Networks. Its architecture layers include a control plane for session management, a virtualization layer compatible with KVM, QEMU, and Docker, and a storage layer interoperable with NFS, iSCSI, and Ceph. For orchestration and automation, it supports APIs usable by tools like Ansible, Terraform, Puppet, and SaltStack, and integrates with CI/CD pipelines built on Jenkins, GitLab CI, and GitHub Actions. Monitoring integrations include Prometheus, Grafana, and Zabbix for telemetry collection and visualization. High-availability deployments can employ clustering techniques familiar from Corosync, Pacemaker, and Keepalived.

Installation and Deployment

Typical deployment options follow patterns used by virtualization platforms like VMware ESXi, Proxmox VE, and KVM on distributions such as Ubuntu, Debian, and CentOS. Production operators adapt best practices from Red Hat Enterprise Linux and SUSE Linux Enterprise Server for hardening and follow guidance from security standards like ISO/IEC 27001 and NIST SP 800-53 for access control. Cloud-hosted deployments are provisioned on infrastructures from Amazon Web Services, Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure using instance types and networking setups similar to AWS EC2, Azure VM, and GCP Compute Engine. Backup and snapshot strategies mirror approaches from Veeam, Commvault, and NetApp.

Supported Images and Integrations

The environment supports vendor virtual machine images from Cisco Systems (IOSv, IOS XRv, NX-OSv), Juniper Networks (vSRX, vMX), Arista Networks (vEOS), Palo Alto Networks (PAN-OS VM-Series), Fortinet (FortiGate VM), F5 Networks (BIG-IP), Riverbed Technology (SteelHead), Check Point Software Technologies (Gaia R80), and MikroTik RouterOS. It also hosts virtual appliances for service providers including Broadcom, Cumulus Networks, and VyOS. Integrations extend to orchestration and automation platforms like Ansible, Terraform, SaltStack, and Puppet, and testing systems such as Iperf, Ostinato, Scapy, and Tcpreplay. For observability, users combine it with NetFlow, sFlow, Elasticsearch, Logstash, and Kibana stacks.

Use Cases and Workflow

Common use cases include protocol validation for Border Gateway Protocol, Open Shortest Path First, Multiprotocol Label Switching, and Segment Routing implementations; security exercise simulations reflecting tactics from MITRE ATT&CK; hybrid cloud connectivity proofs combining AWS Direct Connect and Azure ExpressRoute models; and service provider overlay tests emulating MPLS-based architectures. Workflows frequently borrow automation patterns from GitOps, using repositories on GitHub, GitLab, or Bitbucket to version topology definitions and playbooks executed by Jenkins or GitLab CI. Training labs mirror curricula from Cisco Learning Network, Juniper Networks Certification Program, and Fortinet Training Institute where scenario scripts incorporate traffic generators like Iperf and Ostinato and monitoring via Prometheus and Grafana.

Licensing and Editions

The ecosystem offers editions comparable to commercial and community models seen at companies such as Red Hat, Canonical, and SUSE, with a Community (free) edition for individual use and a Professional/Enterprise edition with paid support, feature gating, and licensing reminiscent of enterprise offerings from VMware and Citrix Systems. Enterprise customers negotiate subscription terms and support contracts analogous to those from Oracle Corporation and IBM and often integrate with identity providers like Okta, Microsoft Entra ID, and LDAP directories for SSO and RBAC. Compliance and auditability features align with reporting expectations from ISO, SOC 2, and GDPR frameworks.

Category:Network emulation software