December 2022
Intermediate to advanced
625 pages
12h 51m
English
Cisco ACI includes a significant number of tools to implement and enhance security and segmentation from day 0. I have already discussed tenant objects like EPGs, uEPGs, ESGs, and contracts permitting traffic between them. Even though the ACI fabric is able to deploy zoning rules with filters and act as a distributed firewall itself, the result is more comparable with a stateless set of access lists ACLs. They are perfectly capable of providing coarse security for traffic flowing through the fabric, but ...