Learning the Cisco Application-Centric Infrastructure (ACI)

Video description

Automation, objects, and policies are replacing traditional networks as we know them. North-to-South or East-to-West traffic flows—do you know the difference between the two? Don't worry if you don't: this course will remedy that! Traditional campus networks are static, and won't change much because they can't scale up. Data centers are not meant to be static.

Today's Data Center architecture requirements are: scalability, geo-redundancy, security, multi-tenancy, and speed! Data center traffic flow should be highly available and predictable. As the demand for talented ACI engineers and architects is rapidly increasing, knowing the foundational aspects of SDN-based architectures and being able to implement and support them are crucial for your career development.

This fast-paced course uses a whiteboard-based approach with hand written explanations. We start with an introduction to fabric data center designs, Spine and Leaf architectures, and ACI. We then start to implement them and deploy a fabric from the ground up. Then we build a multi-tenant environment.

After completing this video training course, you will have gained a solid understanding of how to administer an Application Centric Infrastructure.

What You Will Learn

  • Master end-to-end ACI fabric deployment
  • Perform initial APIC turn-up and configurations, Commission Leaves, and Spines
  • All aspects of ACI policy objects, interfaces, switch profiles, groups, and policies
  • Get to grips with ACI tenants, application profiles, Endpoint Groups (EPGs), contracts, and policies
  • Learn how objects and policies relate to each other—multi-tenancy in ACI
  • How to extend the ACI fabric beyond the datacenter
  • Configure external L2OUTs and L3OUTs
  • VMM integration with vCenter and UCS L4-L7 service insertion (firewalls, load balancers managed by ACI)
  • How to migrate your traditional campus network into ACI in simple yet effective steps and acquire the right skill set to perform the job right the first time


This course will appeal to senior network engineers, cloud networking engineers, data center network engineers, network and/or security solutions architects, data center solutions architects, and network automation engineers.

While this training curriculum has been developed using a detailed approach the following knowledge skills are not required (but are strongly recommended):

  • CCNP or equivalent routing and switching experience
  • Experience working and implementing firewall ACLs, Layer 4 through Layer 7 inspection, and policies
  • NX-OS datacenter switching and routing experience (BGP, vPC domains )
  • General knowledge of VMware VSphere ESXi 50+ and vCenter

A familiarity with data center and campus-networks designs is assumed.

About The Author

Rene Cardona: Rene Cardona is a Network Solutions Architect with over 8 years of experience in core data centers and security infrastructure designs, architecture, consulting, and implementations. He has performed many security and data center architecture refreshes for major U.S. corporations in the logistics, retail, healthcare, and education fields.

He has provided expert insights during migrations from firewall platform vendors such as Palo Alto, Cisco, Fortinet, and Checkpoint. His vast proficiency experience ranges from Hyper-Converged Datacenter Environments, VXLAN, SDN, SD-WAN and Multi-Datacenter High Availability (MDHA) to Network Security (firewalls, Network Admission Control, and Network Security Architectures). He is currently in charge of securing one of the biggest shipping container terminals in the United States.

Table of contents

  1. Chapter 1 : Introduction to Application Centric Infrastructure (ACI)
    1. Course Overview
    2. Spine and Leaf Architecture
    3. ACI Fabric Components
    4. Policy Driven Architectures
  2. Chapter 2 : Let's Bring the ACI Fabric to Life
    1. Connecting an ACI Fabric Together
    2. Building the Fabric from the ACI APIC
    3. Fabric Inventory Hardware Membership
    4. ACI APIC Web User Interface
  3. Chapter 3 : Enabling Connectivity in ACI
    1. Interface Policy Groups, Profiles, and Policies
    2. Switch Policies and Profiles
    3. Fabric Domains and VLAN Pools
    4. Configure Fabric Domains and VLAN Pools
    5. Attachable Entity Profiles
    6. Virtual Machine Manager Integration in ACI
  4. Chapter 4 : Multi-Tenancy: ACI's Ultimate Weapon
    1. Fabric Tenants
    2. Application Profiles and Endpoint Groups
    3. Subjects, Filters, and Contracts
    4. ACI Domains to Tenant Relationship
  5. Chapter 5 : Secured Internal Connectivity In ACI
    1. ACI Tenant Networking
    2. VRF and Bridge Domains
    3. Inter and Intra Tenant Communications and Contract Interfaces
  6. Chapter 6 : Secured External Connectivity with L3OUTs
    1. External L3OUT with BGP
    2. External L3OUT with OSPF
    3. Tenants to L3OUT: Part One
    4. Tenants to L3OUT: Part Two
    5. ACI As an External Transit Network
  7. Chapter 7 : Layer 2 Through Layer 7 Service Insertion
    1. External L2OUT
    2. Vlan Stitching
    3. DHCP Services In ACI
    4. L4-L7 Service Graph and Templates
    5. Adding Routed Firewalls in ACI
  8. Chapter 8 : Automation and Orchestration with ACI
    1. Rest API with ACI Toolkit
    2. Automation with Python and the ACI Toolkit
    3. Bulk ACI Tenant Automation using Python Loops
    4. Working with ACI Command-Line Interface
  9. Chapter 9 : ACI Management and Troubleshooting
    1. Understanding Faults and Health Scores
    2. Working with Visibility and Troubleshooting
    3. Maintenance Policies and Administration Rights
    4. Fabric Backups and Restores
    5. Out-Of-Band and In-Band Management Access

Product information

  • Title: Learning the Cisco Application-Centric Infrastructure (ACI)
  • Author(s): Rene Cardona
  • Release date: May 2020
  • Publisher(s): Packt Publishing
  • ISBN: 9781800205475