Take a holistic, system based approach to data center security with Cisco Application Centric Infrastructure security solutions. These solutions provide a common policy based operational model across Cisco Application Centric Infrastructure ready networks. As a result, you can reduce cost and complexity without compromising data center functionality. Cisco Application Centric Infrastructure security solutions can be managed as a pool of resources, allowing administrators to intelligently stitch them to applications and transactions using the Cisco Application Policy Infrastructure Controller (APIC). Cisco ACI security solutions scale on demand, has programmable automation, and provides transparent policy based security for both physical and virtual environments. ACI security solutions allow organizations to take full advantage of the power, flexibility, and performance of their new Cisco ACI data center environments without compromising functionality or security.
The Cisco Adaptive Security Virtual Appliance (ASAv). This appliance brings the power of Cisco ASA to the virtual domain and private cloud environments. It runs the same software as the physical appliance to deliver proven security functionality. You can use it to protect virtual workloads within your network. Later, you can expand, contract, or shift the location of these workloads over time and span physical, virtual, and public cloud infrastructures. In the past, computing infrastructure elements were implemented with specialized hardware built for that purpose. With the advent of x86 server virtualization and the need for more power. Businesses are deploying their computing, storage, and network infrastructure with virtualization for the benefits they gain. These include deployment flexibility, increased server utilization, and ease of management. The Cisco Adaptive Security Virtual Appliance runs as a VM inside a hypervisor in a virtual host.
Cisco Application Centric Infrastructure Security
The appliance has been fully and transparently integrated into the fabric of the next-generation Cisco ACI data center architecture. For those deployments, the Cisco Application Policy Infrastructure Controller provides a single point of control for both network and security management. It can provision the appliance’s security as a service, manage policy, and monitor the entire network and security environment for a unified view. This approach removes the limitations of traditional network oriented security solutions, allowing for significantly streamlined provisioning. In the Cisco Application Centric Infrastructure topology independent environment, Cisco ASAv services are managed as a pool of security resources. These resources can be selected and attached to specific applications or transactions to provide dynamic, scalable, policy based security. It supports both traditional and next-gen software SDN and Cisco ACI environments to provide policy enforcement and threat inspection across multi site environments.
Cisco Application Policy Infrastructure Controller
The Cisco Application Policy Infrastructure Controller (Cisco APIC) is the unifying point of automation and management for the ACI fabric. The Cisco APIC provides centralized access to all fabric information, optimizes the application life cycle for scale and performance, and supports flexible application provisioning across physical and virtual resources. Centralized application-level policy engine for physical, virtual, and cloud infrastructures. Detailed visibility, telemetry, and health scores by application and by tenant. Designed around open standards and open APIs. Robust implementation of multi-tenant security, quality of service (QoS), and high availability. Integration with management systems such as VMware, Microsoft, and OpenStack is available. Designed for automation, programmability, and centralized management, the Cisco APIC itself exposes northbound APIs through XML and JSON. It provides both a command-line interface (CLI) and GUI which utilize the APIs to manage the fabric holistically.
Cisco Adaptive Security Virtual Appliance
Purpose built for data center security. The Cisco Adaptive Security Virtual Appliance brings full Cisco ASA firewall and VPN capabilities to virtualized environments. This helps safeguard traffic and multi tenant architectures. Optimized for data center deployments, it’s designed to work in multiple hypervisor environments, reduce administrative overhead, and increase operational efficiency. The Cisco Adaptive Security Virtual Appliance runs as a VM inside a hypervisor in a virtual host. Virtual switch independent, it may be deployed in Cisco, hybrid, and non Cisco based data centers. VMware, KVM, Microsoft Hyper-V, Amazon Web Services, and other cloud platforms offer flexibility and choice. Predetermined configurations accelerate and simplify security service provisioning to match the speed of application deployment. These configurations provide the appliance with critical security functions that dynamically scale to protect assets as business demands change.
Cisco Application Centric Infrastructure SDN