Cisco Application Centric Infrastructure Security

Cisco Application Centric Infrastructure Security SDN
Cisco Application Centric Infrastructure Security
Home SDNCisco Software-Defined Networking — Cisco Application Centric Infrastructure Security

Take a holistic, system-based approach to data center security with Cisco Application Centric Infrastructure Security (ACI) Solutions. These solutions provide a common policy-based operational model across ACI ready networks. As a result, you can reduce cost and complexity without compromising data center functionality. Cisco ACI Security Solutions can be managed as a pool of resources, allowing administrators to intelligently stitch them to applications and transactions using the Cisco Application Policy Infrastructure Controller (APIC). With Cisco ACI Security Solutions they scale on demand, has programmable automation, and provides transparent policy-based security for both physical and virtual environments. Cisco Application Centric Infrastructure Security Solutions allow organizations to take full advantage of the power, flexibility, and performance of their new ACI data center environments without compromising functionality or security. For organizations implementing ACI fabric architecture, the updated ASA 5585-X and ASAv solutions can be fully integrated into the ACI fabric.

Cisco’s ACI seeks to address the data center operator’s need for automated provisioning, programmatic management, and comprehensive orchestration. Rather than decoupling the control plane from the data plane, ACI applies a policy model designed to capture application requirements and auto mate deployment across the network, regardless of whether the applications are virtualized or running on bare metal. This approach is what Cisco calls a declarative management model, which involves the voluntary cooperation of individuals or agents that publish their intentions via commitments to each other. The intentions are abstract, thus, for example, an application policy would state its requirements, and the underlying infrastructure would interpret how best to satisfy those requirements based on their inherent capabilities. Another networking option for cloud computing is provided by OpenStack, which provides a default framework — called Neutron — for customers to consume networking services, as well as a set of northbound and southbound APIs.


Cisco Application Centric Infrastructure Security SDN

The appliance has been fully and transparently integrated into the fabric of the next-gen Cisco Application Centric Infrastructure SDN Infrastructure data center architecture. For those deployments, the Cisco Application Centric Infrastructure SDN Controller provides a single point of control for both network and security management. It can provision the appliance’s security as a service, manage policy, and monitor the entire network and security environment for a unified view. This approach removes the limitations of traditional network oriented security solutions, allowing for significantly streamlined provisioning. In the Cisco ACI topology independent environment, Cisco ASAv services are managed as a pool of security resources. These resources can be selected and attached to specific applications or transactions to provide dynamic, scalable, policy based security. It supports both traditional and next-gen software SDN and Cisco Application Centric Infrastructure environments to provide policy enforcement and threat inspection across multi site environments.

Cisco Application Centric Infrastructure

SDN separate control plane functions from data plane functions and are often defined in narrow technical terms. Software-defined security leverages the philosophy and fundamental architecture of SDN but broadens the opportunity by integrating into more environments. The SDN “hub and spokes” approach ties together a controller where security policies are defined and evaluated with enforcement nodes that implement the policies, all done dynamically and in real-time. Leveraging a policy language that is abstracted to the application layer enables applicable policies to be applied at the appropriate enforcement nodes to maintain flexibility and alignment with the components of the application in use. The result is a security architecture that is easier to manage efficiently and an opportunity for maximum effectiveness. Cisco ACI is designed to address the data and security needs of the modern data center.

Security  For Next-Gen Data Centers

Security solutions for next-gen data centers must enable organizations to generate maximum business value from their investments in these data centers. This requires that such security solutions drive value by being integrated, policy based, robust, agile, and scalable. Well-designed and well-implemented security solutions with these characteristics create value by saving time and effort for management and provisioning of security solutions, by reducing the operational and business impact of security threats, and by ensuring that security does not inhibit the data center’s ability to support and drive the business. As a result, such security solutions enable next-gen data c enters by being integrated for efficiencies and reduced risk. Security products that integrate both with solutions supporting organizations’ traditional data center environments and with other security products being used in the next-gen data center environment generate time savings and reduce risk.
Cisco Application Centric Infrastructure SDN
[TABS_B id=18862]