I have a question related to the Security Groups in ACI. Today in DC we add Stateful Firewall to filter the east-west traffic. With ACI when we create SG's or EPG's and we remove the appliances (L4-7) and we just create contracts between the EPG's, but we keep the L4-7 appliances mainly to filter the North-South traffic (between Web - App - DB tiers).
The questions are,
- What features do I lose if I change the stateful firewall with a contract?
- Does that add risk and make the setup vulnerable? How?
- How to overcome this issue? as adding service chain inside the tier (ex. APP) would cause a performance issue.
- Does Tetration solve this problem, how?
I truly appreciate your inout and if you have a document that talks about the same.
Good afternoon Friends, these days I was accessing the DNAC manager and my surprise is that I did not have access, after a basic analysis I observed that the equipment was operational, but without being able to access it via DNA GUI (browser) I also ident...
Today we are going to talk about how to configure backups in the Cisco ACI APIC Dashboard. As you might know APIC is a UCS based CIMC controller and we can check the configuration backups on the Cisco ACI APIC Dashboard. Remember that the HA solution mus...
Listen: https://smarturl.it/CCRS9E14 Follow us: https://twitter.com/CiscoChampion
Organizations are undergoing digital transformation like never before. Global spending on digital transformation of business practices, products, and organization...