Cisco Live 2019 Break Down Session ACI 2, Study notes of Computer Networks

Cisco Live 2019 Break Down Session ACI 2

Typology: Study notes

2019/2020

Uploaded on 02/02/2026

maxime-michelin
maxime-michelin 🇬🇧

15 documents

1 / 199

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Cisco Live 2019 Break Down Session ACI 2 and more Study notes Computer Networks in PDF only on Docsity!

Practical Applications of

Cisco ACI Micro

Segmentation

@JuanLage, Principal Engineer – INSBU

BRKACI- 2301

Session Objectives

  • Explain the ACI features that enable Micro Segmentation
  • Provide you ideas of how to use these features
  • Show you these features working on simple yet practical examples

5

  • ACI Fundamentals Review
  • Micro Segmentation Fundamentals
  • ACI Group Based Policy Model
  • Deep dive into Micro EPG options
  • Demo #1 – Applying IP-Based uEPGs to segment BM and VM
  • Demo #2 – Using uSeg for Automated Application Deployment

Agenda

8

Cisco ACI: Industry Leader

ACI Customers ACI Attach Rate Ecosystem Partners

Ecosystem Partners

9

ACI Anywhere

Any Workload, Any Location, Any Cloud

Remote PoD Multi-Pod / Multi-Site Hybrid Cloud Extension

ACI ANYWHERE

IP

WAN

IP

WAN

Remote Location On Premise Public Cloud

Security Everywhere Analytics Everywhere Policy Everywhere

What do we mean by Micro

Segmentation?

What is Micro Segmentation?

Segment 3 Segment 1

Segment 2

Segment 4

Segmentation

Segment = Broadcast domain / VLAN / Subnet

12

What is Micro Segmentation?

Segment 3 Segment 1

Segment 2

Segment 4

Segmentation Micro Segmentation

Segment 1

Micro Segment 1 Micro Segment 3

Micro Segment 2

Segment = Broadcast domain / VLAN / Subnet Micro Segment = Endpoint or Group of Endpoints

Micro Segment 4

Segment 2

14

Why Micro Segmentation?

  • Perimeter security is not enough: once

breached, lateral movement can allow

attackers to compromise more assets

  • Improve the security posture inside the Data Center
  • Minimize segment size and provide smallest exposure to lateral movement

15

Micro Segmenting in an heterogeneous

Data Center

Campus

and

Branch Users

17

Micro Segmenting in an heterogeneous

Data Center

Virtualized w/ VMware

Campus

and

Branch Users

18

Micro Segmenting in an heterogeneous

Data Center

Virtualized w/ VMware

Virtualized w/

Microsoft

Campus

and

Branch Users

Virtualized w/

KVM

20

Micro Segmenting in an heterogeneous

Data Center

Virtualized w/ VMware

Bare Metal / Big Data

Virtualized w/

Microsoft

Campus

and

Branch Users

Virtualized w/

KVM

21