Infrastructure
Cisco IT Insights
ACI
Controller
Policy Model
Cisco IT has deployed Cisco ASA 5585-X firewalls as our frontline network security solution. We also use the Cisco ASAv virtual
appliance for selected network areas.
2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. April 2015
Page 1 of 1
The Cisco APIC is the policy controller that manages the ACI fabric (consisting of Cisco Nexus 9500 or 9300 switches) to provide
physical and virtual network interfaces and a centralized policy model for securing applications. It helps us improve security with
functionality such as policy enforcement among ACI endpoint groups, centralized lifecycle management of security policies, and
automated insertion of security services in an applications traffic flow.
The Cisco APIC gives us a good way to automate much of our traffic analysis so our security staff can focus on the small portion
of data that needs special handling, says David Ho, senior manager for data security, Cisco InfoSec.
2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. April 2015
Page 2 of 2
Note
This publication describes how Cisco has benefited from the deployment of its own products. Many factors may have contributed to
the results and benefits described. Cisco does not guarantee comparable results elsewhere.
CISCO PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,
INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Some jurisdictions do not allow disclaimer of express or implied warranties; therefore, this disclaimer may not apply to you.
2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. April 2015
Page 3 of 3