In this lab, your objective is to segment four critical applications called “App1,2,3,4” using ACI contracts and filters which act as a distributed firewall.
You will essentially be establishing a protective barrier around the application and protecting it from BOTH North-South attacks and East-West attacks. The control utilized at this barrier will be a ACI firewall, more specifically ACI’s contracts and filters. ACI uses a white list model that prevents any device inside of a End Point Group to communicate to another device in a second End Point Group(EPG) without a contract and filters to allow communication.
You will essentially be establishing a protective barrier around the application and protecting it from BOTH North-South attacks and East-West attacks. The control utilized at this barrier will be a ACI firewall, more specifically ACI’s contracts and filters. ACI uses a white list model that prevents any device inside of a End Point Group to communicate to another device in a second End Point Group(EPG) without a contract and filters to allow communication.
Comments
Join the Conversation
Login or create an account to participate in the discussion and get access to so much more