Cisco Aci Fabric Components

Concepts covered in this document include.

Cisco aci fabric components. An attacker who has possession of a certificate that is trusted by the cisco manufacturing ca and the corresponding private key could exploit this vulnerability by presenting a valid certificate while attempting to connect to the targeted device. Beginning in apic release 4 2 1 cisco aci can also use cisco cloud apic to extend a cisco aci multi site fabric to microsoft azure public clouds. In the aci world spine and leaf are the cisco nexus 9000 series switches n9k in the aci mode and they are the control and the data plane of the aci. Leveraging new concepts within cisco aci fabrics and combined with packet processing capture vm analysis and tool optimization features on the apcon platform allows best of breed capabilities for holistic network monitoring.

In this blog post we will explore cisco aci fabric components and provide high level overview of important cisco aci concepts. What cisco cloud apic is cisco cloud apic is a software component of cisco apic that can be deployed on a cloud based virtual machine vm. What is intent based networking. The aci fabric provides multiple attachment points that connect through leaf ports to various external entities such as bare metal servers virtual machine hypervisors layer 2 switches for example the cisco ucs fabric interconnect or layer 3 routers for example cisco nexus 7000 series switches.

Cisco aci main components. In a leaf spine aci fabric cisco is provisioning a native layer 3 ip fabric that supports equal cost multi path ecmp routing between any two endpoints in the network but uses overlay protocols. Cisco aci concepts components. Vxlan virtual extensible lan is the encapsulation technology on which all the sdn solutions are based because it permits users on different subnets even on remote routed networks to see each other as if they were on the same l2 segment.

In this chapter we will cover the following understanding aci and the apican overview of the aci fabricconverting cisco nexus from nx os mode to aci modeaci. Aci fabric os is not pure nx os but similar to it actually a rewritten version of nx os. Nexus 9000 switches apic and ecosystem. These devices can become part of an aci fabric through a variant of the nx os operating system called aci fabric os.

Aci application centric infrastructure is a multi tenant data center switching solution based on intent based approach. The vulnerability is due to insufficient tls client certificate validations for certificates sent between the various components of an aci fabric. The cisco aci fabric is designed as an application centric intelligent network. Understanding components and the aci fabric.

We will not be looking into configuration workflows which will be a topic for another post. The cisco apic policy model is defined from the top down as a policy enforcement engine focused on the application itself and abstracting the networking functionality underneath.