Power Up Your Security with the Panorama Plugin for Cisco ACI
The new Panorama plugin for Cisco ACI gives you the power to dynamically secure the endpoints in your Cisco ACI fabric. The Cisco ACI plugin regularly polls your APIC for changes in your endpoints. The plugin then retrieves tags, which map to endpoint IP addresses. When an endpoint’s tag matches match criteria on Panorama, the endpoint is placed in a Dynamic Address Group (DAG) and matches against the appropriate security policy rules. Panorama sends policy rules to your virtual and physical firewalls and those firewalls begin securing traffic.
You can create DAGs that correspond to a Cluster, Tenant, Application Profile, Endpoint Group (EPG), or micro-EPG. This gives you the flexibility to create broad policy for your entire cluster down to more narrow policy for specific groups of endpoints. So, you can be secure in the knowledge that whenever a new endpoint joins your fabric, it is protected.
Get started in five easy steps:
The 8.1 and 9.0 VM-Series Deployment Guides have the information you need to start protecting your Cisco ACI Environment.
As always, you can find our content at https://docs.paloaltonetworks.com.
Happy reading!
Your friendly Technical Documentation team
documentation@paloaltonetworks.com
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.