Internet of everything
Internet of everything

This free course is available to start right now. Review the full course description and key learning outcomes and create an account and enrol if you want a free statement of participation.

Free course

Internet of everything

4.3.5 Application-centric security

As organisations move to application-centric environments, the traditional security solutions are no longer adequate. Cisco’s ACI Security Solutions protect environments by fully integrating customised security technologies for the needs of a specific application. ACI Security Solutions can be managed as a pool of resources that are attached to applications and transactions using a central controller. This solution can automatically scale on demand providing seamless policy-based security.

This solution allows for a holistic, policy-based approach to security that reduces cost and complexity. It integrates physical and virtual security technologies directly into Cloud and datacenter infrastructures.

Watch the video overview of the Cisco ACI.

Download this video clip.Video player: ioe_1_video_4_3_2_3_cisco_application_centric_infrastructure_aci_overview.mp4
Skip transcript


In today's fast-paced global economy, business agility isn't an option, it's a necessity. With technology becoming a core part of most business strategies, business agility is closely tied to your data centre's and IT's ability to roll out new applications and services quickly and cost-effectively. However, today's traditional data centres lack the linkage between apps and the infrastructure to enable rapid application rollout.
IT has to rely on complex and manual configuration processes across multiple siloed teams to provision boxes before new applications can be deployed. Unfortunately, everyone is spending more time dealing with boxes instead of what's really important-- the applications. Emerging solutions, such as software-only overlays, attempt to simplify application deployments, but introduce additional complexities in terms of visibility, management, scale, and performance.
A new architectural and operation or model is needed-- a model that focuses on the applications, a model where application policy automates and unifies physical and virtual infrastructure, a model with real-time visibility and unprecedented performance and scale. That's exactly what the Cisco Application Centric Infrastructure delivers.
ACI transforms the data centre and how applications are deployed by shifting the focus to the application, dramatically reducing data centre complexity by unifying physical and virtual into one network, and radically accelerating the entire application deployment lifecycle. It does this by providing a common policy management and operational framework across siloed IT teams, enabling automatic infrastructure provisioning based on application policy profiles, providing secure multi-tenancy with centralised compliance and auditing, enabling anywhere workload placement and seamless mobility within and across data centres, taking a systems approach to provide a holistic view of application health, and providing open APIs to integrate with existing systems and enabling a vast partner ecosystem.
So how does it work? In the ACI model, the networked infrastructure becomes a flexible and programmable pool of stateless resources ready to be provisioned for new applications and policies. The Application Policy Infrastructure Controller, or APIC, is a key architectural component of the ACI model, that provides a single touch point for all configuration, management, and operational tasks.
It provides a common operational framework, unifying application, network, cloud, and security teams, all using a common tool set to define application policy requirements via an application network profile. The application network profile defines the logical representation of all the application infrastructure requirements, connectivity, and policies that define their interdependencies, such as tenant information, network services, and security policies.
This same model will extend to storage and compute in the future. When the application is ready to be deployed, the APIC uses the application network profile to automatically provision the required infrastructure resources and services, significantly simplifying and reducing infrastructure configuration and application deployment time from days to minutes. For fast and easy integration with your automation and orchestration tools, ACI offers a rich set of open northbound and southbound APIs, enabling a vast partner ecosystem and open source communities.
Also, ACI open source technologies extend the ACI framework to OpenStack and OpenDaylight. To ensure security, ACI separates policy from the network forwarding plane, providing complete network isolation. Open APIs support import and export from external security policy engines.
Through programmable policy framework, ACI supports service chaining automation and centralised compliance and auditing. With both enterprise and cloud providers in mind, the ACI model is designed to scale from small enterprise deployments to multi-data centres to large-scale, secure multi-tenant cloud providers with seamless workload mobility across data centres.
For monitoring and troubleshooting, the APIC collects extensive real-time telemetry information for both virtual and physical infrastructure. The APIC uses this real-time telemetry to monitor application health via an application health score, helping ensure SLAs. For instance, if a congested link impacts the application's health score, a pre-defined policy can automatically and seamlessly move the application to another rack or data centre, bypassing the congestion, and restoring optimal service, all while still enforcing defined policies.
Whether you're an enterprise or a service provider, ACI transforms your data centre or cloud deployment into an automated, highly agile, and scalable application-centric infrastructure. It provides a transformational operational model to radically accelerate application deployment, redefining the power of IT to be more responsive to changing business needs.
For more information on ACI and our vast partner ecosystem, please visit us on the web.
End transcript
Copy this transcript to the clipboard
Print this transcript
Interactive feature not available in single page view (see it in standard view).

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to university level study, find out more about the types of qualifications we offer, including our entry level Access courses and Certificates.

Not ready for University study then browse over 900 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus