You are here
DC0068 - ACI 6.0 Microsegmentation (Part 4)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Datacenter
This video demonstrates how to use Cisco ACI 6.0 Microsegmentation to isolate endpoints into smaller security zones called uEPGs. We will be using flexible attributes like IP address, MAC, VM name, or OS instead of relying on VLANs or subnets. We will go through enabling microsegmentation on existing EPGs, creating uEPGs with various attribute types, and applying contracts to control which isolated groups are allowed to communicate. The goal is to show how granular, policy-driven endpoint isolation can be achieved within the same Bridge Domain without redesigning the underlying network.
Part 4 of this video covers Intra-EPG Isolation
Topic:
- Microsegmentation EPG
-
Network Attributes
- IP Address
- MAC Address
-
VM Attributes
- Operating System
- VM Name
- VM ID
- VM Attributes
- VM Tag
- Multi-Level VM Attribute Matching
- Intra-EPG Isolation
- Taboo Contract
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.