You are here
DC0069 - ACI 6.0 Endpoint Security Group (Part 2)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Datacenter
The video introduces you to a concept of Endpoint Security Group (ESG) in Cisco ACI 6.0. The lab walks through migrating existing EPG endpoints into ESGs using various selector types including EPG selectors, IP tags, MAC tags, and VMM-based attributes like VM name and VM tags. This demonstrates how each selector type affects switching versus routed traffic enforcement. The key takeaway is that ESGs provide a flexible, app-centric security model that supports multi-BD grouping and granular endpoint classification, making them well-suited for greenfield deployments or as a migration path from EPG-based policy.
Part 2 of this video covers endpoint classification using IP and MAC Address
Topic:
- EPG to ESG migration
-
Endpoint Classification into ESG
- IP Address
- MAC Address
- VMM MAC Endpoint
- ESG Contract
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.