Solution overview
Cisco Application Centric Infrastructure (ACI), Cisco’s software-defined networking (SDN) solution, maps hardware and software capabilities through a unified application-based policy model. It provides a holistic, system-based approach to datacenter security. The integration between RedSeal’s network security modeling and risk-scoring platform and Cisco ACI expands your ability to create one, unified model of your hybrid data centers—including physical devices and those in public and private clouds—and to conduct queries across network environments.
Unify physical, public cloud, and private cloud security
The digital infrastructure of today’s enterprises includes a complex array of physical, public and private cloud environments, which are constantly changing, making a complete and detailed understanding of the current state of a network a time-consuming and complex task. RedSeal’s hybrid data center security has the ability to create a network security model of complete hybrid data centers, including software-defined networks (SDNs) in Cisco Application Centric Infrastructure (ACI), giving you a comprehensive view of their entire as-built network. The Cisco ACI integration builds on RedSeal’s ability to provide critical visibility into access controls for these hybrid data center environments, as well as alert you to violations of customized policies you’ve established for your organization. RedSeal’s hybrid data center security capability also helps your network security teams be more productive by allowing them to quickly and accurately model devices and associated policies within the Cisco ACI fabric.
Model, test, and measure unified architecture
The integration of Cisco’s ACI fabric with RedSeal’s platform gives your security teams much-needed context for prioritizing vulnerabilities, accelerating incident response, managing compliance, and improving the overall resilience of your infrastructure.
RedSeal models the following Cisco ACI components:
- Tenant
- Context (VRF)
- Contract
- Subnet
- Endpoint Group
- Endpoints
RedSeal capabilities with Cisco ACI
- Verify the Distributed Firewall per tenant and the filters/access rules configured per host
- Verify Cisco ACI Distributed Firewall Access Rule Browser
- Verify Cisco ACI workload table in each tenant Distributed Firewall
- Define and submit queries to the database to verify connectivity details such as access, threats, policy compliance, detailed path— between specified endpoints in the network
- Run and verify access queries across east-west and cross-fabric traffic
Model and understand your hybrid data center
The integration between RedSeal’s network modeling, risk-scoring, security platform and Cisco ACI expands your ability to create one, unified model of your hybrid data centers providing a holistic, system-based approach to your hybrid datacenter security.