CloudGuard Controller for Cisco Application Centric Infrastructure (ACI)

CloudGuard ControllerClosed Provisions SDDC services as Virtual Data Centers that provide virtualized computer networking, storage, and security. integrates the Cisco ACIClosed Cisco® Application Centric Infrastructure. Comprehensive SDN architecture, policy-based automation solution for increased scalability through a distributed enforcement system with greater network visibility. Trademark of Cisco. fabric with Check Point security.

To learn more, see vSEC for ACI Managed by R80.10 Security Management Server Administration Guide for R80.10.

Prerequisites

Connecting to a Cisco ACI Data Center Server

Step

Instructions

1

In SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., create a new Data CenterClosed Virtual centralized repository, or a group of physical networked hosts, Virtual Machines, and datastores. They are collected in a group for secured remote storage, management, and distribution of data. object in one of these ways:

  • In the top left corner, click the Objects menu > More object types > Server > Data Center > New Cisco ACI.

  • In the top right corner, click Objects Pane > New > More > Server > Data Center > Cisco ACI.

2

In the Enter Object Name field, enter the applicable name.

3

In the URLs field, enter the addresses of Cisco ACI ClusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. Members. Multiple URLs allows support for APIC cluster for redundancy.

Important - These addresses can be either HTTP or HTTPS, but not both.

4

In the Username field, enter your Cisco APIC server User ID.

When using Login Domains, use this syntax:

apic:<domain>\<username>

5

In the Password field, enter the Cisco APIC server password.

6

Click Test Connection.

7

Click OK.

8

Publish the SmartConsole session.

9

Install the Access Control Policy on the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. object.

Cisco ACI Objects and Properties

Cisco ACI Imported Objects

Object

Description

Tenant

A logical separator for customers, BU, groups, traffic, administrators, visibility, and more.

Application Profile

A container of logically related EPGs, their connections, and the policies that define those connections.

End-Point Group (EPG)

A container for objects that require the same policy treatment.

EPG examples : app tiers or services (usually, VLAN)

L2 Out

A bridged external network.

L2 External EPG

An EPG that represents external bridged network endpoints.