imelamory - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

SDN blogs: Configuring Cisco's ACI fabric

In this week's blogs, experts explain how to configure Cisco's ACI fabric, consider the future of firewalls and discuss network monitoring.

Configuring Cisco's ACI fabric

In a recent post on his blog, Jason Edelman explained how to configure and monitor an Application Centric Infrastructure (ACI) fabric by using object-oriented REST API tools that are part of Cisco's Application Policy Infrastructure Controller (APIC).

Edelman wrote that Cisco's SDN platform reduces the number of touch points in a network, but without something else driving the ACI fabric -- such as a cloud management platform, automation tool or custom script -- new configurations may require a lot of manual clicks within the user interface. He praised Cisco, however, for making it relatively easy for network engineers and developers to use APIs to set up automation with APIC. In particular, Edelman referenced four configuration tools that Cisco provides to enable adoption of the ACI fabric: Cobra, Visore, API inspector and ARYA.

Read Edelman's step-by-step process on how to configure an ACI fabric using these tools right here.

Firewalls not part of future security

In a recent post on his Ethereal Mind blog, network engineer Greg Ferro broke down Yahoo Chief Information Security Officer Alex Stamos' presentation at this year's AppSec California, where Stamos explained that firewalls will be irrelevant in the near future. Stamos said firewalls are not part of Yahoo's security strategy moving forward for a variety of reasons, ranging from their inability to secure east-west data flows to the fact that secure apps negate the need for external devices. Ferro wrote that many of Stamos' concerns, most notably his assessment of east-west data security shortfalls, apply to the enterprise. He added that one approach, VMware's NSX, solves security problems by using SDN and overlays via segmentation.

Watch Stamos' entire presentation and check out the rest of Ferro's post here.

Network architects discuss SDN network monitoring

Network architect Ivan Pepelnjak shared on his ipSpace blog some of the issues he discussed with colleagues Matt Oswalt and Terry Slattery about the challenges of monitoring and managing SDN networks. The group talked about a wide variety of topics, including the problems associated with monitoring virtual and physical switches, why performance metrics between the two vary so widely, and whether white box switching could change the lack of instrumentation in merchant silicon.

The trio also considered how some network engineers may get in over their heads when deploying white box switches for the first time, and whether there will ever be a point when people with operational experience will be the ones writing open source management networking tools.

Pepelnjak included links in the post to recent webcasts and podcasts discussing these topics and others in detail. Read the entire post here.

Next Steps

Why would some relate SDN to IBM SNA?

Is WAN virtualization worthwhile?

The security benefits of an SDN-enabled network

Dig Deeper on Software-defined networking