How to

See how Cisco users can benefit from AlgoSec

  • Modernize your network and harness the power of Nexus & Cisco ACI with AlgoSec

    Watch this short video and see how you can easily modernize your infrastructure with AlgoSec and upgrading your Cisco nexus switches to ACI
  • Cisco baseline compliance

    Learn how to ensure your Cisco devices align with your internal company's standards
  • Cisco policy optimization

    Learn how to achieve a clean and optimized security policy on your Cisco device
  • Cisco regulatory compliance

    Learn how to prepare for a regulatory audit
  • Cisco risk assessment

    Learn how to assess risk on your Cisco devices with AlgoSec
  • Mapping your network

    Visualize your complex network, including your Cisco devices, with a dynamic network topology map

Benefits

Integrating Cisco ACI with AlgoSec lets you:

  • Automatically design and push security policy changes to Cisco ACI by creating contracts and filters to enforce data center whitelist policy and to firewalls connected to the ACI fabric and to other network security controls in a multi-cloud environment.
  • Proactively assess risk in Cisco ACI contracts and recommend changes needed to eliminate misconfigurations and compliance violations – while making policy changes as well as periodically for the entire multi-cloud environment.
  • Application policy reflection of the data center’s underline security policies as implemented on firewalls and other security devices.
  • Reduce time and effort through security policy automation
  • Facilitate and automate network segmentation within the data center
  • Help avoid outages and eliminate security device misconfigurations
  • Simplify and reduce audit preparation efforts and costs

Available on the Cisco Global Price List (GPL) and SolutionsPlus Program

The AlgoSec Security Policy Management Solution is available as part of the Cisco SolutionsPlus Program and listed on the Global Price List (GPL).

Explore the Cisco & AlgoSec partnership

What is Cisco ACI? SDN for the data center

Cisco’s Application Centric Infrastructure (ACI), an industry-leading software-defined networking (SDN) solution facilitates application agility and data center automation. ACI enables scalable multi-cloud networks with a consistent policy model and provides the flexibility to move applications seamlessly to any location or any cloud while maintaining security and high availability. It focuses on the applications that drive the business rather than network products, providing a centralized platform to manage application policies across both physical and virtual workloads. Cisco ACI automates IT workflows and security through whitelisting, policy enforcement and micro-segmentation, which in turn enables customers to build agile and secure next-generation data centers.

Microsegmentation for Cisco ACI

One benefit of moving to a virtualized, SDN environment such as ACI is that it enables and supports microsegmentation. Segmentation makes it significantly easier to protect applications and data, by reducing the ability of hackers to move laterally across networks. Cisco ACI’s microsegmentation capabilities enable this to be taken even further, by allowing individual servers to be isolated virtually into secure zones inside your data center. This level of granular application traffic filtering used to be prohibitively expensive and complicated in hardware-based environments, but virtualization has made it a viable option. With ACI, organizations can make network changes on the fly whenever they are needed, either to serve the needs of the business or when a problem occurs.

Solving complexity challenges in your Cisco ACI fabric & outside the ACI fabric

However, the rapid provisioning, granular control, and agility offered by ACI environments also mean that these virtualized networks can get very complex, very quickly. And when complexity starts to mount, there’s a real risk of human error creeping in – which in turn leads to misconfigurations and security holes. Furthermore, within the ACI environment, there will be a range of security and network routing options in use, from ACI’s built-in security controls to leaf switches and virtual firewalls. Management of all these controls needs to be automated and orchestrated, to eliminate the need to make time-consuming, error-prone manual changes every time a new application is deployed, or a new server added.

The AlgoSec-Cisco ACI integration

The AlgoSec solution intelligently automates and orchestrates network security policy management to make enterprises more agile, more secure and more compliant — all the time. Through a single pane of glass, users can determine application connectivity requirements, proactively analyze risk from the business perspective, and rapidly plan and execute network security changes — all with zero-touch. AlgoSec integrates with Cisco ACI to extend ACI’s policy-based automation to all security devices across the enterprise network – inside and outside the data center, on its edges, and in the cloud. With AlgoSec’s enhanced visibility and unified security policy management capabilities, customers can now process and apply security policy changes quickly, assess and reduce risk, ensure compliance and maintain a strong security posture across their entire environment – thereby rapidly realizing the full potential of their Cisco ACI deployment.    
Algosec - cisco aci integration

Connectivity and compliance directly from the Cisco APIC user interface

For truly seamless integration, AlgoSec’s unique ‘Connectivity and Compliance’ App is available from the Cisco ACI App Center. It gives easy access to the main features of AlgoSec’s solution directly from the Cisco APIC user interface. The AlgoSec App for ACI provides visibility into security and compliance posture of ACI fabric (including firewalls in the ACI fabric), enables contract connectivity troubleshooting and automating security policy changes on firewalls connected to the ACI fabric.

How it works

AlgoSec uses APIC northbound REST APIs to learn the APIC policy configuration. AlgoSec then uses this information from Cisco ACI and adds to it the configurations and policies of the network firewalls, routers, load balancers, web proxies, and cloud security controls, to deliver a unified security policy management solution for the ACI fabric. This, in turn, provides benefits including compliance, automation, and visibility of the entire network estate. cisco aci algosec

AlgoSec integration with CISCO ACI

Explore the Cisco & AlgoSec partnership

Download these resources to discover more about our partnership with Cisco

Partner Solution Overview: AlgoSec and CISCO ACI

With the integration of AlgoSec into the Cisco® Application Centric Infrastructure (Cisco ACI™) architecture, customers can monitor security policy changes across their Cisco AC...

Accelerate Data Center Application Deployment Cisco ACI & AlgoSec

In today’s fast-paced world, supporting an ever-growing number of applications across the data center poses significant security management challenges. Managing policies across p...

blank

Migrating Policies To Cisco ACI Policy Portability

Migrating application connectivity without creating security holes or causing application outages is easier said than done. Understanding and mapping existing application connectiv...

blank

UseCase Cisco ACI Increasing Adoption

Cisco ACI, an industry-leading software-defined networking solution, facilitates application agility and data center automation

blank

AlgoSec’s integration with Cisco ACI

In this demo you’ll can learn about the AlgoSec integration with ACI. Learn how the integration can provide joint customers with visibility, risk analysis and regulatory complian...

blank

Cisco ACI & Hybrid Networks – Breaking Down Silos with Central Policy Management

While your network extended beyond the confines of the physical data center and you started using Software Defined Networks (SDN) such as Cisco ACI, managing security policies with...

blank

Change Management A Day In The Life

Business-Driven Network Security Automation

blank

Solution brief Cisco Nexus and Cisco ACI with AlgoSec

Key benefits

AlgoSec’s Network Security Policy Management Solution supports the following use-cases

img

End-to-end visibility of your network

Get holistic visibility across your entire network. AlgoSec provides complete visibility into tenants, EPGs, endpoints, and contracts in the ACI fabric. AlgoSec provides quick access to key findings via the AlgoSec App for the Cisco ACI App Center, and helps you stay informed of the device status on your network. Get a detailed change history for every firewall and other managed device, current risk status, and device topology.

img

Assess risks and maintain compliance

Proactively performs a risk assessment for the policies (contracts) defined in the ACI fabric and defined for firewalls in the fabric. AlgoSec also recommends the necessary changes to eliminate misconfigurations and compliance violations. Before enforcement, AlgoSec proactively assesses risks for new policy change requests to ensure continuous compliance. Additionally, AlgoSec automatically generates audit-ready regulatory compliance reports for regulations (PCI DSS, SOX, GDPR, and more) for your entire network, both within and outside of the entire ACI fabric.

img

Zero-touch network security policy management

Automatically push security policy changes to Cisco ACI by creating contracts and filters to enforce data center whitelist policy. Automatically push changes to firewalls in the ACI fabric and other network security controls in the data center

img

Policy driven application connectivity management

Using AlgoSec for Cisco ACI, you can map application connectivity to ACI contracts and EPGs as well as in-fabric firewall policies, and migrate application connectivity to Cisco ACI. AlgoSec lets users visualize and instantly provision connectivity for business applications, as well as assess the impact of network changes on application availability to minimize outages. View risk and vulnerabilities from the business application perspective and recommend potential changes to the Application policies in the ACI fabric.

Choose a better way to manage your network