Cisco has released a new version of its ACI APIC software, incorporating both microsegmentation and expanded support for both containers and VMware integration. The company’s Intercloud initiative is also expanding to Germany, where the company is partnering on a new public cloud with Deutsche Telekom.

On the ACI front, microsegmentation means that network traffic can be segregated based on information as granular as a specific attribute, a group of endpoints, or even a single IP address. Harry Petty wrote on the Cisco blog:

“ACI micro-segmentation allows users to create micro-segments across multiple VMM and physical domains in a consistent policy driven framework, that allows operational flexibility and choice for customers.

Micro-segmentation for any multi-tiered application with physical or virtual workloads across any hypervisors

Use the same policy model to isolate workloads for vSphere, Hyper-V, OpenStack, Containers, and bare metal servers.

Micro-segmentation classification can use workload attributes such as Virtual-machine attributes and Network (IP, MAC) attributes providing finer grained control at the individual virtual machine(s) level.

Hypervisor agnostic Intra-EPG isolation policy across VMs and bare metal

Simple, automatic creation of a quarantine security zone for a multi-tiered application when a rogue end point or threat is identified and automated remediation.”

The update includes new policy support for containers, partly through the new Project Contiv open source project, which appears to cover some of the same ground as OpenStack Congress covers for VMs. It also includes support for VMware VDS and vRealize environments.

Meanwhile, Cisco’s partnership with T-Systems/Deutsche Telekom will create a public cloud based in Germany, intended to provide safe harbor for European companies nervous about governmental snooping. T-Systems wrote, “Where public clouds are currently still unsecured, for instance in public use, in real-time communication between cities and citizens, the European Intercloud now offers completely new, secure possibilities for interaction. All sorts of cloud services can be provided from one source on the basis of German security standards with the new technology. The high security standards and data privacy requirements set forth by German and European law prohibit foreign security agencies from accessing stored data, and, following the decision regarding the Safe Harbor Agreement, data transfer to the US as well. Data remains at German data centers; the customer maintains data sovereignty.”

Cisco’s Intercloud is intended to be a collection of OpenStack-based clouds linked together..

Resources