How to apply a cert to the ASE version of MSO?

I was recently asked this question by a customer and I’m documenting how to do this for the benefit of everyone.  Before proceeding let’s gather all the items that we will need to make this happen. Update 10/23/2020:   For MSO (on SE) certs the last action is to activate the key-ring.   Unfortunately, that part will … More How to apply a cert to the ASE version of MSO?

Getting Started: Cisco MSO With Ansible (updated: 10/8/2020)

update for L3Out was added on 10/8/2020:  Please see the bottom of the post. Introduction: When it comes to automation for orchestration or monitoring there are always many choices and at the end the choice depends on what you are more comfortable with.  Using automation with Cisco APIC is very common and most folks are … More Getting Started: Cisco MSO With Ansible (updated: 10/8/2020)

ACI/Cloud Extension Usage Primer (Azure) – Multi-Node Service Graph with North South Firewall Scaling using vNET peering and hosting service devices in HUB vNET (overlay-2)

In a previous article for Multinode Service Graphs with Horizontal Scaling of Firewalls for East/West traffic on Azure I had described and guided you step by step on how to configure and test that scenario. I have had quite a few folks reach out to me and request that I do a similar writeup for … More ACI/Cloud Extension Usage Primer (Azure) – Multi-Node Service Graph with North South Firewall Scaling using vNET peering and hosting service devices in HUB vNET (overlay-2)

CPOC Series: ACI Service Chaining using Policy Based Redirect (PBR) for east-to-west traffic through an ASA FW

In this video we explore using Policy Based Redirects to identify either a subset or ALL traffic between EPGs and forcing that traffic to an external device, in our case, an ASA FW. In our case, our ACI Fabric is the L3GW for all traffic. With the PBR feature, we are going to use an … More CPOC Series: ACI Service Chaining using Policy Based Redirect (PBR) for east-to-west traffic through an ASA FW

CPOC Series: Achieving Segmentation in ACI by Attaching multiple EPGs to one Bridge Domain

In this video we explore the design practices of attaching multiple EPGs to a BD. There are several use-cases for this, including but not limited to: Application-centric design Not having to re-address servers that you want to split up (i.e., separating web servers from app servers from db servers in the same subnet) Compliance (i.e., … More CPOC Series: Achieving Segmentation in ACI by Attaching multiple EPGs to one Bridge Domain

CPOC Series: ACI Segmentation Using Microsegmented EPGs (uSeg)

In this video we explore a very popular topic in Microsegmentation. To summarize, Microsegmentation inside of ACI is taking devices inside of an EPG, and placing them inside of their own “sub-EPG”. This new EPG behaves exactly like normal EPGs from a connectivity perspective; we still need contracts to talk to other EPGs (including our … More CPOC Series: ACI Segmentation Using Microsegmented EPGs (uSeg)