Cisco Cisco ASA 5555-X Adaptive Security Appliance 설치 가이드

The Cisco Application Policy Infrastructure Controller (APIC) automates insertion of services (such as an 
ASA firewall) between applications, also called End Point Groups (EPGs)

. 

The APIC uses northbound 

APIs for configuring the network and services. You use these APIs to create, delete, and modify a 
configuration using managed objects. 

If you try to create a configuration that is not supported on your current ASA version, an error 
similar to the following could appear on the APIC: 

“ *Major script error: Configuration error: …. ERROR: % Invalid input detected at 

'^' marker. “ 

See your ASA version documentation for supported features. 

When a service function is inserted in the service graph between applications, traffic from these 
applications is classified by the APIC and identified using a tag in the overlay network. Service 
functions use the tag to apply policies to the traffic. For the ASA integration with the APIC, the service 
function forwards traffic using either routed or transparent firewall operation. 

For information about the APIC, see the “Cisco Application Centric Infrastructure” chapter of the 
ACI Fundamentals guide.

For information about service graphs, see the “Configuring a Service Graph” chapter of the Cisco 
APIC Layer 4 to Layer 7 Services Deployment Guide.

For information about the insertion of Layer 4 to Layer 7 services, see the “Overview” chapter of the 
Cisco APIC Layer 4 to Layer 7 Services Deployment Guide.