Cisco Cisco Prime Network Services Controller Adaptor for DFA 产品宣传页
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 3 of 45
Introduction
It’s hard to imagine a modern data center without applications and Layer 4 to 7 services, which among other
benefits help address various security, scalability, and high-availability requirements. This document provides both
an overview and detailed information about how to integrate physical and virtual firewalls with the Cisco
®
Unified
Fabric with automation.
The primary goal of this document is to help readers gain a basic and advanced level of knowledge of how to
implement some typical firewall deployments in the data center using Cisco Unified Fabric with automation.
This document is structured to help readers gain knowledge as they progress through the sections, building from
the basic terms and concepts to advanced topics for planning the deployment.
Readers will learn about typical firewall deployments and network designs and get a brief introduction to optimized
networking in the Cisco Unified Fabric. Readers also will learn about how to integrate a firewall into the network
and the tool set that the Cisco Unified Fabric provides to simplify error-prone and routine tasks. Equipped with this
knowledge, readers will be presented with several examples that illustrate how to integrate firewalls into Cisco
Unified Fabric using optimized networking and automation.
Target Audience
This document is written for network architects; network design, planning, and implementation teams; and
application services and maintenance teams.
Prerequisites
Readers should be familiar with the fundamental concepts and terms Cisco Unified Fabric with automation before
proceeding with this document.
A professional (Cisco CCNP
®
) or higher level of knowledge of routing and switching protocols and network
deployment best practices is highly recommended.
Overview of Design and Connectivity in Cisco Unified Fabric Networks with Integrated
Firewalls
Firewalls
Typical Firewall Deployments in the Data Center
The history of networking and service appliances development reveals growth from simple single-server
applications to clusters of multiple front-end and back-end servers and a shift from simple logic-based rules to
more advanced URL- and context-based filtering and load balancing. These changes guided the evolution of
network designs, resulting in many niche and specialized network designs that nevertheless share the same
fundamental requirements: physical and virtual service appliances must be attached to the network and be
reachable through static or dynamic routing. Depending on the deployment case, these service appliances may
also need to attach to one or more Layer 2 domains and connect to a separate management network.