No, this isn't in prep for some kind of test. I've found myself familiar with Cisco APIC and application-centric networking, and I'd like to understand it better from a cross-vendor, cross-product perspective.
So, I know APIC has the concept of EPGs and contracts. I know EPGs can be about VLANs, but don't really have to be. I know contracts can be about firewall rules, but don't have to be. I've got a reasonable introductory understanding of how EPGs and contracts work, and I rather like it.
I also know about VMWare NSX, but also that it doesn't approach the APIC's degree of...requirements association? Mutual agreement? Basically, the network fabric permits or blocks traffic based on whether or not a rule is present, not on whether two rules agree.
I also know about generic 5-factor or 7-factor SDN, but that's simply flexible enough to achieve just about anything without providing much prescriptive structure; it can do anything you know how to build a controller to do. Which is neat, of course.
And, finally I know a little about Tigera Calico, but I don't get the impression it's a whole lot more powerful than a Kubernetes-aware NSX-alike with the ability to do rule overrides at different priority levels.
But what I don't know is another network-fabric-management system that has the particular idea of mutual consent between endpoints. Are there more out there?
No comments:
Post a Comment