I have recently moved to an environment where a lot security is controlled at the core switch level. The default gateway for most if not all of our vlans is the core switch. I usually try and push towards using a firewall for this kind of security, but it seems like architecture wise it can go either way.
Any tips for managing a large set of ACLs configured on a Cisco Nexus Switch? I am very comfortable in command line, but managing such large amounts of ACLs just seems a little cumbersome compared to doing it in something like ADSM. Also it is sometimes not 100% clear which ACLs are in use and are necessary. Maybe I just need to get better in command line, but I feel there has got to be a better way to approach cleaning up these massive ACLs in the core.
No comments:
Post a Comment