The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Cisco Application Policy Infrastructure Controller - Enterprise Module (APIC-EM) is Cisco's Software Defined Networking (SDN) Controller for Enterprise Networks (Access, Campus, WAN and Wireless).
The platform hosts multiple applications (SDN apps) that use open northbound REST APIs that drive core network automation solutions. The platform also supports a number of south-bound protocols that enable it to communicate with the breadth of network devices that customers already have in place, and extend SDN benefits to both greenfield and brownfield environments.
The Cisco APIC-EM platform supports both wired and wireless enterprise networks across the Campus, Branch and WAN infrastructures. It offers the following benefits:
Creates an intelligent, open, programmable network with open APIs
Saves time, resources, and costs through advanced automation
Transforms business intent policies into a dynamic network configuration
Provides a single point for network wide automation and control
The following table describes the features and benefits of the Cisco APIC-EM.
Feature |
Description |
---|---|
Network Information Database |
The Cisco APIC-EM periodically scans the network to create a “single source of truth” for IT. This inventory includes all network devices, along with an abstraction for the entire enterprise network. |
Network topology visualization |
The Cisco APIC-EM automatically discovers and maps network devices to a physical topology with detailed device-level data. The topology of devices and links can also be presented on a geographical map. You can use this interactive feature to troubleshoot your network. |
EasyQoS application |
The EasyQoS application abstracts away the complexity of deploying Quality of Service across a heterogeneous network. It presents users with a workflow that allows them to think of QoS in terms of business intent policies that are then translated by Cisco APIC-EM into a device centric configuration. |
Cisco Network Plug and Play (PnP) application |
The Cisco Network PnP application is one of the components in the Cisco Network PnP solution. The Cisco Network PnP solution extends across Cisco's enterprise portfolio. It provides a highly secure, scalable, seamless, and unified zero-touch deployment experience for customers across Cisco routers, switches and wireless access points. |
Cisco Intelligent WAN (IWAN) application |
The separately licensed IWAN application for APIC-EM simplifies the provisioning of IWAN network profiles with simple business policies. The IWAN application defines business-level preferences by application or groups of applications in terms of the preferred path for hybrid WAN links. Doing so improves the application experience over any connection and saves telecom costs by leveraging cheaper WAN links. |
Public Key Infrastructure (PKI) server |
The Cisco APIC-EM provides an integrated PKI service that acts as Certificate Authority (CA) or sub-CA to automate X.509 SSL certificate lifecycle management. Applications, such as IWAN and PnP, use the capabilities of the embedded PKI service for automatic SSL certificate management. |
Path Trace application |
The path trace application helps to solve network problems by automating the inspection and interrogation of the flow taken by a business application in the network. |
High Availability (HA) |
HA is provided in N+ 1 redundancy mode with full data persistence for HA and Scale. All the nodes work in Active-Active mode for optimal performance and load sharing. |
Back Up and Restore |
The Cisco APIC-EM supports complete back up and restore of the entire database from the controller GUI. |
Audit Logs |
The audit log captures user and network activity for the Cisco APIC-EM applications. |
You can install Cisco APIC-EM using any one of the following methods:
Appliance Installation—As a dedicated Cisco APIC-EM physical appliance purchased from Cisco with an ISO image pre-installed. For information about this type of installation, see About the Appliance Installation.
Bare-Metal Hardware Installation—As a downloadable ISO image that you can burn to a dual-layer DVD or a bootable USB flash drive, and then use either the DVD or flash drive to install the ISO image onto a server. For information about this type of installation, see About the Bare-Metal Hardware Installation.
Note that this platform (bare-metal hardware) is recommended over the following virtual machine option
Virtual Machine Installation—As a downloadable ISO image that you can install into a virtual machine within a VMware vSphere environment. For information about this type of installation, see About the Virtual Machine Installation.
The following are the primary components required for a Cisco APIC-EM installation:
The Cisco Cisco APIC-EM software either pre-installed on a Cisco appliance or provided as an ISO image downloaded from the Cisco website.
Supported Cisco routing and switching platforms
Ubuntu 14.04 LTS 64-bit
Open-VM-Tools
Cisco APIC-EM services
Grapevine Elastic Services Platform, consisting of a Grapevine root and client template
Note | Open-VM-Tools is only installed if the ISO image is installed within a virtual machine running on vSphere. The tools will not be installed if the ISO image is installed on a bare-metal or on a hypervisor from another vendor. |
The Cisco APIC-EM makes use of the Ubuntu operating system environment and Linux containers (LXC). The Grapevine root runs within the host's operating system. The Grapevine clients run in LXCs within the host. The Cisco APIC-EM services that run on the Grapevine Elastic Services Platform provide the controller with its core functionality. For information about the services, see Cisco Application Policy Infrastructure Controller Enterprise Module Administrator Guide.
The Cisco APIC-EM communicates with its supported platforms using the following protocols:
Note | Currently, the Cisco APIC-EM supports IPv4 only. IPv6 support is planned for a future release. |
For information about the supported Cisco platforms and software releases, see the following documentation:
The Cisco APIC-EM provides northbound REST APIs that you can use to that you can use to issue requests to the controller and exchange data with the controller in a platform-agnostic way. For detailed information about supported northbound REST APIs, see the internal, interactive documentation located within the GUI itself. Click the API button at the top right of the GUI to view this documentation.