The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Cisco Application Policy Infrastructure Controller - Enterprise Module (APIC-EM) is Cisco's SDN Controller for Enterprise Networks (Access, Campus, WAN and Wireless).
The platform hosts multiple applications (SDN apps) that use open northbound REST APIs that drive core network automation solutions. The platform also supports a number of south-bound protocols that enable it to communicate with the breadth of network devices that customers already have in place, and extend SDN benefits to both greenfield and brownfield environments.
The Cisco APIC-EM platform supports both wired and wireless enterprise networks across the Campus, Branch and WAN infrastructures. It offers the following benefits:
Creates an intelligent, open, programmable network with open APIs
Saves time, resources, and costs through advanced automation
Transforms business intent policies into a dynamic network configuration
Provides a single point for network wide automation and control
The following table describes the features and benefits of the Cisco APIC-EM.
Feature |
Description |
---|---|
Network Information Database (NIDB) |
The Cisco APIC-EM periodically scans the network to create a “single source of truth” for IT. This inventory includes all network devices, along with an abstraction for the entire enterprise network. |
Network topology visualization |
The Cisco APIC-EM automatically discovers and maps network devices to a physical topology with detailed device-level data. You can use this interactive feature to troubleshoot your network. |
EasyQoS |
The EasyQoS feature enables you to configure quality of service on the devices in your network that have been discovered by the Cisco APIC-EM. Using EasyQoS, you can group devices and then define the business relevance of applications that are used in your network. The Cisco APIC-EM takes your QoS selections, translates them into the proper command line interface (CLI) commands, and deploys them onto the selected devices. |
Cisco Network Plug and Play application |
The Cisco Network Plug and Play solution is a converged solution that extends across Cisco's enterprise portfolio. It provides a highly secure, scalable, seamless, and unified zero-touch deployment experience for customers across Cisco routers, switches and wireless access points. |
Cisco Intelligent WAN (IWAN) application |
The separately licensed IWAN application for APIC-EM simplifies the provisioning of IWAN network profiles with simple business policies. The IWAN application defines business-level preferences by application or groups of applications in terms of the preferred path for hybrid WAN links. Doing so improves the application experience over any connection and saves telecom costs by leveraging cheaper WAN links. |
Public Key Infrastructure (PKI) server |
The Cisco APIC-EM provides an integrated PKI service that acts as Certificate Authority (CA) to automate X.509 SSL certificate lifecycle management. Applications, such as IWAN and PnP, use the capabilities of the imbedded PKI service for automatic SSL certificate management. |
Path Trace application |
The path trace application helps to solve network problems by automating the inspection and interrogation of the flow taken by a business application in the network. |
High Availability (HA) |
HA is provided in N+ 1 redundancy mode with full data persistence for HA and Scale. All the nodes work in Active-Active mode for optimal performance and load sharing. |
Back Up and Restore |
The Cisco APIC-EM supports complete back up and restore of the entire database from the controller GUI. |
Audit Logs (IWAN) |
The Cisco APIC-EM provides a direct link to the IWAN Audit Logs, which allows you to view Cisco APIC-EM- and IWAN-related log entries. |
Step 1 | From your browser, enter the IP address or fully qualified domain name (FQDN) of the Cisco APIC-EM in the address bar. | ||
Step 2 | From the login page, enter your username and password.
The Home page of the APIC-EM controller appears. The Home page consists of the following two tabs:
|
The Home tab provides you with the following features:
Direct access to the Quick Start Guide.
List of System Requirements.
Information about Prime Integration.
Information and links to other controller resources.
The System Health tab provides you with the following information:
System health data
Application health data
Note | You must have administrator priviledges (ROLE_ADMIN) to access the System Health tab. |
The following information is displayed in the System Health tab.
When you log into the Cisco APIC-EM, the Home page appears.
Name |
Description |
---|---|
Navigation pane |
Provides access to the Cisco APIC-EM features and additional applications, such as IWAN and Network Plug and Play. |
Window |
Area where the feature or application interface is displayed. The Home page consists of two tabs that display information about the applications installed on the controller and controller's system health:
When you click an option in the Navigation pane, its corresponding window opens. |
Global toolbar |
Area that provides access to tools, such as API documentation, settings, and notifications. For a full explanation of the icons on the Global toolbar, see the Global Toolbar Options table below. |
I wish this page would... feedback link |
Link to a form where you can provide input about your experience using the Cisco APIC-EM features and its GUI and provide suggestions for improvements. |
The Navigation pane provides options to access the major Cisco APIC-EM features.
Icon |
Name |
Description |
---|---|---|
Hide/Unhide Navigation |
Allows you to hide and unhide the Navigation pane. |
|
Home |
Displays information about system requirements and supported platforms. |
|
Discovery |
Allows you to configure discovery options for scanning the devices and hosts in your network. |
|
Device Inventory |
Provides access to the inventory database, where you can display, filter, and sort tabular information about the discovered devices in your network. |
|
Host Inventory |
Provides access to the inventory database, where you can display, filter, and sort tabular information about the discovered hosts in your network. Users can have one of three possible states: active, inactive, and deleted. |
|
Topology |
Displays graphical representations of your physical, Layer 2, and Layer 3 networks. |
|
IWAN |
Allows you to configure your network-wide settings, provision sites, and configure application policies. |
|
EasyQoS |
Allows you to configure quality of service on selected devices in your network. |
|
Path Trace |
Allows the controller to review and collect protocol and other types of data from discovered devices in your network and use this data to calculate a path between two hosts or Layer 3 interfaces. |
|
Network Plug and Play |
Provides access to the remote deployment application for your network devices. |
The Global toolbar provides access to other system functions and displays system notifications.
Icon |
Option |
Description |
---|---|---|
API |
Displays the auto-generated documentation of the northbound REST APIs. |
|
System Notifications |
Opens the System Notifications dialog box, which provides information about system notifications that have occurred.. The icons at the top provide a total of the number of notifications in each of the following categories:
If notifications have occurred, they are listed below the icons. For example, any notifications about software updates or security certificates updates appear in this window. Click the Notification History link to open the Notifications window. This window provides information about the notification, such as its severtiy, source, timestamp, and status. You can perform the following actions in this window:
|
|
Administrative Functions |
Opens a window where you can perform functions that are specific to Cisco APIC-EM or to the user: |
Management Applications
The Cisco Network Plug and Play application provides a simple and secure solution for new infrastructure deployments of Cisco routers, switches, and wireless access points.
Using the Cisco Network Plug and Play application, you can pre-provision devices by specifying the required image, configuration, and other details. When you install and power up a Cisco network device, the device automatically connects with the Cisco APIC-EM controller using DHCP or DNS, and the Cisco Network Plug and Play application provisions the device with the preconfigured information.
The PnP solution comprises the PnP server, the PnP app, and the PnP agent. The PnP server interacts with the PnP app (which resides on the controller) and the PnP agent (which resides on PnP-enabled nnetwork devices.)
See the Cisco Network Plug and Play documentation for information about Cisco Network Plug and Play configuration procedures.
Note | You may need to import a proxy gateway certificate if the PnP application is enabled on the controller and a proxy gateway exists in the DMZ between the PnP-enabled devices and the controller. For more information, see the Cisco Application Policy Infrastructure Controller Enterprise Module Deployment Guide. |
The Cisco Intellegent WAN (IWAN) application with APIC-EM extends Software Defined Networking (SDN) to the branch with an application-centric approach based on business policy and application rules. This provides IT centralized management with distributed enforcement across the network.
The IWAN application helps IT deliver an uncompromised user experience over any connection while lowering operational costs. IWAN also simplifies IT operations through a software-based controller model, automating management tasks to ensure faster, more successful deployments.
The Cisco IWAN application leverages the APIC-EM to abstract the network devices into one system to eliminate network complexity, and provide centralized provisioning of the infrastructure to speed up application and service roll outs.
From the IWAN application, you can configure your network-wide settings, provision sites, and configure application policies.
See the Cisco IWAN documentation for information about Cisco IWAN network configuration procedures.
Note | You may need to import a proxy gateway certificate if the IWAN application is enabled on the controller and a proxy gateway exists in the DMZ between network devices and the controller. For more information, see the Cisco Application Policy Infrastructure Controller Enterprise Module Deployment Guide. |