Securing Connections to the SD-AVC Network Service
The SD-AVC Network Service, operating on a host device, communicates with:
- One or more PC-type devices running the SD-AVC Dashboard
- Network devices running the SD-AVC Agent
Enable Connectivity
To enable connectivity, ensure that ports, firewall policy, and so on, are configured to enable communication between the SD-AVC Network Service and the other relevant devices. See Configuring Connectivity.
Secure Connectivity
You can optionally use the mechanisms described below to secure the connections between the SD-AVC Network Service and other devices.
Method |
Information |
||
---|---|---|---|
Access control list (ACL) |
Configure an ACL on the device hosting the SD-AVC Network Service to define a white list of devices authorized to communicate with the SD-AVC Network Service. The ACL may be applied on a physical interface of the host device, or on the virtual interface between the host device and the SD-AVC Network Service.
|
||
IPsec tunnels |
For network scenarios that require a secure connection between the SD-AVC Network Service and network devices running the SD-AVC agent, you can use IPsec tunnels to encrypt the SD-AVC communication. For information about configuring Cisco IOS IPsec VPN connections, see Cisco IOS IPsec. |