What is an EPG?
Ports can be members of more than one EPG. For example, all ports on a switch can be members of an EPG that includes all switch ports. This type of EPG is called a promiscuous EPG. Alternatively, ports can be members of multiple EPGs, each with a specific function. For example, one EPG could be created for voice traffic, another for video traffic, and another for data traffic.
EPGs are created and managed using the Cisco Application Centric Infrastructure (ACI) policy model. The ACI policy model defines the relationships between EPGs, endpoints, and the network.
When an EPG is created, the administrator defines the following parameters:
• EPG name
• EPG description
• EPG type
• EPG members
• EPG policies
EPG types
There are two types of EPGs:
• Internal EPGs are used to group ports that are physically located on the same switch.
• External EPGs are used to group ports that are located on different switches. External EPGs are also used to group ports that are located on different devices, such as servers or routers.
EPG members
EPG members can be individual ports or port channels. A port channel is a logical grouping of multiple physical ports.
EPG policies
EPG policies define the security and QoS policies that are applied to the traffic flowing through the EPG.
Creating an EPG
EPGs are created using the Cisco ACI policy model. The ACI policy model defines the relationships between EPGs, endpoints, and the network.
When an EPG is created, the administrator defines the following parameters:
• EPG name
• EPG description
• EPG type
• EPG members
• EPG policies
After an EPG is created, the administrator can add endpoints to the EPG. Endpoints can be physical devices, such as servers or routers, or they can be virtual devices, such as virtual machines or containers.
Adding endpoints to an EPG
Endpoints are added to an EPG using the Cisco ACI policy model. The ACI policy model defines the relationships between EPGs, endpoints, and the network.
When an endpoint is added to an EPG, the administrator defines the following parameters:
• Endpoint name
• Endpoint description
• Endpoint type
• Endpoint address
• Endpoint policies
After an endpoint is added to an EPG, the administrator can apply security and QoS policies to the endpoint.
Applying policies to an endpoint
Policies are applied to an endpoint using the Cisco ACI policy model. The ACI policy model defines the relationships between EPGs, endpoints, and the network.
When a policy is applied to an endpoint, the administrator defines the following parameters:
• Policy name
• Policy description
• Policy type
• Policy parameters
Policy types
There are two types of policies:
• Security policies are used to protect the network from unauthorized access and to control the flow of traffic.
• Quality of service (QoS) policies are used to prioritize traffic and to ensure that critical traffic is not delayed or dropped.
Applying a security policy
Security policies are applied to an endpoint using the Cisco ACI policy model. The ACI policy model defines the relationships between EPGs, endpoints, and the network.
When a security policy is applied to an endpoint, the administrator defines the following parameters:
• Policy name
• Policy description
• Policy type
• Policy parameters
The security policy parameters define the following:
• The type of security policy
• The action to take if the policy is violated
• The conditions that trigger the policy
• The devices and users that are affected by the policy
Applying a QoS policy
Quality of service (QoS) policies are applied to an endpoint using the Cisco ACI policy model. The ACI policy model defines the relationships between EPGs, endpoints, and the network.
When a QoS policy is applied to an endpoint, the administrator defines the following parameters:
• Policy name
• Policy description
• Policy type
• Policy parameters
Related content
Cisco Aci Aep What Is
Read about Cisco aci aep what is and learn more!
Cisco Aci What Is a Bridge Domain
Read about Cisco aci what is a bridge domain and learn more!
Cisco Aci What Is a Pod
Read about Cisco aci what is a pod and learn more!
Cisco Aci What Is a Tenant
Read about Cisco aci what is a tenant and learn more!