In which three ways can you house Edge Transport servers on their perimeter network in ACI without investing extra cost in buying additional hardware? (Choose three.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.ABC.
In ACI (Application Centric Infrastructure), there are multiple ways to house Edge Transport servers on their perimeter network without investing extra cost in buying additional hardware. The three possible ways are:
A. Create an L3Out to route peer with an ASA firewall to isolate traffic with security rules: In this approach, an L3Out is created between ACI and an ASA firewall to isolate the traffic between Edge Transport servers and other resources. The ASA firewall is configured with security rules to ensure that only the required traffic is allowed to pass through. This approach ensures that Edge Transport servers are securely connected to the perimeter network.
B. Create a private VRF with default enforcement policy. Configure a bridge domain with a subnet assigned to a private VR: In this approach, a private VRF (Virtual Routing and Forwarding) is created, and a bridge domain is configured with a subnet assigned to a private VRF. A default enforcement policy is applied to the private VRF, which ensures that only the required traffic is allowed to pass through. This approach isolates the Edge Transport servers from other resources and ensures that only the required traffic is allowed.
C. No need to create Contracts. A default enforcement policy allows all traffic to forward: In this approach, a default enforcement policy is applied, which allows all traffic to forward between Edge Transport servers and other resources. This approach is not recommended as it does not provide any isolation or security for the Edge Transport servers.
D. Options "Shared Route Control Subnet" and "Shared Import Security Subnet" are not relevant in this context and are therefore incorrect.
E. Create Contracts to enforce policy between Edge Transport servers EPG and backend mailbox servers EP: In this approach, Contracts are created to enforce policy between the Edge Transport servers EPG (Endpoint Group) and backend mailbox servers EP. This approach ensures that only the required traffic is allowed to pass through and provides isolation and security for the Edge Transport servers.
In summary, the three ways to house Edge Transport servers on their perimeter network in ACI without investing extra cost in buying additional hardware are: