Firewall Configuration for Tenant-Defined Service Graphs | Cisco Exam 300-630-DCACIA

Layer 4 to Layer 7 Service Configuration

Question

A cloud provider must make a pair of firewalls available to all tenants.

Each tenant defines its own service graph.

Where should the Layer 4 to Layer 7 service be configured to accomplish this goal?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

In this scenario, a cloud provider needs to make a pair of firewalls available to all tenants, while each tenant can define their own service graph. The question asks where the Layer 4 to Layer 7 service should be configured to achieve this objective, and presents four possible answers: management tenant, infrastructure tenant, user tenant, and common tenant.

In Cisco Application Centric Infrastructure (ACI), a tenant is a logical entity that represents a group of users, applications, and network resources that share a common administrative domain. Tenants are used to partition the ACI fabric into distinct network domains, each with its own policies and security settings.

The management tenant is a special tenant that is used to manage the ACI fabric. It contains the administrative objects, such as users, domains, and policies, that are used to configure and manage the ACI fabric.

The infrastructure tenant is another special tenant that is used to manage the infrastructure components of the ACI fabric, such as the switches, controllers, and other hardware devices.

The user tenant is a regular tenant that is used to manage the application workloads and network services for a specific group of users. Each user tenant has its own set of policies and security settings that are separate from other tenants.

The common tenant is a special tenant that is used to share common resources and services between multiple tenants. It is often used to provide shared services, such as Layer 4 to Layer 7 services, to multiple tenants.

In this scenario, the Layer 4 to Layer 7 service should be configured in the common tenant. This will allow all tenants to use the same set of firewalls and other Layer 4 to Layer 7 services, while still allowing each tenant to define its own service graph. By configuring the Layer 4 to Layer 7 service in the common tenant, the cloud provider can ensure that all tenants have access to the same set of security and network services, while still maintaining the logical separation between tenants that is provided by user tenants.