Threat Modelling and Beyond for Cisco ACI

Cisco Application Centric Infrastructure (ACI) is one of the major solutions in the era of software-defined networking (SDN). Overall, it consists of a) leaf & spine switches (running NX-OS) to connect different endpoints and enforce filtering rules and b) a cluster of Application Policy Infrastructure Controllers to manage the SDN. Such a modern networking approach comes, of course, with its own threats and risks.

To better understand the threat landscape in the case of the Cisco ACI solution, we performed a first deeper analysis of the system. In this lightning talk we will present the current research results on a theoretical and technical level, existing challenges, and a forecast of the next steps.