Explore advanced threat modeling techniques and security considerations for Cisco Application Centric Infrastructure (ACI) in this comprehensive conference talk. Delve into the physical layout, essential background knowledge, and architectural components of ACI. Learn about critical security aspects, including the ACI filter mechanism bypass, VTEP spoofing, and switch compromise. Examine challenge-response functionality, device packages, and the OpFlex control protocol. Gain valuable insights into potential vulnerabilities and discover effective strategies to enhance the security posture of your ACI environment. Conclude with a discussion on next steps for implementing robust threat modeling practices in Cisco ACI deployments.
Overview
Syllabus
Intro
Agenda
Physical Layout 1/2
Background Knowledge
Certificates
Architecture 12/21
Short recap STRIDE
ACI Filter Mechanism Bypass
VTEP Spoofing
Switch Compromise
Some Challenge Response Functionality
Device Packages
OpFlex Control Protocol
Next Steps
Taught by
WEareTROOPERS