Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Global



Service

Name

Scope: Private / Public

Matching criteria: 

Transport protocol: UDP/TCP/ICMP/GRE

Action:  Allow / Deny


PCLI

show fib router xxxxxxx


Global Servicepacket without a Tenant ( default bucket )


Tenants

Tenant is as the endpoints/users that need a similar set of
accesses to common set of services

Nmae = endpoint + service  >> control access to Network


subtenants

Hierarchical scope

subtenant.tenant   or   sub3.sub2.sub1.tenant

Apply ( 3 ways )to Network Interface

Neighborhoods:  subnet(s) – map to – tenant

dynamic: using hte metadata
PCLIshow tenant members router all


Security Policies




Local

service-route

https://docs.128technology.com/docs/config_reference_guide/#service-route

Branch:  point to the peer

DC: point the DC servers, or GW

service-route policy ( LB )

https://docs.128technology.com/docs/config_reference_guide/#service-route-policy


Router Provisioning

ZTP or Zero-Touch Provisioningsalt-minion call the salt-master on the Conductor
OTP or One-Touch Provisioning
Automated ProvisionerConductor provisioning


ISO image

Centos 7.5

128T sofware

Useful OS settings and tools


OTP's ISO 

DHCP client on interfaces

Web server GUI

>> Need to address the Conductor IP@

 Interactive ISO




...