Cisco ACI Integration.

Improve visibility, change monitoring and compliance for Cisco ACI tenants, contracts, and applications.

Learn how Tufin provides advanced support for Cisco ACI.
Request a live Demo

Security Policy Orchestration for Cisco ACI

Software defined networking in the private cloud is a prevalent option for organizations that require a high degree of security control combined with the scalability of the cloud. The 2018 State of the Cloud Report highlights that companies run more applications in their private cloud than their public cloud, and retain emphasis on hybrid cloud usage. While the private cloud is a prevalent solution, it brings challenges by introducing new complexity to the network through East-West traffic.

Both the Tufin Orchestration Suite™ and Cisco ACI share a multi-tenant, policy-driven, application-centric approach. When the two solutions work in tandem, Tufin tracks the Cisco ACI platform in the context of the broader enterprise network. Tufin serves as the single pane of glass to enable effective change tracking, deploy and retain an enforceable security policy, ensure application-driven connectivity, and provide a state of audit preparedness.


  • Gain visibility of security and connectivity across your network infrastructure, including public and private clouds
  • Reduce complexity by managing your enterprise security policies from a single pane of glass
  • Ensure comprehensive network security policy management across all leading enterprise platforms
  • Strengthen your security posture by extending micro-segmentation across physical, virtual and cloud networks
  • Reduce time and effort invested in audit readiness with continuous compliance
  • Enhance agility with application-centric automation throughout network security policy changes

View the solution brief: Orchestrating Application Connectivity with Cisco ACI and Tufin

Learn more about Tufin's integration with Cisco ACI.

Download Firewall Change Tracker

Track policy changes in key Cisco ACI fabric components, such as contracts, EPGs, Application profiles, Services Graphs, etc. along with other multi-vendor firewall device policy changes -- all from a single dashboard!