- Preface
- New and Changed Information
- Getting Started
- Securing the Cisco APIC-EM
- Managing Users
- Enabling Applications on the Cisco APIC-EM
- Configuring IWAN-Specific Settings
- Configuring Telemetry
- Backing Up and Restoring the Cisco APIC-EM
- Managing the Cisco APIC-EM
- Monitoring the Cisco APIC-EM Services
Enabling Applications on the Cisco APIC-EM
Cisco APIC-EM Application Separation
The Cisco APIC-EM treats individual applications as separate from the core infrastructure. Specifically, individual applications can enabled to run on the controller or disabled using either the GUI or the CLI. The following applications are supported for this release:
-
Active Advisor—Application that provides information about devices in your Cisco APIC-EM inventory that have hardware End-of-Life warnings and vulnerabilities identified by the Cisco Product Security Incident Response Team (PSIRT).
-
Integrity Verification—Application that provides automated and continuous monitoring of network devices, noting any unexpected or invalid results that may indicate compromise.
-
IWAN—Application that provides IWAN services and functionality on the controller.
-
PnP—Application that provides Network PnP services and functionality on the controller.
-
Remote Troubleshooter—Application that uses the Cisco IronPort infrastructure to create a tunnel that enables a support engineer to connect to an APIC-EM cluster and troubleshoot issues with your system.
Note | Each Cisco APIC-EM application bundle consists of service bundles, meta data files, and scripts; however for this specific release, application bundles are only provided as part of the ISO image. |
Enabling and Disabling Applications
Cisco APIC-EM treats individual applications as separate from the core infrastructure. Specifically, individual applications can be enabled to run on the controller or disabled.
You can perform the application management procedures from the Applications tab in the Cisco APIC-EM GUI.
You must have successfully deployed the Cisco APIC-EM and it must be operational.
You must have administrator (ROLE_ADMIN) permissions and either access to all resources (RBAC scope set to ALL) or an RBAC scope that contains all of the resources that you want to group. For example, to create a group containing a specific set of resources, you must have access to those resources (custom RBAC scope set to all of the resources that you want to group).
For information about user permissions and RBAC scopes required to perform tasks using the Cisco APIC-EM, see the chapter, "Managing Users".
Enabling and disabling applications for the Cisco APIC-EM may involve controller downtime for a period of time. For this reason, we recommend that you schedule performing these procedures during your network off-peak hours or a maintenance time period.
What to Do Next
Check the Installed Applications field. When the status for the application changes to Enable, then proceed to access and work with the application in the controller.