Palo Alto Networks integrates as a service with Cisco
Application-Centric Infrastructure (ACI). ACI is a software-defined networking
(SDN) solution for easily deploying new workloads and network services.
Using an SDN controller called the Cisco Application Policy Infrastructure
Controller (APIC), you deploy the firewall service between Endpoint
Groups (EPGs). EPGs act as a container for applications or application
tiers. When you place a firewall between EPGs, security policy configured
on the firewall secures the traffic between the EPGs. The APIC provides
a single pane of glass for managing the network topology, network
policies, and connectivity for the entire data center and supports
inserting L4 - L7 devices, such as a hardware-based or VM-Series
firewall. Panorama is required for centralized security management.