Chat with Your ACI Fabric.
Discover how the Model Context Protocol (MCP)revolutionizing network management like in ACI – turning complex ACI operations into simple & natural language conversations.
The Conversational Data Flow
From your query to an ACI configuration change, this is the journey. Click on any component to learn more about its role in the process.
1. User Query
2. AI Host (IDE)
3. MCP Client
4. MCP Server
8. AI Response
7. Host Formulation
6. Server Processes
5. ACI Fabric
MCP: The Universal Translator for AI
The Model Context Protocol (MCP) is an open standard that enables AI models to connect with external tools and data sources. It provides three key primitives to structure these interactions.
-
T
Tools
Execute external functions to perform actions, like retrieving live data or modifying a database.
-
R
Resources
Provide structured, passive data like files or logs to give the AI context without triggering actions.
-
P
Prompts
Predefined templates that structure interactions and define the AI’s persona or behavior.
Empowering ACI Operations
See how conversational AI streamlines complex and routine ACI tasks. Click a card to see an example.
Automated Configuration
Generate and validate ACI configurations from natural language.
“Create a new Bridge Domain ‘Web_BD’ in Tenant ‘App_Tenant’.”
✅ AI Response:
Configuration for Tenant, and BD created and applied successfully.
Intelligent Query
Ask questions about your network state and get clear answers.
“List all tenants and their associated bridge domains.”
✅ AI Response:
Found 3 Tenants: common (BDs: …), infra (BDs: …), mgmt (BDs: …).
Proactive Troubleshooting
Diagnose issues and get guided remediation steps.
“Why can’t EPG ‘Web’ talk to EPG ‘DB’?”
✅ AI Response:
Analysis shows no contract is applied between the two EPGs. Would you like me to create one?
Streamline Routine Tasks
Automate repetitive jobs like policy updates or migrations.
“Add a new filter to the ‘web-to-db’ contract to allow port 1433.”
✅ AI Response:
Filter ‘allow-mssql’ has been created and applied to the contract successfully.
Getting Started Guide
Follow these steps to connect your AI assistant to your ACI fabric.
Step 1: ACI Prerequisites
- APIC ip address or URL & PSIRT URL – https://api.cisco.com/security/advisories
- APIC credentials
- PSIRT client id & client secret
- LLM client or an IDE that supports MCP
Step 2: Install the ‘apic-mcp-server’ by cloning from my github repo
Clone and install the `apic-mcp-server` from Github https://github.com/beletea/apic-mcp-server.git and follow the steps in the README.md file.
Step 3: Connect Your AI Client
Configure your preferred AI client (VSCode, Claude Desktop, …) to connect to the running MCP server. This usually involves editing a local JSON configuration file to point to the server command. A detailed, step-by-step guide is included in the README.md file for your reference.
Step 4: Start Chatting!
Once connected, you can begin interacting with your ACI fabric using natural language directly within your IDE or AI client.
Examples:
Security First, Always
MCP is designed with security at its core. Here are the key principles for securing your AI-driven ACI operations.
Authentication
Enforce strong authentication for both users and AI agents using modern standards like OAuth and JWTs.
Authorization (RBAC)
Use strict Role-Based Access Control to ensure every component operates with the principle of least privilege.
Rate Limiting
Protect against DoS attacks and resource exhaustion by limiting request rates per client.
Input Validation
Rigorously validate and sanitize all inputs to prevent injection attacks and ensure compliance.
Secure Credential Storage
Never hardcode API keys. Use environment variables or a secure secrets manager.
Logging & Monitoring
Log all tool invocations and continuously monitor for anomalies to detect potential abuse in real-time.
Excellent tool. Thank you Belete.