Welcome to Policy Change Automation for Cisco ACI

Policy Change Automation for Cisco ACI (PCA) is a Tufin extension (formerly Tufin Marketplace app) that helps network and security teams manage and automate security policy changes to the Cisco ACI fabric using a SecureChange Workflow. With this extension, you will be able to rapidly provision changes to the relevant EPGs (Application and External) and non-ACI assets – both on-premise and in public cloud environments.

To create the seamless integration between SecureChange and the ACI fabric, PCA uses a SecureChange Access Request Workflow and an Ansible Playbook, providing a standardized process for automating the entire flow from opening the ticket to provisioning the changes. PCA allows you to ensure that access changes to contracts and multi-vendor firewall rules are implemented quickly and accurately throughout the hybrid environment, according to your organization’s security policies.

Since customers use the sophisticated ACI platform differently, PCA automates a variety of different scenarios in a configurable and flexible way, eliminating manual configuration errors and accelerating the deployment process to ACI. SecureChange orchestrates all changes and maintains a history of all activities.