Secure App Hosting Template
This feature lets you customize the amount of resources that Unified Threat Defense features use on a router.
Diagram
Classes
edge_feature_templates (sdwan)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| secure_app_hosting_templates | List | [secure_app_hosting_templates] | No |
secure_app_hosting_templates (sdwan.edge_feature_templates)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[^<>!&" ]{1,128}$ | Yes | |
| description | String | Yes | ||
| device_types | List | Choice[C1121X-8PLTEP, C8200-1N-4T, C1121X-8P, C1131X-8PW, C8300-1N1S-4T2X, C8300-2N2S-6T, ISR1100X-6G-XE, C1127-8PMLTEP, ISR-4351, ISR-4431, ISR-4331, ISR-4221X, C1121X-8PLTEPWZ, C8500-20X6C, C1127X-8PMLTEP, C8300-1N1S-6T, ISR-4451-X, IR-8340, C8200L-1N-4T, C1121X-8PLTEPW, C8300-2N2S-4T2X, C1131X-8PLTEPW, C1121X-8PLTEPWB, C1127X-8PLTEP, C1121X-8PLTEPWA, ISR-4461, ISR-4321, ISR-4221, C1111X-8P, C1121X-8PLTEPWE, C1126X-8PLTEP, C8000V, C1161X-8P, C8500L-8S4X, C1161X-8PLTEP, ISR1100X-4G-XE] | No | |
| nat | Boolean | true, false | No | |
| nat_variable | String | Regex: ^[^"~$&+,]255$` | No | |
| download_url_database_on_device | Boolean | true, false | No | |
| download_url_database_on_device_variable | String | Regex: ^[^"~$&+,]255$` | No | |
| resource_profile | Choice | low, medium, high | No | |
| resource_profile_variable | String | Regex: ^[^"~$&+,]255$` | No |
Examples
Example-1: Edge Application Hosting for Retail Branch Optimization
The customer is a nationwide retail chain aiming to enhance operational efficiency at its branch locations by deploying Cisco SD-WAN routers with Secure App Hosting capabilities. Each branch uses the C8300-2N2S-6T platform to host containerized applications directly on the router. These applications include localized inventory management tools, in-store analytics, and point-of-sale integrations that require consistent performance and security at the network edge. To support these workloads, the customer configures the system with a medium resource profile, ensuring optimal CPU and memory allocation without overprovisioning. NAT is enabled to allow outbound connectivity for the hosted applications, such as accessing cloud APIs or uploading analytics data. Additionally, the routers are set to download a URL filtering database to enforce security policies directly at the edge. By parameterizing these configurations (e.g., NAT, resource profile, and URL DB download) with variables, the customer ensures scalable and consistent deployments across all retail branches while maintaining central control through Netascode templates.
sdwan: edge_feature_templates: secure_app_hosting_templates: - name: SAH-TEMPLATE-RETAIL description: "Secure App Hosting for Branch Retail Routers" device_types: - C8300-2N2S-6T nat: true nat_variable: sah_nat_enable download_url_database_on_device: true download_url_database_on_device_variable: sah_url_db_download resource_profile: medium resource_profile_variable: sah_resource_profile