Cisco ACI Reviews

We have several customers who are using Cisco ACI. In my opinion, Cisco ACI is the most powerful solution from Cisco. It is a very strong solution and was recently developed by Cisco, especially because of the Cisco ACI fabric. 

Cisco ACI is a declarative model or object-based model that focuses on application-centric policies rather than traditional network validation. It uses spine-leaf topology. It eliminates the need for customers to spend time configuring their network, routing, and switching. Instead, they can simply initialize the fabric and design their application based on their policy. It's a pretty advanced solution and eliminates a lot of headaches.

The most useful feature in the ACI is a feature called Service Graph. Service Graph is a part of the ACI fabric and is used to redirect traffic through various network services, such as firewalls, without the need for complicated network configurations.

You simply create a policy and redirect the traffic to the firewall and then back to the ACI. So the Service Graph feature is the most powerful feature in the ACI and can be used to deploy the firewall as a service template for any type of traffic. You can direct the traffic to go through the firewall and then back to the ACI. I think it's the most important feature of the ACI.

I can recommend that Cisco improve its execution. But keep in mind that ACI is the most convenient solution for Cisco, and it is developing every day, adding new features.

Additionally, keep in mind that you can integrate the manager or CCI and manage your remote cluster and data center from the ACI dashboard, which is another possible feature in ACI.

I have only been using ACI for six months because I was promoted to central consultant last year. After my promotion, I started working on the ACI solution. We are using version 5.2. It's on-premises because our customer is in the banking sector and due to governmental restrictions, we cannot install any solutions over the cloud. All solutions, including SDR, ACI, and SDR, depend on the on-premises setup.

After version 5, it became a very stable product.

Scalability is another powerful feature of Cisco ACI. For example, if you need to add another endpoint, you don't need to redesign your network. You can simply add a switch or a leaf switch and you're good to go. If you need to increase the number of devices or add more bundles, you can add a spine switch or a backbone switch without any redesign because the fabric is initialized from zero. You can add or delete devices without the need for a complete redesign. So it's a very scalable solution, and scalability is the most powerful feature of Cisco ACI.

I did have one case where I needed a replacement for a switch, and they handled it perfectly.

I would tell you the pros and cons of using your legacy network versus ACI. Without ACI, you may encounter scalability issues as adding new devices and switches would require a redesign.

Additionally, there may be challenges with extending the layers between switches in the data center, such as sending traffic and addressing challenges.

Using ACI can provide benefits such as simplifying network management. Without ACI, each device and loop would need to be managed individually, but with ACI, the entire data center can be managed through a single dashboard, including VMware, firewalls, and more. ACI can also improve availability and billing.

ACI uses an object and policy model, which simplifies the configuration of routing and switching and enables application-to-application communication. Using ACI can eliminate legacy network issues and provide significant benefits, regardless of the customer size.

Overall, I would rate Cisco ACI a nine out of ten.

The main customers are Tata Consultancy and Data Communication Limited. For them, ACI's fabric capabilities, automation features, and specifically, the L4-L7 features and micro-segmentation are most valuable.

In legacy networks, managing changes requires individual tickets for each device. ACI's single pane of glass management through APIC is a big advantage.

So, single-tenant management is a plus.

Customer support for ACI needs improvement. Many customers prefer HPE because their internal support is different and easier to integrate with existing networks. This lack of awareness of ACI's capabilities makes customers stick to traditional networking.

My customers' internal teams lack ACI expertise, so Cisco should provide training or offer end-to-end use case support.

I have been using this solution for the last seven years. 

I would rate the stability an eight out of ten. 

It's quite scalable. I would rate the scalability a ten out of ten. We have features like fabric provision and tenant isolation, which makes it competitive with other OEMs.

We have enterprises primarily as our customers. 

Support can be inconsistent. Some customers have had issues.

Positive

I would rate my experience with the initial setup a nine out of ten, with ten being easy to set up. 

The initial setup is quite straightforward. Our clients have a private and hybrid cloud.  

Deployment timeframe can vary.  We get a chance to deploy the ACI on a quarterly basis.

The licensing is expensive. Customers find the price expensive.  

Remember, even a single network change with ACI instantly reflects across all devices.

Overall, Cisco ACI is excellent. I'd definitely give it a ten out of ten.

We deploy Cisco ACI within our customer's data centers, providing them with the capability to configure the software-defined network as per their defined requirements. This solution empowers customers to centrally monitor and control the network without the need for individual edge management. Moreover, it offers scalability, allowing for easy expansion in the future.

The flexibility of adding new components with minimal impact on existing services running in the data center is a key benefit of this ACI-based solution. Customers appreciate the unified control and management provided by ACI, allowing them to oversee the entire data center centrally. This solution facilitates seamless communication between various services and ensures future scalability with minimal configurations and operational effort. The cost savings for customers are notable, particularly in instances where adding ports or making operational adjustments is a straightforward process, requiring minimal resources. ACI stands out as a state-of-the-art, high-performance, and highly scalable solution.

Its scalability and reliability capabilities should be enhanced.

We have been working with it for approximately eight years.

Occasionally, we encounter the need to reset certain programs due to bugs within one of the implemented data features. This requires performing upgrades approximately every six months to address and resolve these issues. I would rate its stability capability eight out of ten.

While I acknowledge that the solution is scalable, there are occasional bugs and the need for upgrades or adjustments approximately every five years. We operate on multiple levels, with small, medium, and high scalability organizations. Typically, we opt for the highest scalable level during our implementations. I would rate its scalability at seven out of ten.

I would rate its customer service and support nine out of ten.

Positive

Overall, I would rate it eight out of ten.

Over the past six years, I've gained extensive experience with Cisco ACI, working on diverse solutions. This includes multi-site projects, like one involving a private bank with interconnected data centers utilizing Dark Fiber and Cisco ACI for seamless operations. I've also successfully integrated Cisco ACI with Kubernetes and Red Hat OpenShift to support container-based applications. I've played a dual role as an instructor, teaching Cisco ACI topics, and actively participating in various ACI-related projects. These projects have covered single-site, multi-site, and multi-tenant infrastructures, involving aspects like design, implementation, troubleshooting, and training, giving me a comprehensive understanding of the ACI ecosystem.

Our clients find several features of Cisco ACI particularly valuable, like the ability to create Service Graphs and employ Policy-Based Routing in an Application-Centric manner. One significant attraction for clients in Iran is the robustness of multicast solutions, which has been a major driver for them to migrate to Cisco ACI. It's worth noting that in Iran, the predominant IT infrastructure is on-premises, with limited usage of AWS or hybrid solutions.

While it is quite functional, I found it to be somewhat slow, and there was a notable issue related to the removal of the help section. In previous ACI versions, every configuration section had an accompanying help section that provided valuable information. This feature was removed in the latest version, and the reasoning behind this change is unclear. I believe there's room for improvement in terms of ACI's integration with various technologies. For instance, when it comes to integrating with Kubernetes, the compatibility is somewhat lagging.

I have approximately five to six years of experience working with Cisco ACI.

It exhibits remarkable stability, particularly from ACI version five onwards. For instance, the stock exchange infrastructure I've worked with has been operating flawlessly on ACI for almost two years now, with no significant issues. I would rate it ten out of ten.

I rate the scalability of ACI as nine out of ten, leaving room for potential improvements or aspects that I haven't explored fully.

I have never sought support from Cisco, mainly because of the nature of the operations and issues I've encountered. With the exception of hardware problems, which are usually beyond our control, I've handled all other situations and software failures directly.

Generally, I find the initial setup and configuration of Cisco ACI to be one of the simplest processes in the context of this technology, except in rare cases involving unique configurations. I would rate it eight out of ten.

The duration and complexity of the deployment can vary significantly based on the chosen approach, whether it's application-centric or network-centric. In the service recognition phase, especially for application-centric deployments, a deeper understanding of the service infrastructure is required. This involves collaboration with the software team to comprehend the service architecture, which can extend the deployment timeline. This approach differs from a more straightforward network-centric implementation where you might only need to convert legacy VLAN and IP contracts to ACI objects. In my experience, building Cisco ACI from the ground up can take anywhere from four months to nearly a year. For instance, if you aim to migrate swiftly to ACI without relying heavily on advanced features like service graphs and PBR, and simply want to establish ACI as the default gateway for servers, the fabric can be set up in as little as three to four months. Certain operations, such as the physical installation of spine switches, can extend the timeline from three to four months up to nearly a year for a complete project.

It is not very cheap, but it is still a cost-effective solution, especially when considering the broader context of data center expenses, including servers, storage, and firewalls. The pricing, including both hardware and licenses, is reasonable.

Overall, I would rate it ten out of ten.

Our primary use case is replacing Nexus 7000 with Cisco NX-OS. We would like to replace this actuator with the newer Cisco ACI platform. We currently use Cisco Nexus 9000.

Cisco ACI improved the stability of our IT system and our data center.

We currently use the smooth upgrade process available in Cisco ACI, and it's really useful. I also like the augmentation of the bandwidth available in the platform with 10 and 40 GB interfaces.

Cisco ACI helps us better secure our infrastructure from end to end because we can use a contract to secure flow between endpoints in the data center.

Because we can use automation processes with this platform, we have been able to free up our IT department's time.

We can deploy applications quickly with automation, and we have been able to save time overall as an organization as well.

Our problems with Cisco ACI are mainly related to the contracts and how to manage them easily in the platform. Cisco also needs to improve the log files and the complexity of the graphical interface.

Cisco ACI is stable, and we haven't had any problems with the stability of the system.

We haven't had any problems with scaling the platform because it's easy to add a leaf or spine.

We have had good experiences with Cisco's technical support. They respond quickly and with accurate responses.

It takes some time to understand the new terms and concepts, but the deployment itself is completely smooth. We didn't have any problems deploying the solution.

We first deployed the solution on our qualification data center so that we could test the solution before we deployed it in the production data center.

We implemented it with the help of an integrator.

The pricing and licensing are both high, particularly if you want a high level of functionality. It would be great if the price and licensing costs could be decreased.

Cisco ACI works well, and it has been a good investment for us. There are a few areas for improvement, so I would give Cisco ACI an overall rating of eight out of ten.

My company was one of the first to deploy Cisco ACI in Montreal six years ago. I work in a multinational company with offices worldwide, such as in Bangladesh and Honduras, apart from Montreal.

My company has data centers fully integrated with VMware and then uses Cisco ACI for server segmentation.

My company bought Cisco ACI for data center extension between two geographical spots, and it's working well and stable.

Cisco ACI, networking-wise, is amazing. It's made for networking—all networking features work. The solution is easy to extend with VXLAN, and you can have the same security features between the data centers if you wish. It's straightforward to move the VMware server from Montreal to another place, for example, from Toronto to the West Coast; it's not a problem.

I also like the newer version's central management and troubleshooting configuration, as it's not complicated.

I especially like the host-based routing feature of Cisco ACI because it's straightforward to do it on different data centers.

Another valuable feature of Cisco ACI is that its management controller works very well with no issues.

Cisco ACI, segmentation-wise, could be more flexible, which is an area for improvement. The solution could be improved in terms of macro or micro-segmentation for many access lists and contracts. The process becomes very messy in the end.

Cisco seems to have stopped working on the segmentation feature and just put in all the effort on Cisco Tetration, mainly to install the agent on the server rather than do it on Cisco ACI.

I'm slightly disappointed about Cisco ACI and ISE integration because Cisco stopped working on that, so if you have ISE, you can only integrate it with one cluster of Cisco ACI. On the segmentation side, Cisco ACI has many issues.

I've been using Cisco ACI for six years.

Cisco ACI is one hundred percent stable. My company's data centers never went down in six years of using the solution.

Cisco ACI is a very scalable solution, and you can always add another site to the existing architecture, either over the internet or with dark fiber. It has become an extension of the same data center.

Cisco ACI technical support is excellent. My company implemented the solution six years ago, particularly version three, and now it's on version 6. The older version had many issues, yet the support my company received was excellent.

I'd give the support team a ten out of ten.

Positive

The initial setup for Cisco ACI is very straightforward so I can give it a ten for the setup.

The deployment strategy for Cisco ACI depends on existing architecture. If you do it from scratch, it's much more manageable. Everything is easier to install versus migrating from your existing network, then it will be a little bit complicated.

Migrating is more complicated than deploying Cisco ACI from scratch because you have to do some tracking and move server by server or subnet by subnet from your existing network to your new environment. If the existing network has security rules, it's much more complicated to migrate to your new architecture, which would take time.

Cisco ACI costs depend on how many sites you have. One simple site with a simple installation, including two leaves, two spines, and some fibers, would cost $200,000 to $300,000 for the licenses.

The solution is a bit expensive, but it's a good investment if you want your data centers to work without interruption.

My company uses Cisco Tetration, Cisco Secure, and Cisco ACI for segmentation.

My advice to others looking into implementing Cisco ACI is that it depends on your company. The solution isn't so cheap. It's expensive, but it works, so it's an excellent investment from my point of view.

On the networking side, which is what Cisco ACI does in general, it's a ten out of ten, but on the segmentation part, particularly on security, it's a six out of ten.

My company has a partnership with Cisco but is not a reseller.

I primarily use ACI to design data centers.

ACI's most valuable feature is sizing - you can easily find the sizing of the data, which means the data speed, CPU, and virtualization can be determined.

ACI's blade servers could be more flexible, and its storage interface is a little too complex because they use some third-party storage solution.

I've been using ACI for three years.

ACI's stability is good - I would rate it 3.5 out of five.

ACI's scalability is good - I would rate it 4.5 out of five.

Cisco's technical support is good, but there are sometimes delays in responding.

Positive

The initial setup was complex and took some time (almost six months), particularly to stabilize, as there were some issues during installation. I would rate the ease of the setup process as three out of five.

We used an in-house team assisted by some third-party workers.

The licensing cost for ACI is expensive - I would rate its price 2.5 out of five. It's available on a perpetual license, with a yearly renewal for support.

I also evaluated Nutanix, but we went with Cisco because we wanted to use one vendor from network to server.

I would rate ACI seven out of ten.

Cisco ACI is the next-generation SDN-based solution that Cisco uses for almost every style of data center or server farm. It's similar to what we used when we wanted to build a facility containing our computing storage and everything we already have in our data center. However, this one is different because it uses innovative technology that combines VXLAN, MP-BGP, and SDN.

It has an amazing graphical user interface, and it integrates well with other brands like VMware. You can even integrate ACI with NSX in the latest versions. ACI integrates with NSX in version 5 and above. You can also use it with Kubernetes, OpenShift, and Cloud Foundry. It also has agents for cloud platforms like AWS and Azure.

ACI's most valuable feature is its SDN capabilities. Everything is on your software design controller. Everything is blocked by default until you allow it. 

The integration has room for improvement. There should be a drag-and-drop interface for configuring the integration where you connect some arrows to boxes, and the system takes care of the configuration. 

Right now, they have something similar, but it's limited. You have to take care of some things yourself. That is one area that the solution can work on. It's easy now, but it's much easier in other solutions.

Cisco ACI is highly stable. I've deployed it at six or seven data centers, and we've never had any issues with stability. It's a hundred percent reliable, but you have to consider some things. You can't deploy any version of your box and expect it to be stable because Cisco has some rules. For example, Cisco has a recommended version. It means that other versions may contain bugs.

Starting in 2000, if you open a switch, you will see a small motherboard, and the switch will work forever. There was no configuration. You just ran a few commands, and everything was done. Today, when you open a switch, you see a whole computer. For example, you can deploy the Cisco Catalyst 9000 with Python script. So there have been a lot of improvements and a lot of things.

Also, when they update ACI, you will face some bugs because this isn't a limited motherboard. Now, the motherboard is like a computer. You can expect some bugs, but you won't have that many issues compared to other solutions if you use the recommended version.

The initial setup is effortless. You can deploy ACI even if you have limited routing knowledge because everything is done automatically. The underlay network is IS-IS, while the overlay network is BGP. You don't need to know anything about IS-IS or BGP. 

You need at least two people to deploy ACI. More than two engineers might be required. Your VM engineer should join you if you're working with a virtualized environment,  and your storage network engineer should take part if the project involves storage. In total, it should be maybe two to three people.

I rate Cisco ACI nine out of 10.