Cisco ACI Reviews

We use the solution’s microsegment for the security of the servers in the same VLAN.

Micro-segmentation is the solution’s most valuable feature.

We faced some issues while configuring the microsegment. 

The solution should provide a visibility tool for troubleshooting.

I have been using the solution for five years.

The solution's stability is okay.

When we contacted support for troubleshooting, the issue was escalated to the next level in four hours. However, the last time we had a problem, the support took a long time to investigate.

The initial setup is complex because it is a software-defined network.

I suggest that Cisco delete and add a new EPG. Overall, I rate the solution an eight out of ten.

We use this solution to achieve a properly defined data center, so we basically use it for SDN. 

The basic functionality that is the most useful is creating a virtual network on a physical device. We use it for Software-Defined Networking where we have a centralized controller, and the rest of the switches are just for packing traffic. When you have a centralized controller, it's easy to manage.

The virtualization part of it is still all hardware-based. You have to buy the switches, and they have to be Cisco switches. You cannot roll the Software-Defined Network and network virtualization over onto any other product. For example, if I have a mix of Juniper and Cisco in my network, they are of the same physical fabric layer, but when I want to virtualize, it's quite difficult. You cannot do it. There are solutions like NSX that can sit pretty on any physical layer, but Cisco SDN will only work with its own devices, so that's a downside. They need to be able to achieve virtualization end-to-end with Cisco ACI.

I have been using this product for over four years.

I rate the solution a nine and a half out of ten for stability. 

You can scale the solution, but you cannot scale to other products. I rate the solution an eight out of ten for scalability. 

For backup you might want two people, but one person can handle all of the maintenance. Everything is managed centrally. This is a backend product, so not everyone knows they are using Cisco ACI. The organization I currently work for has over 10,000 employees, and practically everyone is involved in usage of the solution. 

If you have the right license and premium support, the tech support is a nine out of ten.

On a scale of one to ten, I would rate the initial setup as a nine. It was very easy. There are some external factors you need to connect, like cables. However, with the push of a button, in less than 15 minutes, you can roll out the basic Cisco configuration.

It's a graphic installation. You will see buttons: "Next," "Next," "Next." It's very easy to get up and running, just like setting up a phone. "Do you want to install this?" "Yes." "Do you want to enable this?" "Yes." "Do you want to configure this?" Unlike before where you had to configure Cisco switches one at a time, now you manage and configure it centrally, and you have a template to work with.

Sometimes we handle the deployment ourselves, but for the current deployment we are rolling out, we have a system integrator. We have Cisco itself involved. 

The good thing about Cisco is that you can trade in your old products to replace them with ACI. On a scale of one to ten, where one is inexpensive and ten is expensive, I would rate them a two. 

We considered VMware NSX, but some believe that VMware is vulnerable, so we stuck with Cisco. 

I would 100% recommend Cisco ACI to other users. I would rate this solution as a ten out of ten. 

Our primary use case is project-based. We deploy and configure upgraded ACIs, registered spines and leaves, and deliver projects to our customers. I'm a network consultant and we are gold partners of Cisco. 

The solution is valuable because it configures from a single point, from APs, and also all routers. Commands don't need to be configured on the spine and leaf side. You can control and manage the fabric from a single point. If you have serial numbers for your devices, they can all be registered with scripts. As a network engineer, you can configure and manage the fabric very easily. From the CLI side, it's really easy to configure from the GUI.

I faced issues when upgrading venues and registering devices. For example, in some cases, you have to reinstall the AP from scratch. We tried that and were then unable to register devices. From the network engineering perspective, it's hard to configure from the GUI. We tried to adapt but it was difficult. You have to add AP numbers for validations.

From an operational perspective, I think if you configure the fabric correctly, it's stable.

The solution is scalable; you can have multi-site scenarios. 

I have a good relationship with the technical support team, they are helpful. 

Because I have a system engineering background and I have MCSA and MCSE certification from Microsoft, the setup is very simple. The largest deployment I was involved in had 300 devices. 

This is an expensive solution, but it's high quality. I have experience with Huawei devices and Nokia. Huawei had many issues with bugs and I had hardware issues with Nokia. Cisco is the highest quality. 

I rate this solution eight out of 10. 

Right now, we are using ACI Fabric to replace legacy equipment.

The customer is in a phase where they are building all the Fabric and moving everything. Therefore, it is early to discuss the use case. In the short-term, they plan to use ACI Fabric  to replace everything (their entire infrastructure) that they have at the moment. 

You can do a lot of things with it because it is a very flexible solution.

There is quite a learning curve at the beginning.

I haven't seen any major issues with stability.

The scalability is great. This is the greatest feature of the technology. It is a great improvement in scaling out. It can greatly increase the overall scalability of the Fabric with multi-port and multi side, making it a great product.

There is a dedicated support team inside the Cisco, except (instead of them) we are doing all the day-to-day, standard support activities for our customers.

The ACI setup is in its initial phases is difficult. The learning curve at the beginning is higher than a normal setup. However, there is a point in which you have all your objects setup,  policy, etc., then you can reuse them, which is faster compared with a more traditional software, e.g., Nexus 7000 or Catalyst. Once you overcome the learning curve, you can move on with the rest of it.

Cisco ACI is a good solution, so I would recommend it.

The primary use case for Cisco ACI is for managing our data center and network switches. We will use it for the whole data center environment eventually.

We are still growing it in our main data center. We haven't even expanded it to our recovery data center yet. As far as managing a static environment, so far, it's been great. When it comes to adding in new changes and new things, that's where we're going to have some challenges. Cisco ACI is difficult both technically to build it out and then operationally to manage.

It's improved the static configuration of our data center switching environment. But it's added some challenges to our ability to operationalize it and make it easier for people to manage. 

The good side of it is being able to control your network switching and routing in the data center from a single control point.

I don't have any new features that I need in Cisco ACI yet because we're still learning and making it work in our environment today. I don't have anything new. 

The one big challenge with it is Cisco going from a perpetual license model to a licensing model that is renewed every year. You pay a large fee to use stuff like this. That to me is one of our challenges.

Making training more available for all of our employees and not even at a cost would help. If you want this to be deployed to all the data centers everywhere it's got to be something that everyone can sit down and get training on. 

If you're going to try and operationalize it amongst existing staff members and even up-coming ones, it's not a simple thing to sit down and learn. 

I've been doing this for thirty-five years now. It's one of the most difficult things I've had to sit down and learn myself.

With the stability so far we've had very few issues with Cisco ACI. A couple of routing problems that were glitches within ACI. Other than that, the environment is stable and we like it.

Scalability is great in a Cisco ACI environment. But when you're migrating from an old data center into ACI, there are some challenges. 

In all the people that manage it, most are just trying to throw entire networks with multiple environments on them into ACI. It's good but it also has a lot of challenges for us.

Technical support is good but limited because Cisco ACI is so new. There's a lack of expertise on the support side. You need to get the right engineer on the call when you're having a problem.

The initial setup of the Cisco ACI is straightforward but also complex. Once you have designed how you're going to deploy it, i.e. your naming conventions and how you're going to configure things, it is standardized. 

That part of it is standard and easy to deploy. It's coming to that point where you've got the complexity of your naming conventions and all those things stood up properly that is hard.

It's only this engineer that we hired with a great mind who could make it work for us.

We relied on an engineer who we hired on a contract side but was well versed in a lot of things. He had not done an ACI in deployment. Between him and our dedicated Cisco support engineers, we were able to stand it up without too many issues.

The number one reason we chose it was that eventually, we will doing some sort of SD (Software Defined) access. When a user gets on the network and they connect, they'll have a persona. We'll know who they are. We'll know what to allow them into. A lot of that'll be controlled through ACI on the data center side.

We didn't have SD access. We're still going in that direction. It's going to be a while.

On a scale of one to ten, I would rate this product in the five to six range. It is a good product. It will be solid as it matures. It's technically challenging for anyone.

One guy has stood up most of our environment. We are trying to use him to train all the rest of our staff. But it's a slow process. 

Understanding how to get in under the hood and make ACI work is not a simple task unless you're in and out of it regularly. Even the gentleman who installed it and works on it most of the time has to go back and play with it on his own before he makes changes. 

Just to remember how things are done is difficult because it's got a lot of uniqueness to it in the way things are deployed.

Anyone using Cisco ACI should know what their direction is. How much money do they have to spend? Then I could sit down with them and tell them whether ACI would the best solution or not for what they are doing. 

I don't think ACI is for everyone. It's for larger data centers that are going down this path of SD access. I am sure there are competitors out there now. We're just not looking into them because we already have ACI deployed. That where we're at now.

Our use case is to change our network architecture and install new free data centres for our company.

It has been able to  transverse all the processes between two companies merging into one: Air France and KLM.

I have found the SDN features to be the most valuable.

The product needs to be more visible on the Internet and have the ability to be integrated into more software developments. For example, with Amazon, you can click and deploy SDN with firmware, but not with SDI. It needs simpler process to be deployed everywhere. 

The Multi-site is not easy to use. While Cisco has plans to change this going forward, for now, it is complex.

It is very stable.

It is really scalable. It is the most scalable product that I have tried.

We have been one year on the project and it is very scalable. We have tested it in our data centres, and it's easy to add more automation processes.

I would rate the technical support as an eight out of ten, because it can be very difficult to find the right person to provide us answers. Our project needs a lot of knowledge with very complex solutions.

It has a very complex setup, because it is a complex solution. However, we have a great level of knowledge.

We used Cisco directly and an integrator. We had very good experiences with both of them.

We evaluated Cisco ACI vs VMware.

Now, I don't want to switch to another solution. I want to use this one, because it is the only solution that we tried for our use cases to unclog holes, resources, and work loads.

It is a very good solution to improve architecture. Read the literature.

Primarily, what we like is the ability to do micro-segmentation. We have many different application endpoints, and one of the key use cases for us was to be able to classify the application endpoints into arbitrary buckets of different silos. We need to be able to ensure that different endpoints will go into, let's say, a production silo, versus a development silo, versus a test silo. That was one of the use cases.

The function above and beyond that is that you get things like automation as part of the SDN framework. Therefore, you get the data center overlay that is built automatically and provisioned automatically from the automation capability that's built-in.

The solution has all of the baseline functionalities for any sort of SDN capability. 

The stability is quite good.

The initial setup is straightforward.

One of the areas that need work is feature flexibility. If you want to do things like routing policies it's not cookie-cutter, however, you want to customize routing policies. It becomes a little bit more constrained due to the feature set, the routing policy feature set within ACI, doesn't allow for you to get very customized when it comes to, let's say, failover type scenarios. However, that's just an artifact of the product maturity. It's going to take some time before the product becomes mature and they have the ability to have more customized features enabled. At version 4.0, these features were not yet available. We ended up having to basically export the routing functionality, the more advanced routing functions, outside of ACI and just put it into the routing infrastructure around it.

The initial setup is not intuitive.

Technical support needs to be more helpful. It's rare that you get a knowledgeable person.

It would be nice for them to provide visibility at a cheaper price point. Visibility is something that everybody wants to achieve with their workload. One of the benefits of SDN is supposedly the ability to collect all that telemetry and correlate it to something that is actionable and meaningful. That's a key requirement, however, the bar is so high in terms of costs. In our environment, we opted out of it as it's so expensive, however, it would be nice, as, if you don't have visibility, then how do you properly segment your workload? The minute you start segmenting, you kind of cut off workload communication. If your goal is micro-segmentation and putting your workload into arbitrary silos, and if you don't have the visibility, then it will be very difficult to achieve. Therefore, if you don't have visibility and you want micro-segmentation and you don't want to pay, then ACI is not your solution.

I've been using the solution for two years at this point.

The solution is stable. We don't have issues with it crashing or freezing.

While supposedly it's scalable, the program is not. I don't have any data point that I can provide for scalability within ACI, as our environment is fairly small.

Technical support is hit or miss. Sometimes you can open a ticket and you will not have to escalate it three or four different times before you get somebody that is competent. I would say that's 85% of the time, however, the other 15% of the time you get lucky and you get somebody that knows what they're talking about.

I have some experience with VMware. I'd describe it as more intuitive and easier to configure, however, it's a different solution as it's software-based as opposed to ACI which is hardware-based. 

The solution's initial setup is straightforward. It is not difficult. One other area that I would say is a negative is the way that they have their setup. It's not intuitive. It's very complicated and if you want to provision an interface or something like that and get that interface, it requires a bunch of steps that are very counter-intuitive. It's not user-friendly.

The pricing could be a bit cheaper.

If I compare ACI to a VMware NSX-T type solution, I don't know if there's a differentiator there compared to NSX. I will say that NSX has much higher numbers of differentiation, as they have visibility into the workload at the hypervisor. Having used ACI, we were looking at solution sets that will give us specific capabilities beyond that. The value of NSX is it will give you the visibility component.

The version that I was working on is a 40 version, however, the company is at a 50 version at this point.

If you are looking for a solution that will give you the ability to have really good visibility into your workload, how your workload performs and functions, ACI doesn't give you that level of granularity as compared to, for instance, a solution like VMware NSX. For them to provide visibility, you're going to have to spend a lot of money on Tetration, which is another solution that they try to force on you. If visibility is one of your key requirements, then you might want to rethink your data center SDN solution for ACI.

I'd rate the solution at a six out of ten.

The primary use case for Cisco ACI is to migrate a legacy data center, including the new infrastructure.

The product has performed well. 

Automation is its most valuable feature.

The challenging thing about Cisco ACI was we had to put a lot of effort into providing the customer the full picture, new standards, and new technology that they had to use. This was more challenging than deploying the product.

There should be more focus on training and support.

I would like to see is more integration with services and service graphs.

The stability has been good.

The project is pretty small, but from what we have seen, it is scalable.

There have been challenges with the technical support. Though, the product is almost three to four-years-old, there are still things that only a few people can solve. So, Cisco should put more effort into training their people.

The business switched because the legacy way of operating these type of data centers is no longer optimal.

The initial setup was straightforward. It was easy to set up, because our plans for migration were very detailed. We didn't have any problems with it.

We are the partner and the integrator.

It was Cisco ACI vs VMware NSX.

Eventually, the client chose Cisco ACI because they had more experience with Cisco and they still had a lot of physical infrastructure to handle.

It is one of the better solutions in the market right now.