Try our new research platform with insights from 80,000+ expert users
Network Engineer at a computer software company with 51-200 employees
Real User
Offers a simple dashboard that can connect all of my devices
Pros and Cons
    • "My complaint about this is: We purchased the ACI gear, but to do monitoring, to do stats, to do telemetry statistics, etc. we have to purchase another product from Cisco."

    What is our primary use case?

    Our primary use case for Cisco ACI in our company is to have a central point to manage our network and to do API automation. Those are the two main focuses to automate.

    How has it helped my organization?

    Currently, we're still doing a POC on Cisco ACI. We haven't made the transition. It's a huge jump from what we currently have in our network to the ACI. We're still evaluating it. 

    We've already purchased the gear, but we still need more training. We already purchased all the hardware for the production environment. 

    We want to keep on training before we make the migration phase.

    What is most valuable?

    The most valuable feature of the solution is having a central point to log in. I have a simple dashboard that has all my devices connected. That is what I'm looking for.

    What do I think about the stability of the solution?

    For stability, it seems fine. I have no complaints about that.

    Buyer's Guide
    Cisco ACI
    November 2024
    Learn what your peers think about Cisco ACI. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
    816,406 professionals have used our research since 2012.

    What do I think about the scalability of the solution?

    It's easy to keep adding. You have a set where you just add another leaf to your ACI fabric. 

    I can scale quite easily. Just add another leaf to my ACI fabric. It seems straightforward.

    How are customer service and support?

    I've not used the technical support. I've been working with our Cisco reps and a few professional service providers. They are amazing, number one. 

    Their main office is walking distance from my company's office. I can just walk over and complain. It's good having face-to-face relationships.

    Which solution did I use previously and why did I switch?

    We are a Cisco shop. Right now, SDN is a buzzword. The next evolution for our company is to have an SDN network. Since we're a Cisco shop, it's ACI.

    We've been a Cisco shop since day one.

    How was the initial setup?

    The initial setup is not straightforward at all. Cisco just released a document that tells you how to set it up, but before that, it was overwhelming. 

    To set up, Cisco ACI takes months. There are so many features and you're too scared. They did release a pdf that shows you a step through, i.e. how to set up your ACI fabric. Before that, there's just bare-bones information for something so expensive. It was kind of funny. They just released it.

    My complaint about this is: We purchased the ACI gear, but to do monitoring, to do stats, to do telemetry statistics, etc. we have to purchase another product from Cisco. 

    I would ask from Cisco when we purchase the hardware if some of these features could be built in the purchase. Now I'm dissatisfied that I have to purchase this to do basic monitoring. It should all be built in.

    Which other solutions did I evaluate?

    We did not evaluate other options because we'd have to reevaluate what we currently use for Cisco. None of our staff is trained for anything but Cisco. Cisco was the only product we looked at.

    What other advice do I have?

    On a scale of one to ten, I would rate Cisco ACI with a nine. Some of the features should be built in. If you think you know ACI, you don't. Get more training.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Senior Network Engineer
    Real User
    We have saved time on the provisioning and configuration
    Pros and Cons
    • "The scalability has been great. It is very easy to scale."
    • "It would be better to introduce some wizards to guide you through the whole configuration process instead of clicking through a bunch of menus with no concrete path. It is too easy to forget one or another if you configure it this way."

    What is our primary use case?

    The primary use case is for our data centers. It has performed quite well so far. We interconnected it with our legacy infrastructure. We are now considering moving everything into the new environment, and hoping for the best.

    How has it helped my organization?

    It improved the speed of the daily business. With the preconfigured workflows, daily business task are now done more quickly than in the past. 

    What is most valuable?

    Automation is its most valuable feature.

    What needs improvement?

    I am still not quite happy with the APIC GUI, since I am more of a CLI guy. I don't really use the GUI a lot. It would be better to introduce some wizards to guide you through the whole configuration process instead of clicking through a bunch of menus with no concrete path. It is too easy to forget one or another if you configure it this way. A wizard would be a great help.

    We are still struggling with some design issues, but most of these issues will be fixed in the next release.

    For how long have I used the solution?

    Still implementing.

    What do I think about the stability of the solution?

    The stability has been good so far. We still haven't brought our entire workload into ACI. We just have particular systems running on it, but they are perfectly stable. However, there is still the question mark of what will happen when we bring all our data into the new environment, and If it can carry it.

    What do I think about the scalability of the solution?

    The scalability has been great. It is very easy to scale. We are quite a big customer, so we had some scalability issues with the older, multi-part environment versions of Cisco products.

    How are customer service and technical support?

    The technical support is good. Though, I am not that experience with them, as I try to resolve issues on my own.

    Which solution did I use previously and why did I switch?

    We switched to this solution to be able to automize. We were starting to migrate our old legacy network from user campuses, backbones, and data centers into SDN technology, and automation was a requirement for the new solution that we chose.

    How was the initial setup?

    The setup was quite straightforward. Building the Fabric with the automatic discovery process doesn't require you to do a lot compared to the old legacy networks.

    What about the implementation team?

    We used Cisco for the deployment.

    What was our ROI?

    We have saved time on the provisioning and configuration.

    Which other solutions did I evaluate?

    Because of timeline issues, we were focused to use Cisco products and did not consider any other vendors.

    What other advice do I have?

    If you are still using the finger-defined networking approach, I would recommend trying this solution.

    We are happy that spanning tree feature was not included in the new design.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Cisco ACI
    November 2024
    Learn what your peers think about Cisco ACI. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
    816,406 professionals have used our research since 2012.
    NetworkAc25c - PeerSpot reviewer
    Network Architect at a comms service provider with 10,001+ employees
    Real User
    We have seen time improvement using the product
    Pros and Cons
    • "We can implement customer requirements more quickly."
    • "In the new version of 4.0, the management groups for updating the software is not the best way to do it. It was better in 3.2."

    What is our primary use case?

    We want to automate some of the operational tasks of our team. We have many configurations and switches. In the future, we want to deploy a solution where we can configure all our switches in one place. This is why we are looking to use Cisco ACI in the future.

    How has it helped my organization?

    • A lot of our tasks in cloud projects are now done faster than before. 
    • We can implement customer requirements more quickly. 
    • Our quality has improved because we have faster visibility into when faults occurs in the network.

    What is most valuable?

    The valuable feature is its configuration policy. We can configure it because the policy is used for all the switches. We do not have to implement all the configuration on every switch. 

    Also, it fully integrates with most of our other tools, like Infoblox or vCenter, as its very powerful.

    What needs improvement?

    In the new version of 4.0, the management groups for updating the software is not the best way to do it. It was better in 3.2. There was a better overview of all the management groups with integrated switches. 

    What do I think about the stability of the solution?

    It is stable. The updates for Cisco ACI have been consistent with no failures.

    What do I think about the scalability of the solution?

    Scalability is another point for our cloud project. We use Cisco ACI, because when we expand the network another 10 to 20 switches more, the switches are easier to implement now. We  connect the new switches to the spine infrastructure, then they are the switches are ready to configure.

    How are customer service and technical support?

    Cisco technical support has been great over the last five to six years that I have worked with them. We have two open cases with them now. All issues are solved in a timely fashion. 

    Which solution did I use previously and why did I switch?

    We were previously using the Nexus 7000. We upgraded from the Catalyst environment to the Nexus environment. Now, we want to use ACI for automation and integration of third-party hardware.

    We switched to Cisco ACI because of it improvements to our operations and integrations with third-parties.

    How was the initial setup?

    At the beginning, the initial setup was complex because it was another way of networking. After the first installation, the second and third installation with ACI Fabric was a bit easier to configure.

    To install the complete ACI Fabric with all 10 to 12 switches, it takes one to two days, then it's finished. Once you configure the application, it runs. 

    What about the implementation team?

    We deployed it in-house.

    What was our ROI?

    We have seen time improvement using the product.

    Which other solutions did I evaluate?

    We did not consider any other vendors. Because in the network environment, we can only buy Cisco or Juniper. However, Juniper does not have a solution for us.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PauloDiniz - PeerSpot reviewer
    Sales Leader - Data Center at YSSY & Co
    Real User
    Useful for security and collaboration
    Pros and Cons
    • "I like using WebEx Board."
    • "I would like this solution to be integrated with Pure Storage."

    What is our primary use case?

    I use Cisco for security and collaborating. I use this solution with WebEx, WebEx Teams, and WebEx Board.

    It's a hybrid solution.

    What is most valuable?

    I like using WebEx Board.

    What needs improvement?

    I would like this solution to be integrated with Pure Storage.

    For how long have I used the solution?

    I've been using this solution for 22 years.

    What do I think about the stability of the solution?

    It's stable.

    What do I think about the scalability of the solution?

    It's scalable.

    How are customer service and support?

    I've contacted technical support.

    What's my experience with pricing, setup cost, and licensing?

    The cost is fine.

    What other advice do I have?

    I would rate this solution 9 out of 10.

    I would recommend this solution.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    SeniorNe9978 - PeerSpot reviewer
    Senior Network Engineer at a pharma/biotech company with 1,001-5,000 employees
    Real User
    Modern and easy to configure but it needs a type of way to baseline the system in a network-centric fashion
    Pros and Cons
    • "With ACI, if you need more capacity you can just buy more and plug them in without needing to do anything else. All of the sudden that infrastructure is there for me to use, configure, and add stuff to."
    • "In terms of improvement, I would like to see some sort of way to baseline the system in a network-centric fashion."

    What is our primary use case?

    The primary use case is for the data center. 

    How has it helped my organization?

    We're just starting to deploy it. We literally just bought it and we're getting ready to start. 

    What is most valuable?

    The fact that it's modern and that it's easy to configure are the two most valuable features. 

    What needs improvement?

    In terms of improvement, I would like to see some sort of way to baseline the system in a network-centric fashion. The way ACI works is that it is very application-centric but I think that a lot of people who I have spoken to that use it don't need all that application-centric focus. Cisco says you can do a network-centric approach but I want to do network-centric in my design and then have the system organize and set itself that way. That would be cool. I would like to see that. If you as the customer want a network-centric design, after you build that initial configuration and you go into the GUI for the first time and you decide which direction you want it to go in and you point it in a certain direction, then it builds out the infrastructure to accommodate that, that would be beautiful.

    They are selling the system as application-centric. I think a lot of people, ourselves included, are not ready to approach it in that way. It's too many knobs to turn. It's great overall architecture, scalability-wise, has an easy configuration, central configuration, but there are too many knobs to turn.

    What do I think about the stability of the solution?

    The early versions of the code were buggy but now, they've gotten better. The code a year ago wasn't so great. Now, it's much cleaner and more stable. 

    What do I think about the scalability of the solution?

    Scalability is definitely something that we are looking at and that's one of the attractive features of ACI for us. It's one configuration interface and if you want to add more interface you just buy more gear and plug it in. It's almost a plug and play solution. We just don't know how our business is going to grow and change over time. We can buy and implement something today and they can come and say that they are doing an acquisition or some sort of growth or new business venture and we need more capacity in the data center. With ACI, if you need more capacity you can just buy more and plug them in without needing to do anything else. All of the sudden that infrastructure is there for me to use, configure, and add stuff to.

    How are customer service and technical support?

    We use professional services for the design configuration. 

    Which solution did I use previously and why did I switch?

    Our investment reason was purely due to the depreciation of the existing infrastructure. We needed to get rid of the old infrastructure and we had to make a choice. We needed to decide if we were going to use 9000 or if we were going to switch to ACI. We ended up deciding to go both ways. We're going to do some stuff with the traditional 9000 and we're going to do other stuff inside ACI and so it's going to be a hybrid.

    How was the initial setup?

    The initial setup is pretty straightforward. Because it's a plug-and-play type of solution; you can take it out of the box, you can start just connecting wires, and then have it go from the infrastructure. Once the system is there then it becomes complicated. ACI is not simple by any stretch of the imagination, but the initial go-at-it is pretty straightforward, which is nice.

    What about the implementation team?

    We used an integrator for the deployment. 

    Which other solutions did I evaluate?

    We're a Cisco shop so we weren't going to another avenue. We already have our partner for purchasing, all these relationships were established so it wasn't really much to choose in that regard. It was more of a design decision, 9000 or ACI. Originally, we said all ACI but then as we started really getting into the design and having deep conversations with our Cisco account team and the Advanced Services Team, they told us it makes sense to do some 9000 and leave some things as ACI. This is the route we're taking. 

    What other advice do I have?

    I would rate this solution a seven out of ten. I would really love that network-centric philosophy of configuration to be a little bit easier to do and the learning curve is steep. Being somebody who has been working with traditional Cisco IOS this is not bad at all. This is a complete rewrite of everything that you ever thought of from the networking standpoint.

    The advice I would give to someone considering this solution is that you have to look at your data center. You have to look at your infrastructure. Not only that but you also have to look at the operational and support teams that are going to support this thing because if you have people that are familiar with the traditional way of the doing Cisco and have never touched ACI, then you're going to have a huge learning curve for your operational team to ramp them up and get them educated. That's definitely a factor. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PeerSpot user
    IT Solution Architect at a media company with 1,001-5,000 employees
    MSP
    Provides integration with VMM domains and their L4 and L7 devices, like device packages for F5, Palo Alto, and ASA
    Pros and Cons
    • "We are doing automation from ACI and we have integration with Azure. With the Azure stack integration we can have total automation. We can configure the EPGs from there, and we can configure load balancing functionalities from there as well. The most useful feature is that you don't need to configure anything on ACI itself. You can configure on Azure and it will provision your application."
    • "Where there is room for improvement from ACI is for Layer 2 and Layer 7 packages. Normally, when you're updating your ACI fabric or you're introducing new Layer 4 to Layer 7 devices, there are some constraints, there are some limitations... When you are doing device packages you will not have the functionality of ASM. It's like WAF, web application firewalls. So you need to configure it manually."

    What is our primary use case?

    I'm in ACI operations and the current use for Cisco ACI is to host the entire server farm and all the applications which are hosted in our data center, here in Qatar, and also in different locations.

    How has it helped my organization?

    Normally, when you're configuring your core switches and your normal switching fabric, like Nexus or any of the HP platforms, you configure VLANs. If you're dividing a switch, you configure a virtual device contact. Instead of this, you have different tenants for your different environments, different segments. And you have automation on top of it if you are running virtualization domains. It removes the traditional networking configuration and gives you complete control over your switching fabric from one controller.

    Also, it has APIs. You can use REST APIs and you can have configuration already built in for your XML code or GSM files. You can push it using different tools like Postman. You can have different types of Python scripts and you can have these types of automation if you want to play with the API. It will provide faster provisioning of network and faster provisioning of your applications. 

    If you go for full automation, you can build your own tools. I have my own tools that I built in Python. If I want to configure EPG or interface, I configure some parameters on my script, it will push to ACI, and it will configure it.

    In terms of time saved, any new provisioning of services or new applications will take less than one minute on. I gave one IP to my system team to configure the IP on the application and tag the EPG on the application data. It was just a matter of tagging.

    What is most valuable?

    Among the valuable features are the integration with VMM domains and their Layer 4 and Layer 7 devices, like device packages for F5, Palo Alto, and ASA.

    We are also doing automation from ACI and we have integration with Azure. With the Azure stack integration we can have total automation. We can configure the EPGs from there, and we can configure load balancing functionalities from there as well. The most useful feature is that you don't need to configure anything on ACI itself. You can configure on Azure and it will provision your application. This is the highest level of automation in Microsoft.

    In the second level of integration, you create the EPGs and the gateways on ACI yourself. Then, it will be configured on a SCVMM and you tag the VLANs there. It removes the hassle of configuring code groups and VLAN tags on the VMM, the virtualization domain, on the virtualization platform. You configure within ACI, and it will be visible there. It removes the networking administrative part from the system side, and you have complete control there.

    You can also have microsegmentation. You can have isolation for a certain part of the EPGs.

    In addition, you have a complete fabric you can connect to and you can have a static binding all over the fabric. You don't need to configure specific VLANs or run different cables. All of switches are connected to the spine, so you have complete reachability all over the fabric. You can have multi-tenancy. You can have multiple fabric configurations for different types of connectivity. You would not have this on normal switching fabric.

    What needs improvement?

    Where there is room for improvement from ACI is for Layer 2 and Layer 7 packages. Normally, when you're updating your ACI fabric or you're introducing new Layer 4 to Layer 7 devices and there are some constraints, there are some limitations. You need to check before you do it, as well as F5 load balances. When you are doing device packages you will not have the functionality of ASM. It's like WAF, web application firewalls. So you need to configure it manually. There is some room for improvement here.

    The rest of it, for VMM domains, is improving. Cisco is introducing new features. I don't feel that it's unstable or it needs more improvement. But, for Layer 2 and Layer 7 packages, it still needs improvement. It needs quite a bit of work. 

    Currently, we are using it in our test lab for Layer 4 and Layer 7 services. We are not using it in production. We are using unmanaged Layer 4 and Layer 7 devices. We are not using complete device packages.

    I'm looking forward to something called Cisco Tetration. I have never worked on it but it's there now. It will map everything: What type of ports are communicated through between users and applications and between applications. It will map that on ACI automatically, at the ACI contracts level and the application level. It's like a big-data platform. It will understand the application. It will understand the port requirements, the security requirements, and it will perform some types of automation. Right now, ACI is lacking this. There's some intelligence within it but not much.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    It's a very stable product in terms of switching fabric. It's quite reliable. It doesn't fail that much compared to other switching platforms. There are some things you need to be cautious of, like when you are configuring contracts. When you are configuring L4 and L7, you need to be aware of what type of configuration you're doing. Sometimes when you are configuring something which is third-party, not Cisco, you need to be aware of what the end result will be. So you need to do it in a test environment first, and then do it in production.

    What do I think about the scalability of the solution?

    In terms of scalability there is just one limitation. When you want the security rules and features to be applied on the application NIC level - on the virtual NIC level, on the network interface level, on the application itself, on the virtualization domain - you cannot do that. The application needs to reach via API so you can apply the security policy. Then the security policies will be applied and then it can talk to other applications. This is one thing that is missing on ACI. But you cannot say that it's actually missing because that's the overlay approach of SDN; it's not underlay like NSX.

    How are customer service and technical support?

    Technical support is quite mature. It's not bad as before. I'm the one person who has been working with ACI for a long time. Most engineers only have experience two or three years of experience with ACI. I have experience with ACI when it started from version 1.1. I have used more or less all the OS's. In the beginning, support was quite bad, but now it has improved notably. They have good engineers for the VMM. They have separate departments for separate things.

    Response time is good, but it depends. If you are getting a call from the European or the American site the support is better. But if you get a call from the Indian site or from another site, it's not that mature yet.

    Which solution did I use previously and why did I switch?

    Currently, we don't have any other SDN solutions, but I have experience with SDN in NSX. I have certification in VCIX, VCIX-NSX, and NV - network virtualization - from VMware.

    The biggest difference is that NSX is running on compute. It's running on the hypervisor level. But ACI is running as an overlay, on a switching overlay fabric. This is the major difference. In NSX you can put policies closer to the application on the NIC level, but on ACI you have a constraint that you need to reach the fabric to have security policies apply.

    How was the initial setup?

    The last setup I did was a freelance project in Dubai for Emaar. I also did one of the biggest projects here in Qatar for our company. I did one extension project at Qatar University. I have also done some document evaluation and design evaluation for a project that didn't start because of some budget constraints. It's still not completed. They are still evaluating, but I did the design evaluation from the vendor side.

    In general, the setup is a little bit complex, but it will remove future complexity. In the beginning, for newcomers, for new engineers, it's a little complex. Even for me, when I was learning it, was a little bit harder for me because it doesn't have conventional switching. It's running multiple types of OS's inside the fabric, so that can cause a little bit of confusion. But, after some time, you will feel like it's more logical.

    The deployment time depends on how many leaves there are and how many fabric spine switches there are and on how many applications there are. If it's migration, it takes more time. If it's a greenfield project, it will not take that much time.

    I did one deployment that was a complete greenfield project. There was nothing there. There was no migration. They are building a new data center and it was a small setup. It had six switches and two small, baby spine switches. That took less than one month.

    Regarding implementation strategy there are two types of approaches. There is network-centric and there's object-oriented-centric. If it's network-centric, each VLAN has its own bridge domain. But if you have a complete application-centric approach, you have one BD for everything and you can configure multiple gateways there. You will specify contracts.

    The number of staff required for a deployment depends on the fabric, the leaves and spines. Deployment generally takes two or three guys. For the configuration, I'm the only one. I can do it, no problem. But for physical stacking and connectivity, it takes a number of people. For configuration, one person is more than enough.

    We have plans to increase usage. We are extending our fabric all the time because we started with 14 leaves and we now have around 24 leaves. We're also planning to implement it in our DR5. All over the Middle East, there is huge demand for ACI because Cisco is pushing this platform for core data centers.

    What was our ROI?

    It decreases network provisioning time and application provisioning time. It also takes fewer resources to manage it. You don't need a number of consultants to manage the ACI fabric because it's a centralized system. You will have one APIC controller which can manage more than 200 leaf switches. It depends on the APIC sizing. You can have multiple switches connected to it and you can manage it.

    What's my experience with pricing, setup cost, and licensing?

    If you compare the licensing and total cost of ACI, it's cheaper than NSX because of the licensing fees. If you are going for full NSX features it will be too expensive, especially the next-generation firewalling feature.

    What other advice do I have?

    If somebody is planning to implement ACI, it's mostly because they want their network to be centralized and they want their network to be more organized. They want more efficient provisioning of networking and applications. By implementing ACI they will need fewer resources and will have reduced operations costs. They will have more flexibility over the network. They can have multiple types of automation on their fabric, instead of using normal switching fabric.

    In terms of maintaining it, the operation is something else. It depends on the number of applications and their business criticality. You need to check if it's a 24-hour approach where you need two or three guys to have a rotation for shifts. Currently, we don't have shifts, and I'm the only one who is managing the ACI, but we have an on-call rotation. Sometimes I'm getting called, sometimes my colleagues are getting called and they are relaying the information to me. But as I built the fabric here, I set it up so that I don't need to come in urgently. Everything is redundant, everything is connected on a dual-switch basis. If one switch fails or there's a configuration issue, there will not be downtime.

    We have about 3,000 end users. It's our core. All the applications are hosted there.

    I would rate the solution at nine out of ten. I have very good experience with ACI. My major platform and my focus is on security and data centers. I'm pretty good with data center technology as it is one of my major points of focus. I have experience with different products, mostly Cisco security products, but I have had a good experience with ACI.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Technology Support Specialist at Fujitsu
    MSP
    Enables backing up and restoring of configurations, but Layer 3 Out policy is complex
    Pros and Cons
    • "One area where it has an advantage... is that you're able to reuse a specific integration. If you add another server, you can use a specific integration and assign it to another port."
    • "One of the things that makes it a lot more complicated is the way contracts are handled in ACI. Contracts are like their own access lists. They can improve the setting up of contracts between devices a lot. It can be simplified."

    What is our primary use case?

    We used it as a data center switch. The company - our client - that uses it uses Cisco HyperFlex and FlexPod both connected to Cisco ACI.

    How has it helped my organization?

    It has made it simpler and easier for non-Cisco personnel to come in and configure stuff because it is easier to understand, compared to when you configure Nexus using the CLI. Configuring the ACI using the graphical interface is easier. That's one advantage. New administrators can easily jump in and manage the system.

    It saves time.

    What is most valuable?

    It adds a layer of complication but one area where it has an advantage, a benefit, is that you're able to reuse a specific integration. If you add another server, you can use a specific integration and assign it to another port.

    You can back up the configuration, restore a configuration. It's easier compared to the traditional way of keeping a text file of the configuration. With ACI the management itself has been improved since you can manage it using the graphical user interface. 

    There a lot of integrations that can be done. VMware can be integrated with ACI, that's another advantage, although we did not use it as much because the client also has its own virtualization software.

    What needs improvement?

    One of the things that makes it a lot more complicated is the way contracts are handled in ACI. Contracts are like their own access lists. They can improve the setting up of contracts between devices a lot. It can be simplified. Because ACI re-invented something that's been working for so long - you can now have overlapping subnet - it gets really confusing when they say that you can use the same subnet for different VLANs.

    They should make a standard list of best practices and that makes it easy for the people who are going to use it. That part alone, when they tried to remove subnet and VLANs, that's an integral part of networking which people have been used to for so long. They tried to remove it. I don't know why, but when they did that, it muddled up the concepts of networking, and people need time to adjust. That's why they have to put out a best-practice's guide, to make it easier for traditional-method people to adapt to ACI. 

    Another area for improvement is establishing a Layer 3 Out policy. Accessing the internet is a bit complicated where, before, using Cisco devices, it was just one line of code. With ACI, it took us a few days, almost a week, to just figure it out using the GUI.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    Stability-wise, we really have not had any issues with it. It's pretty stable. That's a good thing.

    What do I think about the scalability of the solution?

    It's scalable because of the spine-and-leaf infrastructure. You can add spine and leaf. I haven't scaled it that much. We've only used three or four leaves into the ACI infrastructure. But I believe the scalability is good.

    How are customer service and technical support?

    Cisco's technical support seems pretty good. No complaints about the response time. When we were into the implementation phase, we had two cases and they were able to respond quickly and to resolve the cases quickly.

    How was the initial setup?

    The setup was relatively complex. It was really not straightforward at all.

    The strategy was to just browse through Cisco's web site to get the setup guide. We used the initial configuration guide and we browsed through a lot of videos from people who had done it before us.

    The deployment took a few days more a month. The biggest complication was establishing the routing system, how to do routing.

    There were three of us from our company involved in the deployment, but the project also involved Cisco Hyperflex and Cisco FlexPod.

    What was our ROI?

    I'm not really so sure of how fast our client has seen return on investment. But maybe in the past three years they have seen it.

    I cannot comment on how much ROI they've had. But they've established some BPO centers, call centers, using the infrastructure. I don't know how much success they've had.

    What other advice do I have?

    If you can afford it, it's a very good solution. It's a high-end solution to put a data center on. Also, you need the right people to use it. It would be better if you had some programmers who know Python and not only people who are network engineers. If you can afford it, it is going to be the next thing, in a few years' time. It's a good solution if you have the right people and budget.

    We have an ongoing interaction with the client for whom we implemented ACI. We implemented it two years ago and since then we have been constantly supporting the client with their ACI infrastructure. The people who use it are the ones accessing their data center. There are around 200 to 300 people, across the entire organization.

    Two people maintain it.

    In the past few years there hasn't been much increase in usage. The client has not told us of any plans for expanding their ACI infrastructure.

    I would rate ACI at seven out of ten. It adds a layer of complexity that you can really do without. I can't give it a ten when the traditional way of doing things still gets the job done, especially for people with experience with Cisco. It's much easier to configure stuff the traditional way using the CLI. For me, there's really not much of an advantage. The advantage is for people who are new to Cisco and the CLI environment. Then, going into ACI and having to configure it using the GUI is better. For me, it doesn't really give me that much of a benefit.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PeerSpot user
    NetworkE88af - PeerSpot reviewer
    Network Engineer at a energy/utilities company with 10,001+ employees
    Real User
    The scalability is very good, but I would still like to see a unified CLI
    Pros and Cons
    • "It has made it much easier to deploy and make changes in the data center versus the previous infrastructure, which was NX-OS based."
    • "We had issues in the first deployment when we tried to finish the migration from traditional networking to Cisco ACI."

    What is our primary use case?

    We use it for our data center.

    How has it helped my organization?

    It has made it much easier to deploy and make changes in the data center versus the previous infrastructure, which was NX-OS based.

    What is most valuable?

    • Software-defined
    • Ease of deployment
    • Ease of change
    • Ease of segmentation
    • Scalability

    What needs improvement?

    I know Cisco is trying to move away from CLI, but I would still like to see improvements to the CLI. Troubleshooting is quite difficult using other tools, and there are still quite a lot of people with the network engineer mindset who rely on CLIs. Therefore, it would be nice to have a unified CLI. They made big improvements on this last time, but it could use additional improvements.

    Here are some of the issues that we encountered:

    • We had lift switches which failed to forward traffic correctly.
    • We had issues in the first deployment when we tried to finish the migration from traditional networking to Cisco ACI.
    • We had issues with the propagation of the routes internally. Therefore, we had destinations which were reachable, but other destinations were unreachable in the same subnet.

    It took quite a lot of tries to finish the migration, because our issues were always the same. These issues were related to silent hosts.

    What do I think about the stability of the solution?

    The stability has been decent so far. We have ran into some issues: 50 percent hardware and 50 percent software, but we solved them quite quickly.

    What do I think about the scalability of the solution?

    The scalability is very good. This is one of the best features, because you can add it at any time, then scale as needed.

    How are customer service and technical support?

    I would rate the technical support as an eight out of ten.

    Which solution did I use previously and why did I switch?

    We were at the end of the lifecycle for the previous solution, which was Cisco Nexus based. We knew that we would stay with Cisco, so the proposal came up to choose between traditional and NX-OS and ACI. Therefore, we chose Nexus 9000, which allowed us to do both. Then, it came down to a decision on which solution to go with, and we thought SDN is the future. Thus, we chose SDN (ACI mode).

    How was the initial setup?

    The setup was very straightforward. It was easy to deploy. The first configuration had issues, then adding the lift switches was easy.

    What about the implementation team?

    When we deployed, we were partnered with defense services. We had engineers on site for the couple of tries that we did for the migration. They helped us and managed to solve our issues in the end.

    What other advice do I have?

    Ensure you have the right qualifications to deploy and operate this solution, especially in the programming area.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user