Cisco ACI Reviews

I use Cisco for security and collaborating. I use this solution with WebEx, WebEx Teams, and WebEx Board.

It's a hybrid solution.

I like using WebEx Board.

I would like this solution to be integrated with Pure Storage.

I've been using this solution for 22 years.

It's stable.

It's scalable.

I've contacted technical support.

The cost is fine.

I would rate this solution 9 out of 10.

I would recommend this solution.

The primary use case is for the data center. 

We're just starting to deploy it. We literally just bought it and we're getting ready to start. 

The fact that it's modern and that it's easy to configure are the two most valuable features. 

In terms of improvement, I would like to see some sort of way to baseline the system in a network-centric fashion. The way ACI works is that it is very application-centric but I think that a lot of people who I have spoken to that use it don't need all that application-centric focus. Cisco says you can do a network-centric approach but I want to do network-centric in my design and then have the system organize and set itself that way. That would be cool. I would like to see that. If you as the customer want a network-centric design, after you build that initial configuration and you go into the GUI for the first time and you decide which direction you want it to go in and you point it in a certain direction, then it builds out the infrastructure to accommodate that, that would be beautiful.

They are selling the system as application-centric. I think a lot of people, ourselves included, are not ready to approach it in that way. It's too many knobs to turn. It's great overall architecture, scalability-wise, has an easy configuration, central configuration, but there are too many knobs to turn.

The early versions of the code were buggy but now, they've gotten better. The code a year ago wasn't so great. Now, it's much cleaner and more stable. 

Scalability is definitely something that we are looking at and that's one of the attractive features of ACI for us. It's one configuration interface and if you want to add more interface you just buy more gear and plug it in. It's almost a plug and play solution. We just don't know how our business is going to grow and change over time. We can buy and implement something today and they can come and say that they are doing an acquisition or some sort of growth or new business venture and we need more capacity in the data center. With ACI, if you need more capacity you can just buy more and plug them in without needing to do anything else. All of the sudden that infrastructure is there for me to use, configure, and add stuff to.

We use professional services for the design configuration. 

Our investment reason was purely due to the depreciation of the existing infrastructure. We needed to get rid of the old infrastructure and we had to make a choice. We needed to decide if we were going to use 9000 or if we were going to switch to ACI. We ended up deciding to go both ways. We're going to do some stuff with the traditional 9000 and we're going to do other stuff inside ACI and so it's going to be a hybrid.

The initial setup is pretty straightforward. Because it's a plug-and-play type of solution; you can take it out of the box, you can start just connecting wires, and then have it go from the infrastructure. Once the system is there then it becomes complicated. ACI is not simple by any stretch of the imagination, but the initial go-at-it is pretty straightforward, which is nice.

We used an integrator for the deployment. 

We're a Cisco shop so we weren't going to another avenue. We already have our partner for purchasing, all these relationships were established so it wasn't really much to choose in that regard. It was more of a design decision, 9000 or ACI. Originally, we said all ACI but then as we started really getting into the design and having deep conversations with our Cisco account team and the Advanced Services Team, they told us it makes sense to do some 9000 and leave some things as ACI. This is the route we're taking. 

I would rate this solution a seven out of ten. I would really love that network-centric philosophy of configuration to be a little bit easier to do and the learning curve is steep. Being somebody who has been working with traditional Cisco IOS this is not bad at all. This is a complete rewrite of everything that you ever thought of from the networking standpoint.

The advice I would give to someone considering this solution is that you have to look at your data center. You have to look at your infrastructure. Not only that but you also have to look at the operational and support teams that are going to support this thing because if you have people that are familiar with the traditional way of the doing Cisco and have never touched ACI, then you're going to have a huge learning curve for your operational team to ramp them up and get them educated. That's definitely a factor. 

I am an engineer who deploys ACI. Most of the deployments cover L2 Out and L3 Out and migrations.

Some of our cloud-based customers integrate it with UCS Director or CloudCenter and are able to automate services. ACI supports automation, like Ansible automation or HTTP automation. It adds stability for cloud-deployment use cases. Cloud-based businesses don't need to create policies. They can do so with an automation orchestration tool like UCS Director or CloudCenter. A few customers are using it this way.

Some other customers are refreshing their data centers with SDN. They have a traditional data center but they want to restructure it. Cisco customers are now going for the Cisco SDN.

The most valuable features include

• microsegmentation
• L3 Out features
• the common tenant and tenancy model.

Regarding microsegmentation, generally, in Layer 2, there are restrictions between VLANs. When you do microsegmentation, by name, by IP address, or MAC address, you can create a microsegmented EPG and you can group within an EPG. Generally, all the endpoints that are part of an EPG can talk to each other. But when you create a microsegmented EPG you are creating restrictions.

Regarding the tenancy model, when you have a host data center and multiple customers and you want to build a dedicated infrastructure for a customer, you have to physically suppress the devices and you have to think a lot about security features. But with ACI, you don't need to buy a dedicated setup for each customer. Using one setup, you can create multiple tenants, and each tenant represents one customer. There are common services that are used by all the customers, like a DNS server or any web servers. You can keep the servers on the common tenant. In that way you can use the tenancy model efficiently.

They are still working on Multi-Site and Multipod but there are many customers that are looking for these in their Features page. 

We are having challenges with these features. For Multipod we need Layer 3 devices that support multicast. Customers ask: "Why can't ACI do that? Why do we need a dedicated Layer 3 device for this?" If they go for Multi-Site there is no need for that, ACI can do it. So Cisco needs to increase the Multipod features in ACI.

For one customer we found CloudCenter doesn't support Cisco Multi-Site scenarios.

I feel the stability is very good. We have had some issues but the support we get from Cisco is always good.

In terms of scalability, you can go with the two-spine and get very good bandwidth, but if you need more than this you can increase the spine count. If you need more devices you can increase the leaf count. Scalability is there.

I have been a bit disappointed with technical support from Cisco. They will often take some time to respond. But once they start they are okay. I feel they need to improve their service.

The initial setup is very straightforward. If you have some basic knowledge you will be able to deploy ACI. Some of the guys feel that it is a little complicated but if they understood tenancy more and the object structure, they would be easily able to deploy ACI.

We can deploy everything in less than two days. The difficulty is that we are working in data centers so we need to look for downtime for the customers. If they are using automation we can deploy everything in a single day. If we are doing manual, it can take three or four days.

But in real scenarios, customers cannot always give us downtime. They tell us to wait for some time and they do migration one by one.

On my team, I am the only one who does deployment. We don't need anybody's help for migration. But we expect a few team members to be involved on the customer's side, people from the server team and the network team, because we need support from them.

Maintenance is very easy. If there are two spines and you are doing an upgrade, you can shut down one spine and do the maintenance. Once that is done you bring up the one you shut down and do the second spine, and similarly for all leaves and all APICs. There is no impact to the server base and zero downtime.

I would rate ACI at ten out of ten. I don't see any bad features in it. I always think about the positive side. I don't see any negativity on the ACI side. There are a lot of features, like automation, that reduce manual efforts that would otherwise be time-consuming.

The primary use case for Cisco ACI is to migrate a legacy data center, including the new infrastructure.

The product has performed well. 

Automation is its most valuable feature.

The challenging thing about Cisco ACI was we had to put a lot of effort into providing the customer the full picture, new standards, and new technology that they had to use. This was more challenging than deploying the product.

There should be more focus on training and support.

I would like to see is more integration with services and service graphs.

The stability has been good.

The project is pretty small, but from what we have seen, it is scalable.

There have been challenges with the technical support. Though, the product is almost three to four-years-old, there are still things that only a few people can solve. So, Cisco should put more effort into training their people.

The business switched because the legacy way of operating these type of data centers is no longer optimal.

The initial setup was straightforward. It was easy to set up, because our plans for migration were very detailed. We didn't have any problems with it.

We are the partner and the integrator.

It was Cisco ACI vs VMware NSX.

Eventually, the client chose Cisco ACI because they had more experience with Cisco and they still had a lot of physical infrastructure to handle.

It is one of the better solutions in the market right now.

We implement customized Cisco ACI for our clients as a networking solution for a variety of purposes.

My organization specifically implements Cisco ACI for other companies, so the product is basically our business model.

For clients, a visible GUI dashboard provides a unified view of the network. In order to do that before, clients may have had to implement multiple tools depending on the structure of the network. Now they can implement one tool and have a unified visual picture of the health of the network.

In a very general way, the ease of access, ease of use, and ease of connecting the system is a valuable feature in itself. The solution doesn't really increase detection rates as that is not what it was created for. Threat prevention comes from other devices that might be connected to the Cisco ACI that monitors external traffic. The ACI solution maintains what end-of-life products would be doing and offers other opportunities to unify solutions.

There has not been a single implementation we have done where the client wants to use all the features that are in the product currently. Contemplating new features seems out of order. Every product can benefit from new features as long as they are desired and add functionality that is useful. Most of the features that are there now are good and Cisco is doing a really good job at staying ahead of the curve with their competition. They are implementing new features before companies are even ready to use them or know that there might be a need for them.

Figuring out how to implement the product for clients is the area we struggle with the most every day. Perhaps an enhancement would be artificially intelligent solutions, but that would be further down the road.

The product itself is very stable. As long as it is deployed with care and solid core objects it will remain stable.

The solution is extremely scalable in ways that pure hardware solutions were incapable of.

I think the customer service is really good. I call Cisco any time and I can usually get someone to help me with whatever I need at whatever time I call.

A portion of Cisco's equipment is going end-of-life. Most of the companies that we implement for are using Cisco Nexus 7K, 5K, 2K so they have 752 implementations and some of their 7K's are going end-of-life. The newer equipment that's becoming available is cheaper. Sometimes Cisco will essentially give it away.

Initial setup can be straightforward or complex depending on who you're implementing the solution for and what they want to do with it. If the client's network is extremely complex, they have a lot of different things that can bring information into and out of their network. Implementation can become significantly more complex as there is more to consider. If the client's network is really simple, then the deployment is straightforward.

We do sometimes experience some issues with integration and in trying to satisfy some of the things that the client wants to do. There are some hidden issues that don't surface until you implement the solution in the network. Some of the issues are client-facing where the client causes the issues. In other words, the issues are not necessarily a problem with the system.

You still have to spend time to try to go through everything and make it work optimally. When you are implementing new features, there's almost always a learning curve if the features are not performing with objects that have already been built.

We are the integrator and reseller, so the implementation is always excellent and the expertise is superior.

I think it has a fairly good time to value. While it takes time to implement, once it's implemented the ability to make changes and adopt new functionality to the system becomes very easy. That saves more money over time because changes are implemented using fewer internal resources.

I've seen some ROI for clients. Clients don't normally share that information with me, but I see how clients have benefited from implemented ACI and how the speed of implementing changes on their network improves over time. The ability to quickly make changes in the network is the biggest benefit that I've seen.

We don't license the products ourselves. The clients that we implement for also license it with Cisco.

As it stands right now, the licensing structure hasn't been fully fleshed out for ACI. So, if Cisco hasn't fully fleshed it out, I'm not sure what the cost is going to be yet.

I would rate the solution as a nine out of ten. It is a great product, but there are issues with it. It's not perfect and it would have to be to get a ten. The issues that are there are easily mitigated but that also requires effort.

The analytics are pretty good. The built-in dashboard essentially provides analytics out of the box. There are other plug-ins that you can use to make the solution work better for you as a company. You have the option of developing other tools and utilities to use with it because it's an API.

When you are first building the system, it takes longer because you have to build all the objects that you expect to reuse. But because you're building reusable objects it makes adding other functionality easier because of the simple fact that you've already built those reusable objects. When you're doing new things it gets easier.

I think one thing that most people do is avoid reading manuals for anything. Read, read, read and consider doing research. Not all the information you find will be good, but you will discover things you don't know.

We used it as a data center switch. The company - our client - that uses it uses Cisco HyperFlex and FlexPod both connected to Cisco ACI.

It has made it simpler and easier for non-Cisco personnel to come in and configure stuff because it is easier to understand, compared to when you configure Nexus using the CLI. Configuring the ACI using the graphical interface is easier. That's one advantage. New administrators can easily jump in and manage the system.

It saves time.

It adds a layer of complication but one area where it has an advantage, a benefit, is that you're able to reuse a specific integration. If you add another server, you can use a specific integration and assign it to another port.

You can back up the configuration, restore a configuration. It's easier compared to the traditional way of keeping a text file of the configuration. With ACI the management itself has been improved since you can manage it using the graphical user interface. 

There a lot of integrations that can be done. VMware can be integrated with ACI, that's another advantage, although we did not use it as much because the client also has its own virtualization software.

One of the things that makes it a lot more complicated is the way contracts are handled in ACI. Contracts are like their own access lists. They can improve the setting up of contracts between devices a lot. It can be simplified. Because ACI re-invented something that's been working for so long - you can now have overlapping subnet - it gets really confusing when they say that you can use the same subnet for different VLANs.

They should make a standard list of best practices and that makes it easy for the people who are going to use it. That part alone, when they tried to remove subnet and VLANs, that's an integral part of networking which people have been used to for so long. They tried to remove it. I don't know why, but when they did that, it muddled up the concepts of networking, and people need time to adjust. That's why they have to put out a best-practice's guide, to make it easier for traditional-method people to adapt to ACI. 

Another area for improvement is establishing a Layer 3 Out policy. Accessing the internet is a bit complicated where, before, using Cisco devices, it was just one line of code. With ACI, it took us a few days, almost a week, to just figure it out using the GUI.

Stability-wise, we really have not had any issues with it. It's pretty stable. That's a good thing.

It's scalable because of the spine-and-leaf infrastructure. You can add spine and leaf. I haven't scaled it that much. We've only used three or four leaves into the ACI infrastructure. But I believe the scalability is good.

Cisco's technical support seems pretty good. No complaints about the response time. When we were into the implementation phase, we had two cases and they were able to respond quickly and to resolve the cases quickly.

The setup was relatively complex. It was really not straightforward at all.

The strategy was to just browse through Cisco's web site to get the setup guide. We used the initial configuration guide and we browsed through a lot of videos from people who had done it before us.

The deployment took a few days more a month. The biggest complication was establishing the routing system, how to do routing.

There were three of us from our company involved in the deployment, but the project also involved Cisco Hyperflex and Cisco FlexPod.

I'm not really so sure of how fast our client has seen return on investment. But maybe in the past three years they have seen it.

I cannot comment on how much ROI they've had. But they've established some BPO centers, call centers, using the infrastructure. I don't know how much success they've had.

If you can afford it, it's a very good solution. It's a high-end solution to put a data center on. Also, you need the right people to use it. It would be better if you had some programmers who know Python and not only people who are network engineers. If you can afford it, it is going to be the next thing, in a few years' time. It's a good solution if you have the right people and budget.

We have an ongoing interaction with the client for whom we implemented ACI. We implemented it two years ago and since then we have been constantly supporting the client with their ACI infrastructure. The people who use it are the ones accessing their data center. There are around 200 to 300 people, across the entire organization.

Two people maintain it.

In the past few years there hasn't been much increase in usage. The client has not told us of any plans for expanding their ACI infrastructure.

I would rate ACI at seven out of ten. It adds a layer of complexity that you can really do without. I can't give it a ten when the traditional way of doing things still gets the job done, especially for people with experience with Cisco. It's much easier to configure stuff the traditional way using the CLI. For me, there's really not much of an advantage. The advantage is for people who are new to Cisco and the CLI environment. Then, going into ACI and having to configure it using the GUI is better. For me, it doesn't really give me that much of a benefit.

We deploy Cisco ACI within our customer's data centers, providing them with the capability to configure the software-defined network as per their defined requirements. This solution empowers customers to centrally monitor and control the network without the need for individual edge management. Moreover, it offers scalability, allowing for easy expansion in the future.

The flexibility of adding new components with minimal impact on existing services running in the data center is a key benefit of this ACI-based solution. Customers appreciate the unified control and management provided by ACI, allowing them to oversee the entire data center centrally. This solution facilitates seamless communication between various services and ensures future scalability with minimal configurations and operational effort. The cost savings for customers are notable, particularly in instances where adding ports or making operational adjustments is a straightforward process, requiring minimal resources. ACI stands out as a state-of-the-art, high-performance, and highly scalable solution.

Its scalability and reliability capabilities should be enhanced.

We have been working with it for approximately eight years.

Occasionally, we encounter the need to reset certain programs due to bugs within one of the implemented data features. This requires performing upgrades approximately every six months to address and resolve these issues. I would rate its stability capability eight out of ten.

While I acknowledge that the solution is scalable, there are occasional bugs and the need for upgrades or adjustments approximately every five years. We operate on multiple levels, with small, medium, and high scalability organizations. Typically, we opt for the highest scalable level during our implementations. I would rate its scalability at seven out of ten.

I would rate its customer service and support nine out of ten.

Positive

Overall, I would rate it eight out of ten.

Our primary use case for Cisco ACI in our company is to have a central point to manage our network and to do API automation. Those are the two main focuses to automate.

Currently, we're still doing a POC on Cisco ACI. We haven't made the transition. It's a huge jump from what we currently have in our network to the ACI. We're still evaluating it. 

We've already purchased the gear, but we still need more training. We already purchased all the hardware for the production environment. 

We want to keep on training before we make the migration phase.

The most valuable feature of the solution is having a central point to log in. I have a simple dashboard that has all my devices connected. That is what I'm looking for.

For stability, it seems fine. I have no complaints about that.

It's easy to keep adding. You have a set where you just add another leaf to your ACI fabric. 

I can scale quite easily. Just add another leaf to my ACI fabric. It seems straightforward.

I've not used the technical support. I've been working with our Cisco reps and a few professional service providers. They are amazing, number one. 

Their main office is walking distance from my company's office. I can just walk over and complain. It's good having face-to-face relationships.

We are a Cisco shop. Right now, SDN is a buzzword. The next evolution for our company is to have an SDN network. Since we're a Cisco shop, it's ACI.

We've been a Cisco shop since day one.

The initial setup is not straightforward at all. Cisco just released a document that tells you how to set it up, but before that, it was overwhelming. 

To set up, Cisco ACI takes months. There are so many features and you're too scared. They did release a pdf that shows you a step through, i.e. how to set up your ACI fabric. Before that, there's just bare-bones information for something so expensive. It was kind of funny. They just released it.

My complaint about this is: We purchased the ACI gear, but to do monitoring, to do stats, to do telemetry statistics, etc. we have to purchase another product from Cisco. 

I would ask from Cisco when we purchase the hardware if some of these features could be built in the purchase. Now I'm dissatisfied that I have to purchase this to do basic monitoring. It should all be built in.

We did not evaluate other options because we'd have to reevaluate what we currently use for Cisco. None of our staff is trained for anything but Cisco. Cisco was the only product we looked at.

On a scale of one to ten, I would rate Cisco ACI with a nine. Some of the features should be built in. If you think you know ACI, you don't. Get more training.