Cisco ACI Reviews

Over the past six years, I've gained extensive experience with Cisco ACI, working on diverse solutions. This includes multi-site projects, like one involving a private bank with interconnected data centers utilizing Dark Fiber and Cisco ACI for seamless operations. I've also successfully integrated Cisco ACI with Kubernetes and Red Hat OpenShift to support container-based applications. I've played a dual role as an instructor, teaching Cisco ACI topics, and actively participating in various ACI-related projects. These projects have covered single-site, multi-site, and multi-tenant infrastructures, involving aspects like design, implementation, troubleshooting, and training, giving me a comprehensive understanding of the ACI ecosystem.

Our clients find several features of Cisco ACI particularly valuable, like the ability to create Service Graphs and employ Policy-Based Routing in an Application-Centric manner. One significant attraction for clients in Iran is the robustness of multicast solutions, which has been a major driver for them to migrate to Cisco ACI. It's worth noting that in Iran, the predominant IT infrastructure is on-premises, with limited usage of AWS or hybrid solutions.

While it is quite functional, I found it to be somewhat slow, and there was a notable issue related to the removal of the help section. In previous ACI versions, every configuration section had an accompanying help section that provided valuable information. This feature was removed in the latest version, and the reasoning behind this change is unclear. I believe there's room for improvement in terms of ACI's integration with various technologies. For instance, when it comes to integrating with Kubernetes, the compatibility is somewhat lagging.

I have approximately five to six years of experience working with Cisco ACI.

It exhibits remarkable stability, particularly from ACI version five onwards. For instance, the stock exchange infrastructure I've worked with has been operating flawlessly on ACI for almost two years now, with no significant issues. I would rate it ten out of ten.

I rate the scalability of ACI as nine out of ten, leaving room for potential improvements or aspects that I haven't explored fully.

I have never sought support from Cisco, mainly because of the nature of the operations and issues I've encountered. With the exception of hardware problems, which are usually beyond our control, I've handled all other situations and software failures directly.

Generally, I find the initial setup and configuration of Cisco ACI to be one of the simplest processes in the context of this technology, except in rare cases involving unique configurations. I would rate it eight out of ten.

The duration and complexity of the deployment can vary significantly based on the chosen approach, whether it's application-centric or network-centric. In the service recognition phase, especially for application-centric deployments, a deeper understanding of the service infrastructure is required. This involves collaboration with the software team to comprehend the service architecture, which can extend the deployment timeline. This approach differs from a more straightforward network-centric implementation where you might only need to convert legacy VLAN and IP contracts to ACI objects. In my experience, building Cisco ACI from the ground up can take anywhere from four months to nearly a year. For instance, if you aim to migrate swiftly to ACI without relying heavily on advanced features like service graphs and PBR, and simply want to establish ACI as the default gateway for servers, the fabric can be set up in as little as three to four months. Certain operations, such as the physical installation of spine switches, can extend the timeline from three to four months up to nearly a year for a complete project.

It is not very cheap, but it is still a cost-effective solution, especially when considering the broader context of data center expenses, including servers, storage, and firewalls. The pricing, including both hardware and licenses, is reasonable.

Overall, I would rate it ten out of ten.

The solution helps with business continuity.

Centralized management is valuable. PBR has been beneficial for network efficiency. It helps redirect the traffic to a node that is not necessarily a gateway.

The GUI is not easy to use. It must be made simple and convenient to use.

I have been using the solution for ten years.

I have not faced any issues with performance or stability.

The tool is scalable. It can adapt to the growing needs of the business.

We contact the support team when we face any issues.

Positive

The initial setup is straightforward. The deployment is centrally provisioned. The initial setup might take a couple of days. The deployment depends on the scale and customer requirements. We need one engineer for the deployment. The maintenance requires some skill development.

The product is not cheap. It is usually expensive. However, the solution’s local presence and technical support sometimes make customers prefer it.

We see tangible benefits of policy-driven automation in a modern scale environment where frequent changes are required. However, the features and benefits are almost negligible for a relatively smaller and static environment. The vendor's local presence and the support provided are the main reasons customers choose Cisco ACI. I will recommend the product to others. We must ensure that the use case is well-defined to get the benefit and ROI from the product. Overall, I rate the tool an eight out of ten.

The main customers are Tata Consultancy and Data Communication Limited. For them, ACI's fabric capabilities, automation features, and specifically, the L4-L7 features and micro-segmentation are most valuable.

In legacy networks, managing changes requires individual tickets for each device. ACI's single pane of glass management through APIC is a big advantage.

So, single-tenant management is a plus.

Customer support for ACI needs improvement. Many customers prefer HPE because their internal support is different and easier to integrate with existing networks. This lack of awareness of ACI's capabilities makes customers stick to traditional networking.

My customers' internal teams lack ACI expertise, so Cisco should provide training or offer end-to-end use case support.

I have been using this solution for the last seven years. 

I would rate the stability an eight out of ten. 

It's quite scalable. I would rate the scalability a ten out of ten. We have features like fabric provision and tenant isolation, which makes it competitive with other OEMs.

We have enterprises primarily as our customers. 

Support can be inconsistent. Some customers have had issues.

Positive

I would rate my experience with the initial setup a nine out of ten, with ten being easy to set up. 

The initial setup is quite straightforward. Our clients have a private and hybrid cloud.  

Deployment timeframe can vary.  We get a chance to deploy the ACI on a quarterly basis.

The licensing is expensive. Customers find the price expensive.  

Remember, even a single network change with ACI instantly reflects across all devices.

Overall, Cisco ACI is excellent. I'd definitely give it a ten out of ten.

We use Cisco ACI for perimeter security and threat detection. 

The tool's initial deployment is complex and takes five hours to complete. 

I have been working with the solution for six to seven years. 

I rate the product's stability a nine out of ten. 

I rate the tool's scalability a seven out of ten. My company has around 150 users for the solution. 

The deployment took less than one week to complete. 

A partner helped us with Cisco ACI's implementation. 

The tool is easy to handle once deployed. I rate it an eight out of ten. 

We have several customers who are using Cisco ACI. In my opinion, Cisco ACI is the most powerful solution from Cisco. It is a very strong solution and was recently developed by Cisco, especially because of the Cisco ACI fabric. 

Cisco ACI is a declarative model or object-based model that focuses on application-centric policies rather than traditional network validation. It uses spine-leaf topology. It eliminates the need for customers to spend time configuring their network, routing, and switching. Instead, they can simply initialize the fabric and design their application based on their policy. It's a pretty advanced solution and eliminates a lot of headaches.

The most useful feature in the ACI is a feature called Service Graph. Service Graph is a part of the ACI fabric and is used to redirect traffic through various network services, such as firewalls, without the need for complicated network configurations.

You simply create a policy and redirect the traffic to the firewall and then back to the ACI. So the Service Graph feature is the most powerful feature in the ACI and can be used to deploy the firewall as a service template for any type of traffic. You can direct the traffic to go through the firewall and then back to the ACI. I think it's the most important feature of the ACI.

I can recommend that Cisco improve its execution. But keep in mind that ACI is the most convenient solution for Cisco, and it is developing every day, adding new features.

Additionally, keep in mind that you can integrate the manager or CCI and manage your remote cluster and data center from the ACI dashboard, which is another possible feature in ACI.

I have only been using ACI for six months because I was promoted to central consultant last year. After my promotion, I started working on the ACI solution. We are using version 5.2. It's on-premises because our customer is in the banking sector and due to governmental restrictions, we cannot install any solutions over the cloud. All solutions, including SDR, ACI, and SDR, depend on the on-premises setup.

After version 5, it became a very stable product.

Scalability is another powerful feature of Cisco ACI. For example, if you need to add another endpoint, you don't need to redesign your network. You can simply add a switch or a leaf switch and you're good to go. If you need to increase the number of devices or add more bundles, you can add a spine switch or a backbone switch without any redesign because the fabric is initialized from zero. You can add or delete devices without the need for a complete redesign. So it's a very scalable solution, and scalability is the most powerful feature of Cisco ACI.

I did have one case where I needed a replacement for a switch, and they handled it perfectly.

I would tell you the pros and cons of using your legacy network versus ACI. Without ACI, you may encounter scalability issues as adding new devices and switches would require a redesign.

Additionally, there may be challenges with extending the layers between switches in the data center, such as sending traffic and addressing challenges.

Using ACI can provide benefits such as simplifying network management. Without ACI, each device and loop would need to be managed individually, but with ACI, the entire data center can be managed through a single dashboard, including VMware, firewalls, and more. ACI can also improve availability and billing.

ACI uses an object and policy model, which simplifies the configuration of routing and switching and enables application-to-application communication. Using ACI can eliminate legacy network issues and provide significant benefits, regardless of the customer size.

Overall, I would rate Cisco ACI a nine out of ten.

Our primary use case is replacing Nexus 7000 with Cisco NX-OS. We would like to replace this actuator with the newer Cisco ACI platform. We currently use Cisco Nexus 9000.

Cisco ACI improved the stability of our IT system and our data center.

We currently use the smooth upgrade process available in Cisco ACI, and it's really useful. I also like the augmentation of the bandwidth available in the platform with 10 and 40 GB interfaces.

Cisco ACI helps us better secure our infrastructure from end to end because we can use a contract to secure flow between endpoints in the data center.

Because we can use automation processes with this platform, we have been able to free up our IT department's time.

We can deploy applications quickly with automation, and we have been able to save time overall as an organization as well.

Our problems with Cisco ACI are mainly related to the contracts and how to manage them easily in the platform. Cisco also needs to improve the log files and the complexity of the graphical interface.

Cisco ACI is stable, and we haven't had any problems with the stability of the system.

We haven't had any problems with scaling the platform because it's easy to add a leaf or spine.

We have had good experiences with Cisco's technical support. They respond quickly and with accurate responses.

It takes some time to understand the new terms and concepts, but the deployment itself is completely smooth. We didn't have any problems deploying the solution.

We first deployed the solution on our qualification data center so that we could test the solution before we deployed it in the production data center.

We implemented it with the help of an integrator.

The pricing and licensing are both high, particularly if you want a high level of functionality. It would be great if the price and licensing costs could be decreased.

Cisco ACI works well, and it has been a good investment for us. There are a few areas for improvement, so I would give Cisco ACI an overall rating of eight out of ten.

Cisco ACI is used in the data center ecosystem. It's an eco-space solution. It's a DMB solution where you have the big hybrid data center you want to deploy on-premises, so the goal is to integrate all the virtual environments on feature environment servers with the data center.

What's most valuable in Cisco ACI is that it isn't like the legacy infrastructure where you have a lot of complexity in a TTR architecture.

What I like most about Cisco ACI is that you can control those devices from a single console, even if you have three hundred devices. You can manage the entire infrastructure from a single point of contact, so Cisco ACI is a time saver.

Another exclusive feature of Cisco ACI is its API interface that lets you enhance automation within the environment.

You can manage your entire data center from a single interface through Cisco ACI. If you want to upgrade three hundred devices in one click, you can do that, and within one hour, all three hundred devices will be upgraded.

I also like that Cisco keeps enhancing the product by adding different features, so there have been five major releases of Cisco ACI.

Another valuable feature of the solution is that it's more user-friendly than Aruba and Juniper.

An area for improvement in Cisco ACI is security, which Cisco needs to enhance in the solution. Though Cisco ACI uses a whitelist model, you must purchase an external product, such as a security firewall solution, to make whitelisting work, which the customer could find expensive.

For example, you're a customer who has Cisco ACI, and the solution doesn't have IP-based filtering, so as a customer, you've purchased Cisco ACI. However, you still need to buy another product for security, and some customers wouldn't like that. However, some customers prefer to go with Cisco ACI because of its scalability and flexibility versus other solutions such as Juniper and Aruba.

Technical support for Cisco ACI also needs improvement, particularly in product knowledge.

An additional feature I'd like to see in the next release of Cisco ACI is segment routing. For example, if you have an MPLS network, you can't directly integrate it with Cisco ACI at the moment. Suppose you have multiple data centers you want to connect to the MPLS private link through your service provider. In that case, you can't directly integrate that with Cisco ACI without an external device, which doesn't make sense to the customer. Cisco recently introduced the MPLS feature in Cisco ACI, but it's not up to the mark.

We've been involved with Cisco ACI since 2015, and have deployed the solution for more than thirty projects.

Cisco ACI used to be unstable, but after version 4.2, it's been very stable in the production environment.

Scalability-wise, Cisco ACI is a good solution because you can have more than five thousand servers in one ACI fabric. There's a lot of flexibility and scalability in Cisco ACI because you can even seamlessly integrate it with legacy infrastructure despite having a different data center.

Cisco support used to be good, but over time, many newbies were hired to provide technical support for Cisco ACI and other Cisco products, so the quality has decreased. The support provided before 2018 was good, but now, the Cisco technical support team has been struggling to give good support or provide expertise in some areas.

For example, if you raise an issue, you have to ask multiple engineers and make numerous escalations. Cisco ACI is a good product, but the support quality nowadays isn't up to the mark.

Cisco requires the customer to have some experience with the product before deployment, but novice technical support is brought in without sufficient training or without training the newbies for at least six months. The technical support team seems to just select cases and works on those without enough knowledge, so the customer experience is bad.

On a scale of one to five, I'm rating Cisco support a three.

Some customers used Juniper and Aruba but went with Cisco ACI because the other two solutions weren't as user-friendly.

Anyone setting up Cisco ACI for the first time will see that it requires a lot of resources. Still, even if the initial setup is complicated, you can refer to the Cisco website regarding the steps you need to perform to complete the setup. Cisco explained the process well, and you can even take a workshop on it.

From a configuration point of view, I found Cisco ACI complex because it isn't easy to create the policy. Unless you have a good networking background, you won't be able to set up Cisco ACI easily.

For example, if your organization doesn't have experienced engineers, Cisco provides a two-day workshop for your engineers. Cisco also offers many free tools in the market to help you set up your account.

On a scale of one to five, I'm rating the initial setup for Cisco ACI as four.

Pricing for Cisco ACI could be expensive if you're not a gold partner. If you're a gold partner, you'll get reasonable pricing, but to become a gold partner, you must cross several layers. For example, at least twenty engineers within your organization have to be certified, with each certification priced at £2,000 minimum, so this would make some companies think twice about the product. If you're going for Aruba and Juniper products, on the other hand, you can quickly get the partner status, and you can start selling the product.

As a gold partner, you can get up to seventy percent discount on Cisco ACI, for example, while an ordinary partner gets ten percent off.

Cisco ACI is expensive for both customers and partners, but I'm rating pricing for the product as four out of five because even if the price is costly, you get a lot of benefits from the product.

Cisco ACI isn't the best, price-wise, but it's still a good solution. If you're in a small organization, you may be unable to afford it. Cisco ACI is best for enterprises but not SMBs because Cisco ACI and its required resources are expensive.

I've evaluated VMware NSX, but it can't compete with Cisco ACI. Cisco ACI is a hardware-level product that can support terabytes and petabytes of data at the same time, which VMware NSX can't do because it's a virtual environment with limited throughput and scalability.

If you're planning to apply terabytes of traffic in VMware NSX, you'll find it hard, and the solution will eventually choke after some time.

Cisco ACI has the best scalability. Cisco also has categories where particular hardware will be recommended based on your requirement, for example, whether you have petabytes or terabytes of data.

My company is mainly involved with three products, Cisco ACI, Cisco FTD, and Cisco WebDialer.

My company is a reseller/integrator for Cisco ACI.

I'd rate Cisco ACI as nine out of ten.

Our primary use case is project-based. We deploy and configure upgraded ACIs, registered spines and leaves, and deliver projects to our customers. I'm a network consultant and we are gold partners of Cisco. 

The solution is valuable because it configures from a single point, from APs, and also all routers. Commands don't need to be configured on the spine and leaf side. You can control and manage the fabric from a single point. If you have serial numbers for your devices, they can all be registered with scripts. As a network engineer, you can configure and manage the fabric very easily. From the CLI side, it's really easy to configure from the GUI.

I faced issues when upgrading venues and registering devices. For example, in some cases, you have to reinstall the AP from scratch. We tried that and were then unable to register devices. From the network engineering perspective, it's hard to configure from the GUI. We tried to adapt but it was difficult. You have to add AP numbers for validations.

From an operational perspective, I think if you configure the fabric correctly, it's stable.

The solution is scalable; you can have multi-site scenarios. 

I have a good relationship with the technical support team, they are helpful. 

Because I have a system engineering background and I have MCSA and MCSE certification from Microsoft, the setup is very simple. The largest deployment I was involved in had 300 devices. 

This is an expensive solution, but it's high quality. I have experience with Huawei devices and Nokia. Huawei had many issues with bugs and I had hardware issues with Nokia. Cisco is the highest quality. 

I rate this solution eight out of 10.