What is Cisco ACI?
Since its development in 2012, Cisco ACI has been the industry’s most secure, open, and comprehensive software-defined networking (SDN) solution. ACI enables automation that accelerates infrastructure deployment and governance, simplifies management to easily move workloads across a multifabric, hybrid cloud or multicloud framework, and proactively secures against risk arising from anywhere. It radically simplifies, optimizes, and expedites the application deployment lifecycle. Cisco ACI enables customers to build a truly agile and resilient data center with policies that can move anywhere through automation.
As application usage gets more pervasive across the enterprise network, IT professionals are looking to build solutions for consistent policy and encryption from the campus to the data center. For example, Cisco ACI integrations with Cisco Software-Defined Access (SD-Access) / Cisco DNA Center and Cisco SD-WAN allow customers to automate and extend policy, security, assurance, and insights across their entire networking ecosystem. With Cisco ACI, customers can manage complexity, maximize business benefits, and deploy workloads in any location, small and large, on premises and remote, in private and public clouds, satellite data centers, and 5G-enabled telecom edges.
Cisco Cloud ACI
Cisco Cloud Application Centric Infrastructure (Cisco Cloud ACI), part of the Cisco ACI platform, is a comprehensive solution for simplified operations, automated network connectivity, consistent policy management, and visibility for multiple on-premises data centers, hybrid cloud or multicloud environments. The solution captures business and user intent and translates them into cloud native policy constructs for applications deployed across various cloud environments. The common policy and operating model drastically reduces the cost and complexity of managing hybrid and multicloud deployments. It provides a single management console to configure, monitor, and operate multiple disjointed environments spread across multiple clouds. Cisco Cloud ACI is available on AWS and Microsoft Azure and Google Cloud (Fall 2021).
Connecting ACI to Cisco’s platform strategy with Nexus Dashboard
Cisco Nexus Dashboard offers a centralized management console that allows network operators to easily access applications needed to perform the lifecycle management of their fabric from- provisioning, troubleshooting, or simply gaining deeper visibility into their network. It’s a single launch point to monitor and scale across different fabric controllers, whether it is Cisco Application Policy Infrastructure Controller (APIC), Cisco Data Center Network Manager (DCNM) or Cisco Cloud APIC. The Cisco Nexus Dashboard Orchestrator, which is hosted on the Cisco Nexus Dashboard, provides policy management, network policy configuration, application segmentation definition and enforcement policies for multisite and multiple cloud deployments. Using the Cisco Nexus Dashboard Orchestrator, customers get a single view into the Cisco APIC and Cisco Cloud APIC policies across on-premises, AWS, Azure and Google Cloud (Fall 2021) environments.
What’s new with Cisco ACI 5.2?
1. APIC Cluster connectivity to Fabric over L3 network
- Supports deployment of APIC cluster in a remote location (Example: DMZ network) and connect to Fabric (Spine and Leaf) over IP network
- Provides Flexibility and Ease of deployment
2. Software Maintenance Upgrade support
- Ability to upgrade APIC or Fabric Switch using a patch
- Provides enhanced flexibility and usability.
3. Support for back-to-back link between Remote leaf pair
- East-West traffic between nodes behind a pair of remote leafs now can leverage the physical links between the remote leaf pairs instead of hair-pining
- Provides ease of deployment for ACI and a lower TCO
4. Endpoint Security Group (ESG) Enhancements
- Support for additional classifiers (MAC and VM-Tag)
- Tag Selector support which enables migration of End Point Group (EPG) to ESG
- Increases ease of use and enhances deployment capabilities.
5. Policy Based Routing (PBR) Enhancements
- Support for PBR on L3out
- Dynamic MAC learning on L3 PBR
- Inter-EPG contract support on L3out with permit, deny and PBR actions
What about Cloud ACI?
ACI 5.2 includes new Cloud ACI capabilities that simplify integration with Azure and AWS.
1. Brownfield VNET import on Azure. Azure Cloud customers can view existing brownfield VNETs from within the Cloud APIC purview and connect their greenfield VNETs to the brownfield VNETs imported into Cloud ACI.
2. AWS Transit Gateway Connect. Auto-configure your AWS Transit Gateway Connect (TGW) via Cloud APIC to support dynamic routing between Cisco Cloud Service Routers and the AWS Transit Gateway
3. Private IP Address for Cloud APIC and CSR on AWS. Deploy the Cloud ACI solution with a private backbone network between on-premises and AWS data centers.
4. VNET Peering across Azure Active Directories. Greater operational flexibility for customers who want to use multiple Azure subscriptions to manage their application segments within Azure cloud.
Learn about Cisco ACI
Learn about Cisco Cloud ACI
Learn about Nexus Dashboard
Learn about Nexus Dashboard Orchestrator