Avatar

Speed, simplicity and security – these are 3 of the recurring themes that come up in conversations with customers when discussing ACI. Why? Because ACI addresses 3 fundamental problems that seem to be consistent with people running data centers – across vertical markets, geographies and organization sizes:

  • Problem 1: It takes too long to respond to business requirements, so apps don’t get rolled out fast enough.
  • Problem 2: The data center has gotten too complex, resulting in additional cost and time to deploy/operate/troubleshoot.
  • Problem 3: Managing security is too laborious, complicated and error prone, resulting in security holes.

With ACI, customers are seeing dramatic increases in their ability to get apps and associated infrastructure rapidly deployed. This is due in large part to the simplicity that comes from ACI’s policy based automation. Additionally, security is built in to the system, by virtue of ACI’s whitelist policy model, as well as deep integration with ecosystem partners. Read on to see if these claims are just hand waving from the marketing guy, or if there is substance to back this up.

First, I want to point out that an ever growing base of customers are leveraging ACI. In February, we announced that there were over 6,000 Nexus 9000 customers and 1,400 ACI customers, along with 50 ecosystem partners. Many of these customers joined us, not too long ago, at Cisco Live Berlin. Here is a 2 ½ minute summary of what some of them had to say:

ACI addresses Problem 1 with Speed

Sainsbury’s, the second largest supermarket chain in the UK, is a ~150 year old company with a vast array of legacy systems. They wanted to change how they interact with customers, wherever and whenever, and try new things, extending their business model. To do this, IT needed to move at the speed of business. Jon spoke of how, before ACI, speed of deployment had been a real challenge, in that it used to take day’s to get servers rolled out. Now this happens in hours.

Halkbank is a large Turkish bank. Cenk contrasted the speed of doing network upgrades with ACI versus the way things went in the past. He was clearly pleased with his experience of doing an entire data center upgrade in 10 minutes: 6 minutes to upgrade spine switches, 4 minutes for the leafs,  0 minutes downtime.

ACI addresses Problem 2 with Simplicity

Andreas from Dresden University of Technology described how ACI’s policy model simplifies initial deployment and ongoing growth. As his data center grows, he basically just adds switches, plugs them in and they are automatically configured by the fabric.  His overall summary:

  • “It just works.  That’s pretty cool!” 

Halkbank, with 100’s of branches and 1000’s of ATMs, continues to grow year over year, in part through acquisitions. This adds to the complexity of the IT environment, though at the same time, they’re trying to simplify things for customers. The business wants a lot and wants it fast, and ACI helps them simplify.

ACI addresses Problem 3 with Security

NBCUniversal is a huge force in the entertainment industry with a range of businesses including news, theme parks, movies, etc.   Steve spoke of their need for speed, and highlighted the need of delivering this in a highly secure fashion.   He discussed the requirement to provide an environment for their businesses that is isolated, but can share common services in a way that gives them more security.

Others, like Andreas, also highlighted how ACI allows them to scale a multitenant environment with security.

More Details

Speed and Simplicity are addressed in this thorough analysis from InfoWorld.   Comments include:

  • “Assuming the cabling is complete, the entire process of standing up an ACI fabric might take only a few minutes from start to finish.”
  • “Implementing ACI is surprisingly simple, even in the case of large-scale buildouts.”

Regarding Security, the results of this customer survey from ESG reflected the challenges associated with traditional security. Summary comments include:

  • “Implementing network security controls is tedious and time-consuming.”
  • “Network security operational issues leads to human error and configuration problems.”
  • “It’s difficult to make changes to security controls once they are implemented.”

These obviously reflect issues associated with manually managing ACL’s that are 100’s or 1000’s of lines long, not wanting to trim the list for fear of creating some catastrophic leak, etc. ACI is able to effectively address these and many other issues because of the security that is an inherent part of its design. You can read more about topics such as ACI’s secure multitenancy, white list policies, and built in stateless L4 firewalling in this paper on ACI’s overall security architecture. Here is some background on ACI’s microsegmentation capabilities.

Summary

A summary of each of the customer’s who were profiled at Cisco Live Berlin is here. Also, you can check out the entire Cisco Live customer session (note it requires you to register). In any case, if you don’t have time to dig into the details above, the key takeaway here is that ACI delivers Speed, Simplicity and Security for these, and many other customers.



Authors

Craig Huitema

No Longer with Cisco