A sophisticated Software Defined Networking (SDN) solution is no longer a “good to have” data center requirement, rather it’s the underpinning for a successful, profitable business. The operational simplicity and automation capabilities it provides are futile if they’re not backed up by consistent high performance. Working with customers we have found that a superior and seamless customer experience demands a highly available data-center with sub-second fail-over convergence times for modern day mission critical applications. Furthermore, the most effective security model is inherently white-list based and ubiquitous.   It binds and protects applications that reside and/or move across multi-cloud domain both vertically as well as horizontally.

ESG conducted a thorough hands-on-testing of Cisco’s ACI – a modern SDN solution with focus on four key SDN pillars:

  1. Performance
  2. Availability
  3. Cross Data Center Security
  4. Operational simplicity

while comparing it with another industry leading Software Only SDN solution.

After carefully examining the results, Cisco’s ACI exhibits clear technical as well as operational advantages over the other software only SDN solution.

One key observation is that Cisco ACI technology is designed around the premise that network endpoints may take a wide variety of forms and the solution must seamlessly work regardless of the virtualization or application packaging technologies employed and not just Virtual Machines from one specific vendor.

In addition, ACI demonstrated better results by virtue of the ACI model being declarative, and based on an integrated overlay. The declarative model combined with the OpFlex protocol is what allowed ACI to render policy whether on a Nexus 9000 switch, an Open vSwitch (OVS), and/or to a GOLF device  (and in the future, even cloud SDNs). Integrated overlay is what allows ACI to use less infrastructure, be faster and have better availability and better visibility as seen from the testing results.

Note: Customer environments are often a mix of multiple hypervisors and the ACI test setup could just as easily have included Hyper-V, KVM and containers to achieve same operational and functional results – even between VMs on different hypervisors. However, to highlight the differences with the other software only SDN solution, which does not support such functionality, those tests were excluded.

Test Results

In light of the comparable software only SDN solution, ESG found ACI to be exceedingly superior SDN solution that satisfactorily meets all of the key criteria a complete SDN solution must posses. In this blog, we will go over the key findings that position Cisco ACI as a superior SDN solution to other comparable solutions in the market. To read the full report, please follow this link.

ACI offers better Performance

The evolution to an SDN-powered DC should not sacrifice performance in any way. ACI consistently provided a better performance in all the three key areas that matter for superior application delivery –latency, network throughput and  application performance . ESG also found ACI performance to be predictable in every single testing performed. In corner cases, ACI throughput was 6X better than the competing solution for bare VM- bare metal communication.



In software only SDN solutions, traffic often has to traverse multiple gateway functions including virtual edge gateways and virtual routers resulting in potential performance bottlenecks. ACI on the other hand has no such limitations. The workloads in ACI can reside anywhere in the fabric and be only ONE L3 hop away at all times resulting in predictable network performance.


ACI offers Highly Available Networks

ACI provides a highly available data center with sub-second fail-over convergence times. By very design, ACI possess 50% fewer failure vectors as compared to the software only SDN solution. These two facts combined together makes ACI an excellent choice for mission critical applications. The comparable software only SDN solution on the other hand is only capable of providing an active-standby availability on certain components, which is highly undesirable for modern day mission critical applications.



Only Cisco ACI supports mission critical applications such as audio,video and many financial applications that require highly available networks with sub-second fail-over convergence times


ACI offers superior Multi-Data Center Security

It is well understood that modern day Data Center breaches can well happen from within the Data Center itself. With its whitelist security model, ACI provides a superior and ubiquitous micro-segmentation solution. The ease of operationalizing security is evident from its multi-data center microsegmentation capabilities by using tags if needed . ESG  noted that the competing solution breaks in such scenarios.

Take a look at this short 8 minute video demonstrating the cross DC microsegmentation capabilities of Cisco ACI. ( Presenter: Domenico Dastoli)

ACI offers better Automation

ESG was particularly impressed by how easy it is to deploy multi-tier applications using out of the box Ansible modules provided for ACI. In fact, ACI was able to provision the entire networking infrastructure for deploying a 3 tier application up to 40 times faster as compared to software only SDN solution.

With features such as configuration roll backs, health monitoring and 3rd party native service integrations, ACI automation is the industry’s most advanced and though out automation solution. In addition, the integrated overlay model to network virtualization allows ACI to deliver automation consuming far fewer resources and much faster than a hypervisor-based SDN solution.

You can find Cisco ACI Ansible modules here:http://docs.ansible.com/ansible/devel/list_of_network_modules.html#aci

The future of Software Defined Data Centers

The advantages and the results highlighted above are only few of the many  advantages Cisco ACI has to offer over comparable software only SDN solutions.

The future of  modern data centers will continue to evolve around  around business agility and adaptability. Addressing multi-cloud domains securely and seamlessly will be a significant piece of this movement. Having a solid SDN strategy in place (read as – single integrated solution driven by a single SDN controller ) for maintaining business continuity profitably will be absolutely critical for successful business outcomes.

So the next time you consider a software only SDN solution for your business, we encourage you to THINK TWICE!


Question:How many End Points can a Large ACI Fabric (with 5 APIC controllers and 200 leaf switches) support?

Answer: 180,000 !

To learn more on Verified Scalability numbers ( NOT just theoretical numbers), click here



Neeraj Dhulekar

Product Marketing Manager

Enterprise Solutions - Data Center Marketing