Cisco ACI Components, Features & Benefits

Cisco ACI uses a holistic systems-based approach, with tight integration between physical and virtual elements, an open ecosystem model, and innovation-spanning application-specific integrated circuits (ASICs), hardware, and software. This unique approach uses a common policy-based operating model across ACI-ready network, and security elements (computing, storage in future), overcoming IT silos and drastically reducing costs and complexity.

Cisco ACI redefines the power of IT, enabling IT to be more responsive to changing business and application needs, enhancing agility, and adding business value. As an innovative architecture, Cisco ACI radically simplifies, optimizes, and accelerates the entire application deployment lifecycle.

Problems Addressed by Cisco ACI

Cloud, mobility, and big data applications are causing a shift in the data center model. New applications are placing demands on the infrastructure in new ways. Distributed applications (for example, Big Data and Hadoop), database applications (such as those from Oracle and SAP) that run on bare metal, virtualized applications running in multi-hypervisor environments, and cloud-based applications that are available on demand all impose different demands on infrastructure.These demands include:

•Infrastructure must become application aware and more agile to support dynamic application instantiation and removal

•The non-virtual nature of new emerging applications means that the infrastructure must support physical, virtual, and cloud integration with full visibility

•Infrastructure-independent applications treat the data center as a dynamic shared resource pool

•Scale-out models promote more east-west traffic, with a need for greater network performance and scalability

•Multi-cloud models require the infrastructure to be secure and multitenant aware

These changes are increasing operation complexity and limiting business agility and responsiveness. Cisco ACI delivers an agile data center with simplified operations and increased application responsiveness to support a new generation of distributed applications while accommodating existing virtualized and non-virtualized environments.

Cisco ACI Solution

Cisco ACI delivers a transformational operating model for next-generation data center and cloud applications.

In the Cisco ACI framework, applications guide networking behavior, not the other way around. Predefined application requirements and descriptions (policy profiles) automate the provisioning of the network, application services, security policies, tenant subnets, and workload placement. By automating the provisioning of the complete application network, Cisco ACI helps lower IT costs, reduce errors, accelerate deployment, and make the business more agile.

The new Cisco ACI model uses a fabric-based approach that is designed from the foundation to 

support emerging industry demands while maintaining a migration path for architectures already in place. This focus allows both traditional enterprise applications and internally developed applications to run side by side on a network infrastructure designed to support them in a dynamic and scalable way. Network policies and logical topologies, which traditionally have dictated application design, are instead applied based on the application needs. The fabric is designed to support the move to management automation, programmatically defined policy, and dynamic workloads on any device anywhere. Cisco ACI accomplishes this with a combination of hardware and software tightly coupled to provide advantages not possible in other models.

Cisco Application Policy Infrastructure Controller, Application Network Profile and Fabric That Supports Cisco ACI

Main Cisco ACI Components

Cisco Application Policy Infrastructure Controller

The Cisco Application Policy Infrastructure Controller (APIC) is the main architectural component of the Cisco ACI solution. It is the unified point of automation and management for the Cisco ACI fabric, policy enforcement, and health monitoring. The Cisco APIC is a centralized clustered controller that optimizes performance, supports any application anywhere, and unifies operation of physical and virtual environments. The controller manages and operates a scalable multitenant Cisco ACI fabric.

The Cisco APIC is responsible for tasks ranging from fabric activation, maintenance of switch firmware, network policy configuration and instantiation. Cisco APIC is completely removed from the data path. This means that the fabric can still forward traffic even when communication with the APIC is lost. The APIC itself is delivered as an appliance and will typically be run as three or more appliances for performance and availability.

The Cisco APIC is designed from the foundation for programmability and centralized management. The Cisco APIC exposes a northbound API through XML and JSON and provides both a command-line interface (CLI) and GUI that use this API to manage the fabric. The system also provides an open source southbound API that allows third-party network service vendors to implement policy control of supplied devices through the Cisco APIC.

Application Network Profiles

An Application Network Profile within the fabric is a collection of the endpoint groups (a logical grouping of similar endpoints representing an application tier or set of services that require a similar policy), their connections, and the policies that define those connections. Application Network Profile is the logical representation of all components of the application and its interdependencies on the application fabric.

Application Network Profiles are designed to be modeled in a logical way that matches the way that applications are designed and deployed. The configuration and enforcement of policies and connectivity are then handled by the system through the Cisco APIC rather than an administrator.

Cisco ACI Fabric: Cisco Nexus Portfolio

Cisco is expanding the Cisco Nexus switching portfolio with the introduction of the Cisco Nexus 9000 Series Switches for both traditional and Cisco ACI data center deployments. The Cisco Nexus 9000 Series offers modular and fixed 1/10/40 Gigabit Ethernet switch configurations that are designed to operate either in Cisco NX-OS mode for compatibility and consistency with the current Cisco Nexus switches or in Cisco ACI mode to take full advantage of Cisco ACI application policy–based services and infrastructure automation features. This dual-function capability provides customers with investment protection and ease of migration to Cisco ACI through a software upgrade.

Benefits of Cisco ACI

Cisco ACI helps dissolve IT silos for application deployment, security, network services, and network configuration personnel by enabling all of them to collaborate through a common platform. The main benefits include:

²  Application velocity - any application, anywhere

²  Systems architecture that enables a holistic view of applications, with centralized application-level integrated visibility and real-time application health monitoring across physical and virtual environments

²  Common platform for managing physical, virtual, and cloud-based environments

²  Secure multi-tenancy with detailed control for applications and tenants

²  Scalable performance combining software flexibility and hardware performance

²  Superior application performance, improving application flow completion time by up to 80 percent

²  Operation simplicity, with common policy, management, and operation models across application, network, and security resources (and computing and storage resources in the future)

²  Open APIs, open standards, and open source elements enable software flexibility for development and operations (DevOps) teams and ecosystem partner integration

Cisco Services for ACI

“Is my data center ready for transformation?”  

“How do I know my initiative will have the desired impact?”  

“How do I get started?” Cisco Services can help you with the answers. Cisco offers a range of professional services to support your transition to ACI and to secure your infrastructure, including:

Cisco Business Strategy capabilities help you articulate the strategy and develop the business case and an architectural-led master plan for ACI. We assess the specific benefits of ACI for your environment, and identify and prioritize business-impacting scenarios into an overall plan, using tools and frameworks that we have developed and tested internally and with others.

Cisco Readiness Planning capabilities help transform your data center networks to an ACI by identifying risks and opportunities; analyzing operational elements; and recommending detailed migration plans to enable a smooth and successful transition to ACI.

Cisco Data Center Services for Operations Enablement are existing services which can prepare your environment for ACI while addressing all stages of the operations lifecycle.

Cisco Services to Secure the Data Center Infrastructure

Cisco Data Center Security Design Assessment Service helps you understand your security infrastructure design and how it aligns with your security policy. The resulting comprehensive assessment report includes risk analysis and recommendations based on industry best practices.

Cisco Data Center Security ASA Migration Service helps you migrate your third party or Cisco Adaptive Security Appliance (ASA) platform—including configurations and firewall rules—to a virtualized environment.

Cisco Data Center Optimization Service improves, supports, and maintains your overall data center, including security support in data center devices.

Cisco Security Optimization Services address specific security needs, such as an annual data center security posture assessment or data center security design development support. 

More Cisco ACI Topics

Cisco ACI, Whatis It?

Cisco Servicesfor ACI & Nexus 9000 Series