The vision for ACI Anywhere was as simple as it was elegant: Enable customers to build the most agile data center networks without compromising the scale, availability, security, and operational simplicity. Agility is paramount as data centers have become more distributed, applications are more diverse beyond the walls of data centers, and underlying workloads are omnipresent in any location or in any cloud.
Since we articulated the vision a year ago, we have been delivering key components of this vision. Today marks a significant leap for ACI Anywhere: We are delivering Cloud ACI. ACI architecture can now support any cloud, any application, on any platform, anywhere.
The Technical Magic behind ACI Anywhere
There are several key innovations behind ACI Anywhere that are worth highlighting.
ACI extensions to public clouds: Cloud ACI achieves public cloud extension for ACI using ACI Multisite orchestrator and Cloud ACI controller. Cloud ACI Controller translates ACI policies to cloud native constructs to create a simple, consistent policy across multiple on-premises and public cloud instances. ACI Multisite orchestrator (ACI MSO) treats public cloud region as one of the ACI sites and manages it the same way as on-prem site and hence making job of infrastructure team simple. There are 2 distinct benefits of multicloud capabilities for ACI Anywhere
- Fully automated, secure, and redundant network connectivity across multi cloud and multisite
- Consistent Application Segmentation policy across multi cloud and multisite
Once implemented, ACI Anywhere helps with network connectivity, application segmentation and compliance. Cisco plans to introduce similar ACI support and integration with Microsoft Azure in the near future.
Extending Virtual ACI: We are also extending the availability of Virtual ACI (VPoD), which allows customers to extend their on premises ACI networks into remote locations, bare-metal clouds, co-location providers and brownfield environments. This is a software-only version of Cisco ACI that dramatically increases enterprise agility due to reduced network provisioning.
Increased scalability through ACI Multisite Orchestrator: Scalability has been dramatically increased for the ACI Multisite Orchestrator which allows you to push policy to multiple data centers across the globe in one step. Advanced scale and encryption capabilities now allow the Multisite Orchestrator to support up to 12 sites and 1200 leafs and corresponding policy.
ACI Anywhere Customer Benefits
ACI Anywhere enables automation, security, and intent-based networking to optimize data center operations, protect digital businesses, and accelerate our customers’ expansion into the multicloud. Customers benefits include the ability to:
- Consistently extend management simplicity to all locations from a single point, reducing operational expense and addressing the skills gap to operate cloud. ACI Anywhere also enables users to extend consistent policies for any workload within any location, on-premises or cloud.
- Maximize operational flexibility as customers adopt multicloud infrastructures and to enable them to work within familiar interfaces. For example, ACI Anywhere offers integration with the AWS API natively to retain the functionality they may already be familiar with. Another example is the ACI Integration with OpenShift Containers nested in OpenStack, which gives our customers the flexibility to manage workloads in OpenStack and Kubernetes environments, including the ability to deploy, automate and scale applications. Customers gain a way to enforce consistent policies for any application across any combination of container, virtual machine and physical network they spin up. This simplifies management across the entire network and allows for group-based policies to be enabled and enforced.
- Combine analytics, automation, and policy-driven security to provide customers with the best aspects of data centers and cloud. This makes end-to-end securitypossible as workloads including containersare distributed between on-premises data centers and cloud infrastructure. This also improves IT’s governance over the distributed enterprise with consistent regulation and compliance anywhere possible.
Cisco ACI Anywhere represents the industry’s most comprehensive data center networking solution with flexible deployment options and the ability to deploy apps based on business needs, not by technology limitations. Businesses operate anywhere today. Data centers must too.
For more information, please visit our ACI webpage.
The only unfortunate thing about ACI is lack of affordable learning materials for individuals. Not everyone has chance of working for a very big company where there is already ACI. It could be great if cisco published a package/demo software for students.
I’m learning for free on Cisco Denver lerning labs.
I'm wondering why I'd do this over NSX? NSX has provided this for a while now.
@Mark G – The whole workload policy extension is automated with ACI by using API calls into the cloud (AWS/Azure). Single place/dashboard to manage such extension.ACI also is a single product with a consistent roadmap and now covers all types of domains and workloads/apps (on-prem, public cloud, VMs, containers, bare metal, microservices) and it is hypervisor agnostic.
ACI has been built to support modern cloud scale environments and works perfectly with modern cloud adopted and open hypervisors such as KVM. ACI is fully open programmable with open APIs.
NSX is 2 or more different products with no feature parity depending what VMware has in mind recently. NSX-v has dependency on VMware hypervisor and NSX-T has reduced functionality vs NSX-v.
With ACI the VMware ELAs will become much less expensive and development/innovation across clouds can take place by using native Kubernetes. Saves additional licenses from any proprietary PaaS platforms.