We use Cisco ACI for perimeter security and threat detection.

The tool's initial deployment is complex and takes five hours to complete.

I have been working with the solution for six to seven years.

I rate the product's stability a nine out of ten.

I rate the tool's scalability a seven out of ten. My company has around 150 users for the solution.

The deployment took less than one week to complete.

A partner helped us with Cisco ACI's implementation.

The tool is easy to handle once deployed. I rate it an eight out of ten.

Over the past six years, I've gained extensive experience with Cisco ACI, working on diverse solutions. This includes multi-site projects, like one involving a private bank with interconnected data centers utilizing Dark Fiber and Cisco ACI for seamless operations. I've also successfully integrated Cisco ACI with Kubernetes and Red Hat OpenShift to support container-based applications. I've played a dual role as an instructor, teaching Cisco ACI topics, and actively participating in various ACI-related projects. These projects have covered single-site, multi-site, and multi-tenant infrastructures, involving aspects like design, implementation, troubleshooting, and training, giving me a comprehensive understanding of the ACI ecosystem.

Our clients find several features of Cisco ACI particularly valuable, like the ability to create Service Graphs and employ Policy-Based Routing in an Application-Centric manner. One significant attraction for clients in Iran is the robustness of multicast solutions, which has been a major driver for them to migrate to Cisco ACI. It's worth noting that in Iran, the predominant IT infrastructure is on-premises, with limited usage of AWS or hybrid solutions.

While it is quite functional, I found it to be somewhat slow, and there was a notable issue related to the removal of the help section. In previous ACI versions, every configuration section had an accompanying help section that provided valuable information. This feature was removed in the latest version, and the reasoning behind this change is unclear. I believe there's room for improvement in terms of ACI's integration with various technologies. For instance, when it comes to integrating with Kubernetes, the compatibility is somewhat lagging.

I have approximately five to six years of experience working with Cisco ACI.

It exhibits remarkable stability, particularly from ACI version five onwards. For instance, the stock exchange infrastructure I've worked with has been operating flawlessly on ACI for almost two years now, with no significant issues. I would rate it ten out of ten.

I rate the scalability of ACI as nine out of ten, leaving room for potential improvements or aspects that I haven't explored fully.

I have never sought support from Cisco, mainly because of the nature of the operations and issues I've encountered. With the exception of hardware problems, which are usually beyond our control, I've handled all other situations and software failures directly.

Generally, I find the initial setup and configuration of Cisco ACI to be one of the simplest processes in the context of this technology, except in rare cases involving unique configurations. I would rate it eight out of ten.

The duration and complexity of the deployment can vary significantly based on the chosen approach, whether it's application-centric or network-centric. In the service recognition phase, especially for application-centric deployments, a deeper understanding of the service infrastructure is required. This involves collaboration with the software team to comprehend the service architecture, which can extend the deployment timeline. This approach differs from a more straightforward network-centric implementation where you might only need to convert legacy VLAN and IP contracts to ACI objects. In my experience, building Cisco ACI from the ground up can take anywhere from four months to nearly a year. For instance, if you aim to migrate swiftly to ACI without relying heavily on advanced features like service graphs and PBR, and simply want to establish ACI as the default gateway for servers, the fabric can be set up in as little as three to four months. Certain operations, such as the physical installation of spine switches, can extend the timeline from three to four months up to nearly a year for a complete project.

It is not very cheap, but it is still a cost-effective solution, especially when considering the broader context of data center expenses, including servers, storage, and firewalls. The pricing, including both hardware and licenses, is reasonable.

Overall, I would rate it ten out of ten.

We help customers obtain, renew, and upgrade. This is a multi-cloud software-defined data center. If a customer is in banking, we can separate and secure data centers for multiple sites.

I really like the usage of the application. It offers a good focus on applications and has a driven policy model. It is capable of automation and application-driven. Customers can focus on the applications, and this benefits the end customers.

We really like the GUI and the visibility we get in on the dashboards. You get real-time details on performance.

The DevOps teams can integrate their own software in ACI.

We can monitor which areas are working well.

It can be used with Kubernetes.

We get a full holistic view of the ecosystem.

Ideally, if it could be more aligned as a unit, it would be useful.

Compared to VMware, it needs more virtualization technologies. It cannot match that right now based on the hardware boxes that we use. It could be more virtualized. There is less flexibility as they have less virtualization.

The contract management could be better.

It needs to include log files.

The GUI could be better. The solution be more user-friendly.

We've seen a lot of trends in companies moving towards AI and cloud capabilities. If it could really focus on this area, it would continue to be a very good product. It would improve the cost-benefit of the product in the long run. They need to integrate with multiple cloud platforms. Better integration and compatibility across the board, in fact, would make it a better product.

I've used the solution for four to five years. The customers I work with use ACI.

I have found the stability to be good. I'd rate it nine out of ten.

The scalability is pretty good. You should have two of the spines altogether. Then the leaves can expand when you want to have more bandwidth or more throughput requirement.

If you need more computing power or networking power in the data center, then you have to add the leaves. Of course, if you need more throughput power, it's a bit different. For example, if one spine has the power of 4GBs, the two spines, which are combined, give the power of 8GBs, if you want more throughput, for example, 50GBs, you just go and add a couple of spines to it to commit to that sort of power.

We tend to work with medium to large organizations.

I'd rate the scalability seven out of ten.

Technical support has been good.

I haven't worked much with other solutions. I have worked with VMware NSX. It's similar, however, it is more flexible and is faster to set up.

The initial setup isn't too complex, depending on the user's background. If a person is comfortable with Cisco products, it won't be too hard. You do have to use the command line, which makes it a tedious task. That said, you have more advantages with configuration capabilities.

I'd rate the process eight or nine out of ten in terms of ease of setup. For the most part, it takes five to six steps.

It doesn't take too long to set up the entire product. It's easier than the other areas of the Cisco portfolio. Cisco is also making deployments easier to handle in general. It might take a few days since it is software-defined.

On a high level, if the customer has a lot of devices, it might take two to three hours, and then you need to integrate everything. It shouldn't take more than 30 minutes after that to deploy and get the devices integrated. It's just working on it and reviewing tasks, which takes some time. It's an ongoing process.

Cisco solutions are pretty pricy as you have to buy the AP controllers, leaves, spines, and hardware. I'd rate the pricing six out of ten in terms of affordability.

We are resellers and consultants. We provide insights to clients regarding this product. We don't use the solution ourselves; we help the customer use it and realize its value. We're Cisco partners.

We don't use a specific version of the product. Typically, we use the latest when it comes out.

I'd recommend the solution for users that have a traditional setup and need a dashboard. Many banks have complex data centers. They'd benefit from moving to this solution.

I would rate the solution nine out of ten.

The pricing factor is an issue. It's also not as good as VMware as it is not as virtualized. However, the Cisco portfolio is quite strong.

We use the solution’s microsegment for the security of the servers in the same VLAN.

Micro-segmentation is the solution’s most valuable feature.

We faced some issues while configuring the microsegment.

The solution should provide a visibility tool for troubleshooting.

I have been using the solution for five years.

The solution's stability is okay.

When we contacted support for troubleshooting, the issue was escalated to the next level in four hours. However, the last time we had a problem, the support took a long time to investigate.

The initial setup is complex because it is a software-defined network.

I suggest that Cisco delete and add a new EPG. Overall, I rate the solution an eight out of ten.