Cisco's Application Centric Infrastructure (ACI) is a big evolutionary step in data center networking, not because it adds programmability to the network--this has been a rising trend over the last few years--but because of the increased compatibility between vendors. This is where the real benefits are. 

We can see the start of this evolutionary step with Cisco's FlexPod (an amalgam of Cisco UCS, VMWare hypervisors, and NetApp storage). Here we see properly validated designs that span more than one vendor. This in itself was a big step; after all, it makes sense for a vendor to try and encourage the end user to purchase their equipment instead of their competitors'. This is done for two reasons: compatibility between devices and the vendor's financial success.

So, what of networks where one vendor can supply all of the equipment, from the networking to the storage and compute elements? It is actually quite rare to find an environment comprising one single vendor in the real world; most networks (and I am including virtualization platforms and storage within this term) have equipment from more than one vendor, because when you are looking for the best performance, you go with the big names (VMWare for virtualization, NetApp for storage, and so on) because they have longevity in the industry and the knowledge and support options that are required. The network becomes heterogeneous, because it needs to be in order to fulfill user, application, and business demands.

The downside to this is that we lose some degree of compatibility. There are industry-standard protocols that provide some level of compatibility back, such as SNMP (Simple Network Management Protocol), Syslog, and LLDP (Link Layer Discovery Protocol), that can facilitate alerting, logging, and communication between devices, but ACI takes this all one step further, taking the heterogeneous data center network and making it, well, homogenous. Through ACI, the data center can be configured rapidly as the application demands, and this includes physical and virtual network elements from multiple vendors. All of this can be performed through one GUI.

Before we dive in, let’s take a few moments to understand what ACI is all about, dispelling some of the myths along the way.

Myth: ACI is too expensive

ACI is not cheap to purchase; it is engineered for the data center, so it commands data center prices. Even the most basic of starter kits has a list price of $250,000. While a quarter of a million dollars is enough to get you started in the world of ACI, it is probably out of reach of most people. Even trying to sell ACI, as a "this could revolutionize our business" proposal, within most companies would be difficult. Despite the fact that most companies do not pay list price, ACI represents a huge risk, and for a number of reasons.

ACI is in its infancy, so adoption will be slow. The companies that have the easily available financial resources to dive into it are, most likely, the same kind of businesses that are not typically early adopters. Established companies that have the cash have more accountability to stakeholders, shareholders, and the public, so they are less likely to rush into investing six-figure sums than the eager startup company, to whom $250,000 represents a massive proportion of their available funds.

Nevertheless, as ACI becomes more prevalent, its adoption rate will increase, despite the cost (which can always be negotiated).

Myth: SDN (and ACI) will replace the engineer

The idea of software-defined networking (SDN) has caused quite a stir in the networking industry as engineers question whether having a programmable network will mean that the developer slowly takes their place. So, we have some degree of fear when it comes to ACI, yet SDN and ACI only represent a small portion of the market. As the infrastructure scales up and out, SDN makes more sense. In smaller deployments, the costs outweigh the benefits, yet SDN (and ACI) will never replace the network engineer. The developer does not speak the language of networks in the same way, that a traditional network engineer does not talk in development code. The two will remain separate entities in their little silos--ACI offers a bridge between the two, but both roles remain safe.

So as much as ACI is expensive, data center-specific, and occasionally perceived as a threat to the traditional network engineer, why should you look at it favorably?

This is SDN, the Cisco way

ACI allows the network administrator and application developers to work closer together. Applications change; networks change. Both have life cycles of varying length, and ACI allows these life cycles to coexist with each other and complement each other. Both teams can work together to achieve a common goal.

ACI reduces the complexity of the network with respect to deployment, management, and monitoring, and does this through a common policy framework. Applications can be deployed rapidly, and the administrative overhead on the network is significantly reduced. It is, therefore, application-centric and can facilitate services at layer 4 to 7 to enhance the application life cycle.

Through ACI, we can automate and program the network. We have a singular platform with which to provision the network. We can bring in, with ease, services such as virtualization (VMWare and Hyper-V), firewalls, load balancers, and a whole range of infrastructure that would previously have meant many hours being spent configuring and reconfiguring as the demands of the application changed.

This automation is performed through policies. Policies are centrally configured on APICs (Application Policy Infrastructure Controllers), which are (usually) clustered.

The APIC is where we will start.