For customers looking to adopt a software-defined networking (SDN) approach to automating their data center network, Cisco ACI and VMware NSX are likely not foreign terms. These SDN platforms, being two of the leading solutions in the market, have often been positioned against each other as apples-to-apples competitors. In fact, of the 250 SDN-related inquiries that Gartner fielded in 2016, more than 50 specifically requested comparisons between VMware NSX and Cisco ACI.
These two SDN solutions are not in fact identical though. NSX is a virtual solution that abstracts the network using a controller and overlays. It utilizes the underlying physical network as a backplane (network hardware agnostic). ACI, on the other hand, is a hardware and software solution focused on policy-driven network infrastructure that runs across physical or virtual environments. It relies on its own network hardware based on the Cisco Nexus 9000 family of switches.
Being a software-only platform, NSX does need a solid physical network infrastructure or underlying topology in place to realize the full potential of the product. While NSX can leverage existing network infrastructure without the need for new hardware – there are some real benefits to being deployed alongside Cisco ACI. The clearest one being that NSX shines in environments that use spine and leaf physical architecture, which is the fabric that Cisco ACI and the Nexus 9000 family is built on. Spine and leaf is ideal for running east-west traffic through a network data center, which is well aligned to one of the most desirable features of NSX – micro-segmentation.
In addition to NSX benefitting from the well-engineered ACI network fabric, ACI can benefit from the proven network virtualization and security capabilities of NSX – able to run on any hypervisor, for any application, and with any cloud management platform. In highly virtualized SDDC environments, customers can expect NSX to seamlessly manage the fluid, virtual networks for greater flexibility, manageability, and security for VMs and virtualized workloads.
Every environment has different requirements and challenges. In some cases, NSX may be the best solution. In other cases, ACI may be the best solution. However, there are use cases where the combination of Cisco ACI and VMware NSX makes sense – they are not mutually exclusive. For instance, NSX could be used for micro-segmentation and firewalling of VM to VM traffic, while ACI could be used to control the automation and security of the physical network.
As with any large business decision, when looking to deploy SDN technology, it is important to understand what each product offers and also what limitations each may have. Despite how NSX and ACI were positioned in the past, the industry is starting to shift and understand that they are not apples-to-apples product offerings. In fact, together, NSX network virtualization capabilities and Cisco ACI physical networking platform can provide an impressive total automation solution to SDN customers. Contact Clearpath Solutions Group today to discuss how NSX and ACI might fit into your SDN plan.
Be on the lookout over the next few weeks for additional posts on VMware NSX, listed below:
- Greater IT Security Through Network Virtualization: Why VMware NSX Should Be a Part of Your Security Solution
- Network Virtualization and Disaster Recovery as a Service (DRaaS): The Right Match for Faster Recoveries
- Getting to the Cloud Faster and More Securely with VMware NSX