Response: Cisco Extends ACI’s APIC to Campus & WANs – Reactions and Thoughts

Cisco announces that it has expanded its ACI Strategy to include the Campus and WAN in the scope of the product as well hybrid cloud functionality. Some thoughts on what this means for network architects and engineers:

My View – Cisco wants to maintain control and ownership of customer budgets on networking by having a SDN controller that can manage everything. Cisco has significant market share because it has met customers needs and earned it current trusted position. For most customers their WiFI, WAN, VPN, Data Centre, Campus and Site networks are Cisco-only. Even many software platforms such as Cisco Prime NCS, Identity Services Engine and Unified Access means that Cisco has significant software control of many networks. It’s not a big stretch to see that many customers will migrate to ACI APIC because the deliverable is an extension of what they already have.

SDN technology like controllers and APIs mean that this vision of operational control is possible and, perhaps practical. If engineers can stop thinking about CLIs, SNMP and NetFlow as the only options for network management and begin to understand the value of an API, we will see traction in the market. As the press release notes:

The Cisco APIC Enterprise Module provides the unique ability to see the entire network as a single entity, instead of individual network elements. The result is reduced network complexity, accelerated application rollout across wired and wireless infrastructure, and more efficient network management and troubleshooting.

Don’t mistake  anything, this is going to be a tough sell to customers.

Until we have a real product we won’t know how good the deliverable is.

The scope Cisco ACI starts in the data centre, extends to embrace everything. –  It’s always been clear that Cisco intends to extend the ACI product to control all the network elements, signs go all the way back to original onePK announcements. This includes hardware elements such as UCS servers, ASR routers and non-data centre technology such as VPN configuration, firewalls.

ACI for Campus, Wireless and WAN – I kind of  figured that Campus, Wireless and WAN would take a couple of years to emerge but here is the announcement that doubles down on ACI.

What are we looking for ? – I will be looking to see if customers will commit to a Cisco APIC controller to manage and operate their entire network infrastructure.

Perhaps a reaction to JP Morgan Downgrade – One small thing, it’s just possible that Cisco rushed this announcement out in reaction to the downgrade announced by JPMorgan yesterday predicting Cisco share price to fall from $21 to $17 as revenue falls due to whitebox. Cisco might want everyone to know that ACI is a “big picture” and more than just locking in customers and revenue streams from their hardware sales. ACI does add value to hardware and has the potential to replace lost hardware and maintenance revenue through software licensing. Software has much better profit margins that hardware.

That seems risky to have a single end to end manager – networking is has always used loosely coupled, cisco-head-shotautonomous systems that have low/zero abstraction of physical/logical components . SDN means that you will transition to networking that is tightly coupled, controlled feedback loops, low autonomy and almost complete abstraction between the logico-physical architecture.

All SDN solutions involve radical abstraction. Cisco’s strategy is proportionate to its market dominance and corporate resources. It can extend it resources into areas that startups and smaller vendors simply cannot. Equally, Cisco is not a coherent organisation but many small divisions that have competing goals. Like any big company, the future of a single product remains uncertain.

The Cisco APIC Enterprise Module is constructed of three elements: a consolidated network information database, policy infrastructure and automation. Combined, that can substantially increase network automation and agility, lowering the time that IT spends on operational activities by up to 36 percent.

Cisco APIC still isn’t shipping – Cisco likes to make announcements early. Possibly because it is hard to keep a secret, possibly because asking customers how valuable it is and how much they will pay but mostly because Cisco finds it hard to judge what customers want so they get validation by announcing ahead of the product. Who knows how long before this arrives in a practical form but I would guesstimate at a year or so.

No Documentation – There is no documentation on APIC on Cisco’s website. I can’t evaluate the product in any serious way. Therefore, any claims made here must be classed as “marketing”.

Feeding Strategies – this long lead time feed into customer strategies. Three to five-year strategies take three to five years to change.

Startup Prevention – one interesting side effect is that Cisco announcement will chase a significant amount of VC money away. No one wants to sit next to the fat lady on the bus when there isn’t enough room.

Selling the Value Add – All ACI marketing highlights the value of QoS. You can interpret this as value added feature since Cisco has a good end-to-end story, or you can interpret this as FUD. People are on both sides

For compliance management across branches and headquarters, Cisco APIC also provides network-wide Quality of Service (QoS), and accelerates Intelligent WAN (IWAN) deployments. It can also be used with third-party solutions to provide an end-to-end WAN orchestration and management.

The Quality of Service is oversold and very few people need it. Every wants certainty but is the price of implementing QoS worth it ? I wonder if this debate will play out in the years ahead as bandwidth becomes cheaper and reduces the need for QoS overall. 

Here is the link to Cisco announcement:

Cisco Extends Application-centric Infrastructure (ACI) to Access and Wide Area Networks, Increasing Network Automation and IT Agility – The Network: Cisco’s Technology News Site.

  • Network_Softie

    I hope the ACI product takes off, but for those of you who are curious about where Network Services & Engineering teams are currently “At” (at least from my best knowledge);

    I’m a Network Engineer working with “Company that makes operating system”‘ Proof of Concept & Lab data center spaces. We host business groups, vendors and misc. within our facilities and logical space. The mesh of vendors, CLI’s, SNMP strings, tools, web interfaces and most importantly – human hands, is the reason we see configuration mishaps (or disasters) occur.

    A few months ago, the goal was to take three data center scale POC networks with customers preparing to migrate over a rapid expansion of their already existing test platforms & services. I’ve been reading these blogs and have realized that the opportunity to embrace change is now. Abstraction has potential.

    Without breaking a handful of NDA’s, what we did as a next step was well, awesome. At 1/6th* of the cost for comparable Arista or Cisco switching infrastructure (TOR Leaf’s and Aggregate / L3 Spines), we did away with the per device CP and high-touch “problem” that plagues network landscapes. With only 6 months for a deliverable, time was spent trying a ridiculously diverse variety of network services, vendor solutions to SDN, open source iterations (Open Flow and whitepapers, everywhere), etc. We finally landed on the sweet spot and spent months customizing, building, failing and breaking “The Network”.

    Today, we have lost no staff count. The Engineer is not obsolete. Instead of taking 2 minutes to execute Script A or use a tool like HPNA to do function B, we work within our controllers framework to tweak network services, pull reports, analyze the network and mitigate risk. We have taken on roles such as secured access, service provision reviews, flow table & media testing and analysis, planning, design and optimization.

    The need to embrace an abstract mindset is critical. If your resume is configuring devices all day long, I would recommend developing a business acumen and service enabling approach. Our value is not in simple MAC’d, Break/Fix and Configuration work – it’s in driving projects, reducing costs, delivering a service and ensuring when the network is broken/migrating/updating/etc that there is a ‘Network Warrior who can make sense of it all. This will be incredibly important if the next leap is truly a decoupled & centralized CP.

    Food for thought.

    • Lindsay Hill

      Great comment – sometimes we get so stuck in the minutiae we forget that the business doesn’t care about Configs/CLI/etc – it’s all about delivering useful services.

      I get frustrated with products that make me spend a long time configuring them just to do the basics – to me that’s just time wasted. I want to be spending time on delivering things that are USEFUL to people. As you point out, if you take away the mundane, it gives us the time & space to do all those things like planning, design, optimisation.

      It’s a shame you’re constrained by NDAs – I think there could be an interesting series of blog posts about what you’ve done with your network.