How Does Cisco ACI Compare to Cisco DNA?
In 2017, Cisco introduced the Cisco Data Network Architecture (DNA) — a product line that moves the data center from software-defined to intent-based networking. As to be expected, Cisco's CEO touted the new line as the path forward for large-scale environments. Don't get too excited, though.
Certifications are a good barometer for the traction that technology changes gain. Cisco updated its CCNA Data Center around the same time they were announcing DNA, so you won't see training for a while. DNA is only now being adopted.
Cisco launched the 1.1 release for DNA in January, so we're taking a high-level look at what DNA does compared to ACI — and whether it's worth an upgrade.
What is Cisco ACI?
Cisco Application Centric Infrastructure (ACI) has been the data center networking workhorse since its release in 2014. ACI was a considerable step forward in automation, scalability, and user experience. (It even has a GUI.)
In the years since its release, ACI empowered admins to fine-tune automation in data centers large and small. ACI simplified DC networking by taking away the complexity of manually setting up a network environment. Traditionally, different Nexus switches installed in the same environment had to be configured manually — one by one. Since ACI treats all configured devices as a single entity, admins can configure and manage them all at the same time through the APIC. It's a huge time and money saver.
ACI delivers this functionality through an application-oriented platform. Rather than being bound to VLANs, subnets, routing, and trunks, ACI uses a leaf-spine-leaf topology (CLOS) that is both simple and scalable, making it easy to expand when needed.
ACI started coming into its own from an automation point of view with it HTML5-based GUI — simplifying the whole setup process by shielding administrators from the often tedious task of configuring equipment through the REST API or the CLI. Integration is another huge benefit that ACI brought to the table. ACI brought technologies such as virtualization, container networking, and orchestration together as a unified configuration, simplifying network configurations.
There is a lot more to this technology, but these are some of the very basics for comparison.
What is Cisco DNA?
At its core, Cisco DNA (Digital Network Architecture) is an intent-based networking solution. It's a great term, but what does that mean?
Cisco DNA is just like ACI, which allows network engineers to deploy new networks virtually and create policies for the network with a few simple clicks of the mouse. DNA takes it a step further. Think of the DNA Center as the centralized automation and management platform that controls the entire network via the enterprise version of APIC, called APIC-EM.
Functionally, Cisco DNA interprets the intent of a user's actions and then applies these policies to the rest of the network. With application policy templates and easy deployment, Cisco DNA offers users all the simplicity and ease of use of the ACI and also allows for automated IWAN deployment and management. This takes away the need to configure any one single piece of Cisco equipment, as the system automates all this through Cisco DNA.
Rolling out new policies, deploying new networks, and supporting new applications that operate both locally, across the WAN, and in the cloud, can be configured in seconds from a single point. This creates a more organic network with less complexity for your support staff to worry about — and removes human Kill.
Which is right for you? Catalyst 9000 or Nexus 9000
With DNA came a marketing campaign titled, "The Network. Intuitive." which took over Cisco Live! last year. The Network. Intuitive. is a system developed by Cisco that embraces both of the benefits that come from ACI and DNA.
Of course, the intuitive network comes at a price — with an aggressive new licensing model. You can't use the hardware without a DNA license, which ranges from three to seven years. DNA also requires a server appliance, the aforementioned APIC-EM. (Not to be confused with the SDN-based APIC.) The entire setup creeps into the six-figures very quickly.
The answer here is pretty simple.
The Catalyst 9000 is an IBNS product designed for large "infrastructural" customers. (Read: If you're a small network, then the Catalyst isn't right for you.) And that makes sense. The IBNS is designed for high performance and at scale. The typical small- to medium-sized network won't even get Catalyst into first gear.
If your network isn't extra large (or XXL), then the Nexus 9000 is the better solution for cost and SDN functionality. Cisco ACI is well-integrated with most vendors, including Server 2016, you'll find in your data center. It's easy to use, and while not inexpensive, it's less expensive than the brand new DNA package.
It's about SDN or IBNS
Depending on the requirements that you have, it is easy to recommend either of these two technologies. Upgrading to IBNS is easier than you think, but also expensive, especially if you consider the fact that you will need a new analytics engine, policy engine, and upgrade software across all devices. IBNS isn't an "upgrade for upgrade's sake" solution.
If your needs can be met with such a solution, and you can afford it, then go for it. Otherwise, SDN solutions suffice — for now.