News Stay informed about the latest enterprise technology news and product updates.

How Cisco's almost-open SDN outruns VMware

Cisco's Application Centric Infrastructure pushes for semi-open SDN, even more so than many industry experts expected. In doing so, Cisco ACI outdoes VMware NSX.

Until recently, I had concluded that Cisco and VMware viewed SDN as a threat to be killed off.

We need automated networks to follow the same rules engineers do today.

I figured VMware would own the data center and we'd have a mishmash of Cisco technology in the physical and virtual networks, with open SDN nowhere to be found.

However, Cisco's Application Centric Infrastructure (ACI) hints of a different future.

Cisco's early messaging was simply oppositional to open SDN. Initially Cisco's idea was to circle the wagons around the ASIC, swap hardware for software and voilà -- hardware-defined networking (HDN). But as Cisco's ACI strategy evolved over the second half of 2013, it began to appear as though the company might actually emerge more open and flexible than VMware NSX and still be credible in the data center.

Giving the application just the right amount of control

A very long time ago (circa ESX4), I wrote about my dream of making applications network service declarative; that is, application configurations would include what they think they need from the network. The network would then adapt itself to provide optimized service delivery for the application using a combination of deep topology and resource self-awareness. This would accommodate the application's desired access, but the network would retain authority to intelligently override an application's stated desires. After all, in almost every case, the network is the only consistent point to deliver the most optimal, secure and policy-conforming configuration.

ACI seems to perfectly fit this definition. That said, the use of the word "centric" makes the product title a bit of a misnomer. Application aware infrastructure is actually a more correct way to put it. If the application were really at the center, it would compel the network to do its bidding. But as network engineers, we know that's asking for trouble. Instead, we need automated networks to follow the same rules engineers do today. We don't blindly execute every change request ticket from the systems team; we temper their requests with our expertise to provide improved solutions. ACI actually parallels this model.

For open SDN, less hype and more APIs

Perhaps the most unexpected development with Cisco's ACI approach is that it's relatively open. By putting coherent APIs on hardware, Cisco allows for the use of SDN controllers from third parties, including open source options.

More on Cisco SDN

Cisco and VMware: Which will network pros choose?

Why VCE Vblock won't die in the Cisco-VMware battle

Competitors sound off on Cisco ACI

Networkers say Cisco SDN is far superior, if you can rip and replace

Cisco is providing north and southbound XML/JSON REST APIs, which is technology from another dimension when compared to SNMP. Cisco also does not require a software developer's kit, making it more hack-a-day-friendly than vendors like HP. These factors give Cisco an edge on the bench, encouraging experimentation and discovery by net geeks who've long championed the programmable network dream.

And anecdotal evidence further suggests this new openness may indeed be real after all. For example, with the Insieme Nexus 9000 v1, Cisco, like Juniper Networks and other vendors, is going with Broadcom ASICs rather than its own custom silicon. This seems to indicate Cisco isn't ready to give up the data center without a fight and it's willing to bring open solutions into the mix if necessary.

With ACI, licensing around infrastructure, not VMs

ACI is also likely to win with the network team when it comes to licensing. With NSX, VMware wants to extend its per-VM licensing model to the network via VM awareness. But network engineers have always paid for boxes, ports and bandwidth. To us, per-VM pricing is repulsive. Service delivery is ultimately about pipes, not an ever-changing virtual machine inventory we have to get from the systems team. ACI keeps licensing around infrastructure features and capacity rather than VM endpoint count.

All of this is not to say that it's all smooth sailing ahead for Cisco. Cisco faces two tough challenges. First, it must dispatch the threat of merchant silicon-based open SDN solutions. Simultaneously, it must prevent VMware from owning the data center through its server virtualization management stronghold. However, the future seems more promising than it did at this time last year.

About the author:
Patrick Hubbard is a head geek and senior technical-product marketing manager at SolarWinds. With 20 years of technical expertise and IT customer perspective, his networking management experience includes work with campus, data center, storage networks, VoIP and virtualization, with a focus on application and service delivery in both Fortune 500 companies and startups in the high tech, transportation, financial services and telecom industries. He can be reached at

This was last published in January 2014

Dig Deeper on Software-defined networking

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Patrick, NSX and Contrail follow the same Application centric model by modeling a Virtual Network which can move ..I understand your concerns about licensing but other than that I didnt gather much . You have to remember NSX always works with hardware vendors like Juniper to enable deeper integration with the Physical networking side.