Introduction: the evolution of Data Centers

Today, we live in a world where technology evolves daily and we constantly find ourselves adapting and readapting. What seemed revolutionary yesterday can become outdated overnight, especially in fields like networking. Data Centers are no exception. They have evolved over the years from simple rooms with a few servers to buildings with dozens or hundreds of devices supporting billions of daily operations.

At the heart of this transformation has been the Command Line Interface, or CLI. For decades, the CLI has been the preferred tool of network engineers – a powerful and stable method for configuring each device, line by line. However, as Data Centers have continued to grow, managing them manually through the CLI has become increasingly difficult. The current size, speed, and complexity of networks require a transition to automation.

The command line has increasingly shown its limitations. Manual configuration consumes time resources that could be used, for example, for optimization and innovation. Data Center configuration has been done manually for a long time. This approach worked because Data Centers were smaller and changes were few. However, in recent years, Data Centers have grown in size and complexity, expanding to meet the demands of a permanently connected world.

Manual configuration of a Data Center is subject to many limitations: it is time-consuming and inefficient, susceptible to human errors, doesn’t scale and lacks centralized visibility. In an industry where every millisecond counts and downtime can cost clients millions, the need for automation is more important than ever.

In this context, automation emerges as the ideal solution, allowing Data Centers to operate smarter, faster and with much less manual intervention. At the forefront of this transformation are technologies like Cisco NDFC and ACI, which not only automate processes, but also revolutionize Data Center management.

”Cisco NDFC has changed the way we manage our network infrastructure in the Data Center area. Compared to CLI management, NDFC has significantly simplified our equipment management by eliminating repetitive tasks and has given us the ability to scale the infrastructure easily, according to our business requirements. We are very satisfied with the positive impact the application has on our daily activities.”, Arctic Stream, client testimonial

We will further explore how Cisco NDFC and ACI lay the foundations for the Data Centers of the future.

The Command Line Interface (CLI) and its limitations

For network engineers, including myself, the CLI has been more than just a configuration tool. With each command entered, engineers have built Data Centers from scratch, controlling every configuration detail.

The advantages of the command line lie in its granularity and control. Engineers can delve into configuration details, customizing down to the smallest detail and thus building networks and Data Centers according to the required specifications. For many, the CLI represented freedom – total command over the network infrastructure.

As Data Centers have expanded, the granular approach of the CLI has become a daunting challenge. Managing each device, line by line, can take hours, sometimes even days, especially when networks span multiple locations or require constant adjustments and configurations. Each new configuration introduces the risk of human error – a misplaced character or an incorrectly typed line can disrupt services or leave networks vulnerable. Even small errors can have significant consequences.

Therefore, although the CLI has served us well for a long time, it is clear that the future demands a change. Given that today’s Data Centers operate at unprecedented speed and scale, the need for automated solutions has never been more critical.

Cisco NDFC and ACI: redefining automation

In today’s technological landscape, new tools have emerged to address challenges that traditional methods, like the CLI, can no longer manage. This is where the Cisco NDFC (Nexus Dashboard Fabric Controller) and Cisco ACI (Application Centric Infrastructure) come in. Both bring a new approach to Data Center management – one that is faster, smarter and better suited to the demands of modern networks.

Cisco NDFC and ACI share a common goal: simplifying the complex world of Data Center management through automation. Both tools act as the “brain” of the network, allowing the entire infrastructure to be managed from a single platform without the need for manual configuration of each device.

They automate configurations that once required hours of manual work, such as adjusting network settings, managing traffic or ensuring that critical applications have the necessary bandwidth. With NDFC and ACI, a few general rules are set, and they handle the configurations, keeping the network in optimal condition without the need for constant manual adjustments. By automating repetitive tasks and making real-time adjustments, NDFC and ACI free up network engineers’ time, reduce the risk of human error and ensure optimal application performance.

Imagine being able to deploy new services in minutes instead of days or knowing that your network can automatically adapt to sudden traffic spikes without issues. This transition to automation not only saves time, but also enables the creation of smarter and more resilient Data Centers.

”The integration of Cisco ACI with VMware networking is exceptional, providing automation and unifying the management of physical and virtual networks. This solution simplifies workload management and improves operational efficiency.” Arctic Stream, client testimonial

Next, we will explore the practical benefits that NDFC and ACI bring to daily operations.

How Cisco ACI and NDFC simplify network management

In modern networks, where scalability and complexity grow exponentially, the command-line-based approach can quickly create a bottleneck. ACI and NDFC completely change the rules of the game. We will analyze three scenarios where these two tools truly show their added value.

• Upgrading a fabric with zero downtime

Upgrade via CLI: upgrading the software image on 20 switches in a production network is a process that generally unfolds in multiple steps and is often quite complex. The administrator must connect to each switch individually, check compatibility, upload the new image, execute the upgrade commands, restart the equipment and finally verify functionality to confirm that everything works as expected after installation. The risks are high and a single misstep can lead to interruptions or even a failed upgrade.

Upgrade via Cisco ACI or Cisco NDFC: both solutions greatly simplify the upgrade process.

In Cisco ACI: ACI manages the entire fabric as a single entity. It checks compatibility, prepares the firmware and automatically runs the sequential upgrade, ensuring high availability by restarting only one set of equipment at a time.

In Cisco NDFC: the firmware is loaded onto the controller, which automates the update process, pushing the new image to all switches. Health checks before and after the update ensure that everything works smoothly.

In the image above, it can be seen how, in ACI, the validation step involves a detailed check of the entire fabric – it checks for faults, errors that could prevent the successful execution of the upgrade, whether daily backups have been made, if the firmware is compatible with the current software version and even with the CIMC version, among other things.

Conclusion: what used to take hours can now be done in less than an hour, with minimal risks. The graphical interface simplifies the process, reducing downtime and associated stress.

• Configuring interfaces for 30 servers

Configuration via CLI: when connecting a large number of servers to the infrastructure, say 30 units, each switch interface must be configured manually. VLANs, interfaces and their parameters (CDP/LLDP, MTU, speed, port-channel, etc.) must be configured, repeating this process for each port. A single configuration error can impact end-to-end connectivity.

Configuration via ACI or NDFC: this process becomes extremely simple. 

In Cisco ACI: you create a policy in the graphical interface, specifying all necessary settings: allocated VLANs, MTU, port speed, CDP/LLDP activation, port type (access/trunk) and other relevant settings such as PoE or port description. After configuring the policy, it is applied to all 30 interfaces and ACI automatically distributes the configuration to all devices in the fabric, eliminating errors and ensuring consistency.

In Cisco NDFC: you create a port template with the necessary configurations, such as VLAN and MTU assignments and apply it to all relevant ports. NDFC ensures that each port inherits the same settings without errors.

In the image above, the interface used to create a Leaf Access Port Policy Group is illustrated. This allows for quick and centralized configuration of port settings.

Conclusion: the time spent configuring interfaces and verifying consistency is drastically reduced. The entire configuration is completed with the help of Cisco ACI or Cisco NDFC in just a few minutes. Any potential error is no longer an issue, as templates and profiles guarantee uniformity.

• Configuring Layer 2 connectivity over a Layer 3 network

Configuration via CLI: configuring a Layer 2 network between two servers over a Layer 3 infrastructure using VXLAN involves several complex steps: defining VTEPs (IP addresses of tunnel endpoints), mapping VLANs to VNIs, configuring BGP EVPN peering for propagating MAC/IP addresses, adjusting MTU for traffic encapsulation and setting the source and destination of tunnels. Security policies (ACLs) must also be checked to allow traffic through tunnels. Any mistake in these steps can cause critical connectivity issues.

Configuration via ACI or NDFC: VXLAN configuration is fully automated and transparent to the administrator in both solutions, eliminating the complexity of manual configuration.

In Cisco ACI: you define a Bridge Domain associated with an Endpoint Group (EPG). ACI automates the entire process, handling VXLAN tunnel configuration and VTEP establishment, mapping the VLAN to the correct VNI, automatically propagating routing information and MAC addresses through the control plane. Everything is managed by ACI, resulting in Layer 2 connectivity between servers, established without errors and without additional interventions.

In NDFC: you specify an L2VNI associated with the desired VLAN and the controller takes over the entire automatic configuration: configuring VXLAN tunnels and establishing VTEPs between participating switches, setting up BGP EVPN sessions for propagating MAC and IP addresses. The NDFC controller manages all these processes, ensuring that tunnels and configurations are uniformly applied across the entire infrastructure.

Conclusion: VXLAN configuration, which can take hours and involves complex steps manually, is reduced to a few minutes in ACI or NDFC. Automation eliminates human errors and allows teams to focus on other tasks.

Choosing the right solution: NDFC sau ACI?

Cisco NDFC and Cisco ACI are two solutions that simplify network management, but each was created for different needs and scenarios. The right choice depends on the type of network to be managed and the organization’s objectives. The contexts in which each of these solutions excels will be presented, with clear examples to help you make the right decision in choosing the solution.

When to choose Cisco NDFC

Cisco NDFC offers the following advantages over Cisco ACI: simpler initial deployment, compatibility with the existing traditional network, lower financial investment and a shorter learning curve.

Advantages of Cisco NDFC

Managing existing traditional networks

• Scenario: you manage a network consisting of Nexus 9000 switches and older equipment, using VLANs for segmentation and classic Layer 2/Layer 3 protocols such as STP, OSPF or BGP.
• Why choose NDFC? NDFC offers a centralized control point for managing VLANs, VXLANs, and all existing configurations. Automating these processes is done without the need to migrate to a new infrastructure, eliminating the need for major changes that can generate downtime or additional costs. Additionally, the template-based model facilitates consistent configuration management across the entire network.

Shorter learning curve

• Scenario: your team is already familiar with the command line (CLI) and Cisco Nexus equipment and wants to quickly adopt an automation solution without extensive training.
• Why choose NDFC? NDFC has an intuitive interface and workflows are close to traditional ones, allowing engineers to become productive in just a few days or weeks. The fact that the solution does not introduce new concepts, such as EPGs or contracts, significantly reduces the learning time. Thus, teams can start implementing the solution quickly, without a major impact on daily operations.

Extremely simple VXLAN implementation

• Scenario: you need to implement a VXLAN network that ensures scalable Layer 2/Layer 3 connectivity between multiple Data Centers.
• Why choose NDFC? NDFC simplifies VXLAN configuration using dedicated templates for L2VNI and L3VNI. Parameter definition is done once and NDFC automates VTEP configuration, VNI mapping and BGP EVPN peering relationships on all involved switches. Compared to ACI, which requires configuring abstract constructs such as Bridge Domains, Endpoint Groups and Contracts, the process in NDFC is much more intuitive and faster. This makes VXLAN implementations accessible even to teams with less SDN experience.

Lower costs

• Scenario: your organization has a limited budget and wants to use the existing infrastructure.
• Why choose NDFC? NDFC is installed over the Nexus Dashboard solution, which can be implemented either as a virtual machine on the existing infrastructure or as a preconfigured hardware appliance by Cisco. This flexibility reduces initial costs compared to ACI, which requires dedicated APICs.

In conclusion, NDFC simplifies the management of traditional networks through centralized automation, using templates for configurations and daily processes. It is the ideal solution for organizations that want a gradual transition to an automated environment without major changes to the existing architecture.

When to choose Cisco ACI

Cisco ACI offers clear advantages in scenarios where applications, granular security and consistency across multiple locations are essential. It is the right solution for organizations managing complex data centers and needing advanced control over traffic and application performance.

Advantages of Cisco ACI

Application-centric automation

• Scenario: you manage a data center hosting critical applications, such as financial databases or medical platforms, where traffic between servers must be precisely controlled.
• Why choose ACI? ACI automates network configuration based on application requirements. For example, you create a policy specifying that web servers can only communicate with database servers. ACI automatically applies this policy across the network, eliminating complicated manual configurations.

Advanced multi-tenancy support

• Scenario: you host multiple clients in your data center who require complete traffic isolation.
• Why choose ACI? ACI allows the creation of completely isolated tenants, each with its own routing (VRF), security policies and dedicated resources. This ensures complete separation, eliminating the risks of interference between different clients’ networks.

Granular security and microsegmentation

• Scenario: you want to protect critical applications by limiting traffic to only necessary communications.
• Why choose ACI? ACI allows micro-segmentation, isolating traffic flows at the application level. For example, two servers in the same VLAN can be completely isolated, preventing unauthorized access even in the case of an internal attack.

Centralized management and extended visibility

• Use case: a large organization that wants to monitor the performance of critical applications and quickly troubleshoot network issues.
• Main advantage: Cisco ACI offers a unified platform for monitoring and managing traffic, focusing on application flows and their performance. The ACI health score system provides a clear picture of the stability and performance of endpoint groups (EPGs). This allows for the rapid detection of anomalies and proactive traffic optimization before issues affect users.

In conclusion, ACI offers a superior level of control and automation, based on application-specific policies. The ability to integrate multi-tenant networks and apply uniform policies across sites makes ACI indispensable for environments where granular security and application performance are absolute priorities. It is more than a management solution; ACI transforms the network into an intelligent infrastructure aligned with business needs.

The future of Data Centers – limitless automation

Automation doesn’t replace network engineers; on the contrary, it transforms their role. Instead of spending hours manually configuring each device, engineers can focus on:

• optimizing performance by analyzing data and improving network behavior;
• developing security strategies by implementing Zero Trust policies or advanced segmentation;
• innovation by exploring cloud and hybrid solutions to ensure continuous connectivity.

In the future, manual CLI-based configurations will be completely eliminated in favor of full automation. Data Centers will become autonomous infrastructures capable of:

• dynamically adapting to application requirements without human intervention;
• detecting and resolving issues before they affect performance;
• scaling effortlessly, regardless of the environment’s complexity.

Cisco ACI and NDFC represent significant steps towards the future of automated Data Centers. The choice between them depends on your current needs, but both solutions prepare the infrastructure for future trends: advanced security, multi-cloud integration and application-centric networks. In a world where speed and resilience make the difference, automation is not just a tool – it is the foundation of business success.

If you want to learn more about Data Center solutions and how they can help optimize your IT infrastructure, do not hesitate to contact us at [email protected]. The Arctic Stream team is ready to offer personalized support and solutions for your business’s specific needs.