Cisco Application Centric Infrastructure Ordering Guide

Available Languages

Download Options

  • PDF
    (2.1 MB)
    View with Adobe Reader on a variety of devices
Updated:June 24, 2022

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF
    (2.1 MB)
    View with Adobe Reader on a variety of devices
Updated:June 24, 2022
 

 

At-a-glance: The Cisco ACI solution

Cisco® Application Centric Infrastructure (Cisco ACI) is the industry’s most secure, open, and comprehensive solution for intent-based networking for datacenters. It enables businesses to innovate faster and minimize downtime by radically simplifying, optimizing, and accelerating infrastructure deployment through consistent security and automation for any workload, in any location, and in any cloud.

Cisco ACI delivers an intent-based networking framework that extends to the WAN and campus, capturing higher-level business and user intent in the form of a policy, and translates this intent into the network constructs necessary to dynamically provision the network, security, and infrastructure services.

ACI Anywhere: Any workload, Any Location, Any Cloud

Figure 1.               

ACI Anywhere: Any workload, Any Location, Any Cloud

Cisco ACI building blocks

The Cisco ACI solution consists of the following blocks:

     Cisco Application Policy Infrastructure Controller (APIC)

     Cisco Nexus® 9000 Series Spine and Leaf Switches for Cisco ACI

     Cisco Multi-Site Orchestrator

     Cisco ACI Remote Leaf

     Cisco Mini ACI Fabric

     Cisco Cloud ACI

1. Cisco ACI solution components

The minimum set of components required to enable an on-premises ACI fabric are:

a. Cisco Application Policy Infrastructure Controller (APIC)

The infrastructure controller is the main architectural component of the Cisco ACI solution. It is the unified point of automation and management for the Cisco ACI fabric, policy enforcement, and health monitoring. The APIC appliance is a centralized, clustered controller that optimizes performance and unifies the operation of physical and virtual environments. The controller manages and operates a scalable multitenant Cisco ACI fabric.

b. Cisco Nexus 9000 Series spine and leaf switches for Cisco ACI

The Cisco ACI fabric is a full-mesh topology of high-speed links (40/100/400 G) between redundant spine switches and leaf switches. The Cisco Nexus 9500 Series Switches operate as ACI spine switches and the Cisco Nexus 9300 Series Switches as ACI leaf or spine switches. Modular spines provide the scale and capability to incrementally add ACI leafs to the ACI fabric and grow the ACI fabric to the maximum scale.

Cisco ACI : Spine Leaf Architecture

Figure 2.               

Cisco ACI: Spine Leaf Architecture

2. Cisco ACI deployment models

In addition to the core capabilities enabled by the mandatory building blocks, Cisco ACI provides additional functions that span virtualization, infrastructure, and security. Depending on the deployment architectures, customers can choose to enable any or all of the following additional optional components for their solutions:

     Cisco Multi-Site Orchestrator

     Cisco ACI Remote Leaf

     Cisco Cloud Application Policy Infrastructure Controller

For further details on the capabilities of these components and the Cisco ACI solution, click here.

3. Cisco ACI licensing components

Cisco ACI licenses are categorized in two key components:

3.1 On-premises physical ACI fabric

The on-premises ACI fabric is licensed per Cisco Nexus 9000 device (leaf switch only) running in the ACI fabric. There are tiered license options along with add-on licenses for on-premises ACI deployments.

For more information, refer to section 5: Greenfield ACI fabric deployment Ordering Guide.

3.2 Cisco Cloud ACI

Cisco Cloud ACI is a comprehensive solution for simplified operations, automated network connectivity, consistent policy management, and visibility for multiple on-premises data centers and public cloud environments.

Cisco Cloud APIC, which runs natively on a public cloud, is the key component of this solution. The Cloud APIC enables policy translation of ACI policies into cloud-native policies and programs it in every Virtual Machine (VM) workload running application logic. The Cloud APIC is licensed per workload managed by the solution.

For more information on Cloud ACI licenses, refer to Cisco Cloud ACI.

4. Cisco ACI tiered licensing

Cisco ACI licenses are applied per Cisco Nexus 9000 device (leaf switch only) in a physical on-premises ACI deployment.

The per-device ACI licenses are offered as tiered licenses for easy consumption. Add-on licenses are charged per device, based on value-added feature offerings. For details on Datacenter licenses, please see the DCN software licensing BDM here.

The following table provides the feature support details of the ACI software licenses (Essentials, Advantage, and Premier).

Table 1.           Features included as part of each tier of license.

Essentials

Essentials

Advantage

Premier

Fabric management and automation

Inventory management and configuration

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Zero-touch provisioning

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Centralized management

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Integrated overlay over IP fabric

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Fault management

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Monitoring and troubleshooting

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Graceful node insertion and removal

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Network virtualization

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

API-driven automation and orchestration

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Ecosystem

Third-party integration via open APIs

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Layer 4–7 service integration

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

ACI application center

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Virtualization

Integration with workload orchestrators

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

OpenStack integration

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Kubernetes integration

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Security

Zero-trust policy model

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Role-based access control

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Cisco TrustSec® integration

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Advanced microsegmentation

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Secure and multifactor user authentication

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Audit support and logging

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

VDI and automatic remediation

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

First hop security

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Endpoint authentication

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Streaming telemetry and latency

Cisco NetFlow

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Precision Time Protocol (PTP)

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Distributed ACI fabrics

Multi-Pod

Related image, diagram or screenshot

Related image, diagram or screenshot

Related image, diagram or screenshot

Multi-Site

 

Related image, diagram or screenshot

Related image, diagram or screenshot

Physical Remote Leaf

 

Related image, diagram or screenshot

Related image, diagram or screenshot

Operations

Nexus Insights

 

 

Related image, diagram or screenshot

Nexus Dashboard

 

Related image, diagram or screenshot

Related image, diagram or screenshot

5. Greenfield ACI fabric deployment ordering guide

This section lists the steps to order a base ACI fabric for greenfield ACI deployments.

5.1 Cisco Application Policy Infrastructure Controller (APIC)

The following table lists the SKUs for a physical APIC.

Table 2.           Orderable SKUs for physical APIC

Product SKU

Product description

Number of physical appliances

APIC-CLUSTER-M3

APIC cluster for medium configurations (up to 1200 edge ports)

3

APIC-CLUSTER-L3

APIC cluster for large configurations (more than 1200 edge ports)

3

APIC-M3

APIC appliance for medium configurations (up to 1200 edge ports)

1

APIC-L3

APIC appliance for large configurations (more than 1200 edge ports)

1

APIC-M3=

APIC appliance for medium configurations (up to 1200 edge ports) (SPARE)

1

APIC-L3=

APIC appliance for large configurations (more than 1200 edge ports) (SPARE)

1

5.2 Cisco ACI tiered licenses

ACI software licenses are available as subscription and perpetual consumption models.

Nexus licenses are categorized on platform bandwidth capacity:

     GF licenses for 1G Fixed Platforms

     XF licenses for 10G/25G/40G/100G Fixed Platforms - Upto 3.6T

     XF2 licenses for 10G/25G/40G/100G/400G Fixed Platforms - Upto 12.8T

The following sections list the SKUs required to order ACI software licenses for a greenfield ACI deployment.

5.2.1 ACI subscription software license SKUs

Select the options below while selecting the Cisco Nexus 9000 Series device (leaf switch only).

Table 3.           Subscription license SKUs

Description

Essentials

Advantage

Premier

GF license

C1E1TN9300GF-3Y C1E1TN9300GF-5Y

C1A1TN9300GF-3Y C1A1TN9300GF-5Y

C1P1TN9300GF-3Y C1P1TN9300GF-5Y

XF license

C1E1TN9300XF-3Y C1E1TN9300XF-5Y

C1A1TN9300XF-3Y C1A1TN9300XF-5Y

C1P1TN9300XF-3Y C1P1TN9300XF-5Y

XF2 license

C1E1TN9300XF2-3Y C1E1TN9300XF2-5Y

C1A1TN9300XF2-3Y C1A1TN9300XF2-5Y

C1P1TN9300XF2-3Y C1P1TN9300XF2-5Y

Select the options below while ordering an ACI subscription license without any hardware (spares).

Table 4.           Subscription spare license SKUs

Description

Spares

GF license

C1-N9K-ADD-T

XF license

C1-N9K-ADD-T

XF2 license

C1-N9K-ADD-T

5.2.2 ACI perpetual software license SKUs

Select the options below while selecting Cisco Nexus 9000 Series leaf switches.

Table 5.           Perpetual license SKUs

Description

Essentials

Advantage

Premier

GF license

ACI-ES-GF

ACI-AD-GF

N/A

XF license

ACI-ES-XF

ACI-AD-XF

N/A

XF2 license

ACI-ES=XF2

ACI-AD-XF2

N/A

Note:      There is no perpetual offer for Premier; Premier must be purchased as a subscription.

Select the options below to order spare software licenses without corresponding Cisco Nexus 9000 hardware.

Table 6.           Perpetual spare license SKUs

Description

Essentials

Advantage

Premier

GF license

ACI-ES-GF=

ACI-AD-GF=

N/A

XF license

ACI-ES-XF=

ACI-AD-XF =

N/A

XF2 license

ACI-ES=XF2=

ACI-AD-XF2=

N/A

6. Brownfield ACI deployment ordering guide

6.1 ACI upgrade for tiered licenses

This section lists the SKUs required to order upgrade licenses for ACI deployments. This is typically applicable for brownfield deployments when customers had purchased a lower-tier ACI license and want to migrate to a higher-tier license for existing hardware.

Table 7.           License upgrade SKUs

 

Perpetual -> Perpetual upgrade license

Subscription -> Subscription upgrade license

ACI 1G Base-to-Essentials upgrade license

ACI-UPG-B-ES-GF=

Modify Subscription

ACI 10/25/40G Base-to-Essentials upgrade license

ACI-UPG-B-ES-XF=

Modify Subscription

ACI 1G Base-to-Advantage upgrade license

ACI-UPG-B-AD-GF=

Modify Subscription

ACI 10/25/40G Base-to-Advantage upgrade license

ACI-UPG-B-AD-XF=

Modify Subscription

ACI 1G Base-to-Premier upgrade license

N/A

Modify Subscription

ACI 10/25/40G Base-to-Premier upgrade license

N/A

Modify Subscription

ACI 1G Essentials-to-Advantage upgrade license

ACI-UPG-ES-AD-GF=

Modify Subscription

ACI 10/25/40G Essentials-to-Advantage upgrade license

ACI-UPG-ES-AD-XF=

Modify Subscription

ACI 400G Essentials-to-Advantage upgrade license

ACI-UPG-ES-AD-XF2=

Modify Subscription

ACI 1G Essentials-to-Premier upgrade license

N/A

Modify Subscription

ACI 10/25/40G Essentials-to-Premier upgrade license

N/A

Modify Subscription

ACI 400G Essentials-to-Premier upgrade license

N/A

Modify Subscription

ACI 1G Advantage-to-Premier upgrade license

N/A

Modify Subscription

ACI 10/25/40G Advantage-to-Premier upgrade license

N/A

Modify Subscription

ACI 400G Advantage-to-Premier upgrade license

N/A

Modify Subscription

6.2 ACI perpetual to subscription upgrade licenses

This case is applicable for following customers:

1.     If customers have purchased perpetual licenses and want to migrate to the subscription licensing model

2.     If a customer wants to upgrade from perpetual to a Premier subscription license tier

For purchases before October 2018: No upgrade is available to migrate from a perpetual to a subscription license model. For this case, order new subscription licenses under C1-N9K-ADD-T (refer to section 5.2.1: ACI subscription software license SKUs).

For purchases after October 2018: To migrate from an Essentials/Advantage perpetual to Essentials/Advantage/Premier subscription model, please check the migration program collaterals here.

Note:      Purchases of Cisco ONE Foundation perpetual licenses are eligible for the above migration program.

6.3 Cisco NX-OS to Cisco ACI upgrade licenses

This section is applicable for customers who had purchased perpetual licenses for Cisco Nexus 9000 in Cisco NX-OS standalone mode and want to migrate to perpetual ACI licenses.

Table 8.           Perpetual to subscription upgrade license SKUs

Description

Perpetual upgrade license

Subscription licenses

Cisco NX-OS Essentials to Cisco ACI Essentials upgrade license for 1G device

NXOS-ACI-UP-ES-GF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS Essentials to Cisco ACI Essentials upgrade license for 10G+ device

NXOS-ACI-UP-ES-XF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS Advantage to Cisco ACI Advantage upgrade license for 1G device

NXOS-ACI-UP-AD-GF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS Advantage to Cisco ACI Advantage upgrade license for 10G+ device

NXOS-ACI-UP-AD-XF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS LAN to Cisco ACI Essentials upgrade license for 1G device

Step 1: NXOS-UPG-L-ES-GF=

Step 2: NXOS-ACI-UP-ES-GF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS LAN to Cisco ACI Essentials upgrade license for 10G+ device

Step 1: NXOS-UPG-L-ES-XF=

Step 2: NXOS-ACI-UP-ES-XF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS LAN to Cisco ACI Advantage upgrade license for 1G device

Step 1: NXOS-UPG-L-AD-GF=

Step 2: NXOS-ACI-UP-AD-GF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS LAN to Cisco ACI Advantage upgrade license for 10G+ device

Step 1: NXOS-UPG-L-AD-XF=

Step 2: NXOS-ACI-UP-AD-XF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS Essentials to Cisco ACI Advantage upgrade license for 1G device

Step 1: NXOS-UPG-ES-AD-GF=

Step 2: NXOS-ACI-UP-AD-GF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

Cisco NX-OS Essentials to Cisco ACI Advantage upgrade license for 10G+ device

Step 1: NXOS-UPG-ES-AD-XF=

Step 2: NXOS-ACI-UP-AD-XF=

N/A

Current subscription SKUs include both Cisco ACI and Cisco NX-OS features

6.3.1 Cisco NX-OS perpetual to Cisco ACI subscription upgrade licenses

This migration program is applicable only for purchases made after October 2018. For details check the migration program collaterals here.

7. Add-on ACI licenses

ACI requires add-on licenses for Cisco Nexus 9000 Series switches if customers want to enable value added functionalities in their ACI fabric. These SKUs can be purchased either while ordering the Nexus 9000 hardware or as spares.

Table 9.           Add-on license SKUs

 

Add-on SKUs
(Select along with Cisco Nexus 9000 hardware)

Spare licenses (Select without any hardware)

Nexus 9300 48 Port

upgrade License for 24-port EX/FX platforms
(N9K-C93180YC-EX-24, N9K-C93180YC-FX-24,
N9K-C93108TC-EX-24, N9K-C93108TC-FX-24)

 

N9K-EX-24P-UPG=

N9K-FX-24P-UPG=

For 48-port 10G and above ACI enabled FEX

 

ACI-F48X=

For 32-port 1/10G ACI-enabled FEX

 

ACI-F32X=

For 16-port 1/10G ACI-enabled FEX

 

ACI-F16X=

For 48-port 1G ACI-enabled FEX

 

ACI-F48G=

For ACI security add-on MACsec and CloudSec features for fixed Nexus 9000 device (both spine and leaf switches)

ACI-SEC-XF

ACI-SEC-XF=

For ACI security add-on MACsec and CloudSec features per modular Nexus 9000 device (spine only)

ACI-SEC-XM

ACI-SEC-XM=

For FC/FCoE storage features per ACI device (leaf only)

ACI-STRG

ACI-STRG=

8. Product solution purchasing reference

8.1 Cisco ACI Multi-Site

Cisco ACI Multi-Site provides a single point of provisioning for multiple Cisco ACI fabrics.

Cisco ACI Multi Site Licensing Components

Figure 3.               

Cisco ACI Multi Site Licensing Components

Cisco ACI Multi-Site requires purchase of the following:

1.     Cisco ACI spine-leaf architecture with an APIC cluster for each fabric

2.     One Data Center Networking Advantage or Premier License per device (leaf only) for all of the connected fabrics (Cisco Multisite virtual appliance is included and can be downloaded directly from cisco.com/downloads)

8.2 Cisco ACI Mini Fabric

The Cisco ACI Mini Fabric provides a cost-effective solution for smaller scale deployments in an optimized 5RU footprint. This solution comprises APIC-CLUSTER-XS (one physical and two virtual controllers) along with 2 spines and 2-4 leafs.

Cisco ACI Mini Fabric License Components

Figure 4.               

Cisco ACI Mini Fabric License Components

Ordering option 1. Purchase Virtual APIC bundle

Product SKU

Quantity to Purchase

ACI-C9332-VAPIC-B1

1

Any ACI supported leaf switches

2 minimum

Any ACI License

Per device (leaf only) quantity

Ordering option 2. Purchase Virtual APIC separately

Product SKU

Quantity to Purchase

APIC-CLUSTER-XS

1

Any ACI supported fixed Spine switches

2

Any ACI supported Leaf switches

2

Any ACI License

Per device (leaf only) quantity

8.3 ACI security feature licensing

8.3.1 Encryption (MACsec)

MACsec is an IEEE 802.1AE standard that provides MAC-layer hop-by-hop encryption for data confidentiality and integrity for media-access-independent protocols. MACsec uses out-of-band methods for encryption keying. The APIC will be responsible for the MACsec keychain distribution to all the nodes in a pod or to particular ports on a node.

MACsec Encryption Licensing Components

Figure 5.               

MACsec Encryption Licensing Components

The encryption capability requires purchase of the following:

1.     ACI spine-leaf architecture with an APIC cluster for the main fabric

2.     One Essentials, Advantage or Premier license per device (leaf only) in the fabric

3.     An add-on license ACI-SEC-XF/GF per device (leaf) for encryption

4.     An add-on license ACI-SEC-XF per device (fixed spine) for encryption

5.     An add-on license ACI-SEC-XM per device (modular spine) for encryption

8.3.2 Encryption (CloudSec)

Cisco ACI Multi-Site uses VXLAN overlay tunnels over the Intersite Network (ISN) to interconnect each ACI data center site; these VXLAN tunnels are not encrypted. CloudSec is a new technology that solves this problem by providing site-to-site encryption for all data center interconnect traffic in a Cisco ACI Multi-Site deployment. Encryption keys are configured on each site’s APIC, and Cisco Multi-Site Orchestrator (MSO) will automatically exchange and distribute keys to sites as well as refresh keys automatically periodically.

CloudSec Encryption Licensing Components

Figure 6.               

CloudSec Encryption Licensing Components

The CloudSec encryption capability requires purchase of the following:

1.     ACI spine-leaf architecture with an APIC cluster for each site

2.     Deployment of a Cisco Multi-Site Orchestrator to manage each site

3.     One Advantage or Premier license per device (leaf only) in the fabric

4.     An add-on license ACI-SEC-XF per device (fixed spine) for encryption

5.     An add-on license ACI-SEC-XM per device (modular spine) for encryption

8.4 Fiber Channel over Ethernet (FCoE)

Cisco ACI enables the configuration and management for Fibre Channel over Ethernet (FCoE) traffic on the ACI fabric. A typical implementation of FCoE protocol support on the ACI fabric enables hosts located on the Ethernet-based ACI fabric to communicate with SAN storage devices located on a Fibre Channel network.

ACI FCOE Licensing Components

Figure 7.               

ACI FCOE Licensing Components

The FCoE solution requires purchase of the following:

1.     ACI spine-leaf architecture with an APIC cluster for the main fabric

2.     One Essential, Advantage or Premier license per device (leaf only) for the main fabric

3.     An add-on license ACI-STRG per device (leaf) with FCOE/FC NPV configuration

9. Cisco Cloud ACI

Cisco Cloud ACI is a comprehensive solution for simplified operations, automated network connectivity, consistent policy management, and visibility for multiple on-premises data centers and public cloud environments. This solution introduces the Cisco Cloud Application Policy Infrastructure Controller, which runs natively in public clouds in a virtualized form factor.

The Cisco Cloud APIC is being offered natively on AWS, Azure and Google public clouds. The Cisco Cloud APIC binary image is available on AWS Market Place, Azure Marketplace, Google Cloud Marketplace and supports the Bring Your Own License (BYOL) model.

Cisco Cloud ACI

Figure 8.               

Cisco Cloud ACI

The licenses for the Cisco Cloud APIC are charged per workload (VM instance) under policy management of the Cisco Cloud APIC. Typically, these virtual-machine instances will be used to deploy application workloads on a public cloud. The Essentials Cloud tier includes licenses for a single policy domain or a single instance of Cisco Cloud APIC on a public cloud. If multiple instances of Cisco Cloud APIC need to be deployed for scale reasons, then the Advantage Cloud licenses need to be purchased for each workload instance managed by the Cisco Cloud APICs.

For example, assume that a single instance of Cisco Cloud APIC can manage instances spread across sixteen different regions in AWS/Azure/Google Cloud. If a customer needs to deploy 100 EC2 instances under the policy management of the Cisco Cloud APIC, and these are running within a single region on AWS/Azure/Google Cloud, 100 Essentials Cloud licenses will be required. If these 100 EC2 instances are spread across seventeen or more different AWS/Azure/Google Cloud regions, then two instances of Cisco Cloud APIC will be needed. In this case, 100 Advantage Cloud licenses need to be purchased. The licenses are portable across AWS, Azure and Google Clouds andthe license SKUs are same for all the clouds.

Table 10.       Required license components for Cloud ACI

 

Essentials Cloud

Advantage Cloud

Cloud interconnect automation

Automation of interconnect between on-premises data center and public cloud

Related image, diagram or screenshot

Related image, diagram or screenshot

Centralized management across multiple cloud regions

Related image, diagram or screenshot

Related image, diagram or screenshot

Fault management

Related image, diagram or screenshot

Related image, diagram or screenshot

Monitoring and troubleshooting

Related image, diagram or screenshot

Related image, diagram or screenshot

API-driven automation and orchestration

Related image, diagram or screenshot

Related image, diagram or screenshot

Ecosystem

Third-party integration via open APIs

Related image, diagram or screenshot

Related image, diagram or screenshot

Policy and security

Cloud-native policy and segmentation

Related image, diagram or screenshot

Related image, diagram or screenshot

Zero-trust policy model on cloud

Related image, diagram or screenshot

Related image, diagram or screenshot

Role-based access control on cloud

Related image, diagram or screenshot

Related image, diagram or screenshot

Audit support and logging on cloud

Related image, diagram or screenshot

Related image, diagram or screenshot

Policy domains on public cloud

Single-policy domain on cloud

Related image, diagram or screenshot

Related image, diagram or screenshot

Multiple-policy domains on cloud

 

Related image, diagram or screenshot

Cisco Cloud ACI solution requires the following license components:

On the on-premises data center (If applicable)

1.    ACI Device licenses

One ACI Essentials/Advantage/Premier license per device (leaf only) for all Cisco Nexus 9000 devices running in Cisco ACI mode.

Note:      A single physical on-premises site can run in the Essentials license tier if it is connected to one or more cloud sites. More than one physical on-premises sites connected to Cisco Nexus Dashboard Orchestrator and one or more cloud sites will require a minimum of one ACI Advantage license per device.

On public cloud

1.    Workload licenses for Cisco Cloud APIC

Cisco Cloud APIC licenses are subscriptions of 3-, 5-, or 7-year duration. A Cisco Smart Account is mandatory for ordering Cisco Cloud APIC licenses.

Table 11.       Cloud APIC workload license SKUs

Product SKU

Product description

ACI-CAPIC ACI-CAPIC-ES

ACI Essentials Cloud for single-policy domain on public cloud

ACI-CAPIC ACI-CAPIC-AD

ACI Essentials Cloud for single-policy domain on public cloud

2.    Cisco Catalyst 8000V license SKUs for Cisco Cloud ACI solution

At least two Cisco Catalyst 8000V (Cat8kV) Cisco DNA Advantage licenses are required to run the Cisco Cloud ACI solution on a public cloud.

PID for adding Cat8kV license is L-DNA-C8000V and it has two mandatory configuration options that has to be chosen.

Table 12.       Catalyst 8000V license and it’s components

Top level SKU

Configuration SKUs required

L-DNA-C8000V

-

C8000V-PF

IOSXE-AUTO-MODE-PF

In addition to that choice of subscription has to be made based on bandwidth requirements and term of the license.

Table 13.       Subscription tiers for Catalyst 8000V

Product SKU

Product description

DNA-P-T0-A-3Y

Cisco DNA License SKU for 25 Mbps for 3 years

DNA-P-T0-A-5Y

Cisco DNA License SKU for 25 Mbps for 5 years

DNA-P-T0-A-7Y

Cisco DNA License SKU for 25 Mbps for 7 year

DNA-P-T1-A-3Y

Cisco DNA License SKU for 250 Mbps for 3 years

DNA-P-T1-A-5Y

Cisco DNA License SKU for 250 Mbps for 5 years

DNA-P-T1-A-7Y

Cisco DNA License SKU for 250 Mbps for 7 year

DNA-P-T2-A-3Y

Cisco DNA License SKU for 1G for 3 years

DNA-P-T2-A-5Y

Cisco DNA License SKU for 1G for 5 years

DNA-P-T2-A-7Y

Cisco DNA License SKU for 1G for 7 year

DNA-P-T3-A-3Y

Cisco DNA License SKU for 10G for 3 years

DNA-P-T3-A-5Y

Cisco DNA License SKU for 10G for 5 year

DNA-P-T3-A-7Y

Cisco DNA License SKU for 10G for 7 years

3.    CSR 1000V to Catalyst 8000V Tier mapping

Catalyst 8000V provides new bandwidth tiers. Table below provides the mapping that should be used, for picking up the right Catalyst 8000V tier during the migration from CSR 1000V.

Table 14.       Bandwidth tiers for Catalyst 8000V

CSR 1kV bandwidth

Cat8kV Tier

Cat8kV Bandwidth

10 Mbit/s

0

Up to 25 Mbit/s

50 Mbit/s

1

Up to 200 Mbit/s

100 Mbit/s

1

Up to 200 Mbit/s

500 Mbit/s

2

Up to 1 Gbit/s

1 Gbit/s

2

Up to 1 Gbit/s

2.5 Gbit/s

3

Up to 10 Gbit/s

5 Gbit/s

3

Up to 10 Gbit/s

While any of Catalyst 8kV tiers mentioned above are available for ordering, for customers who are migrating from CSR1kV to Catalyst 8kV as a part of their Cloud ACI setup the suggestion is to use Tier 2 and Tier 3 as the closest matches of previous CSR1kV licenses for Cloud ACI production customers.

9.1 Cloud ACI bundle

The Cloud ACI bundle is a single SKU for purchasing all the licensing components required for the Cloud ACI solution. The following are the components of the bundle with limited-time built-in discounts:

     CAPIC-C8KV-B

    ACI-CAPIC (15% discount)

    Catalyst 8000V (15% discount)

9.2 Cloud ACI Eval licenses

Cloud APIC eval licenses can be requested using this site (choose Product Family as APIC).

For Catalyst 8000V: use L-C8000-DEMO PID on CCW. This demo PID has no Tiers, and customer will get full bandwidth access for time of evaluation.

Note:      Cisco Cloud APIC and Catalyst 8000V licenses are Cisco Licensing Enabled SKUs. A Cisco Smart Account is mandatory while placing an order for these SKUs. It is recommended to keep the customer’s Cisco Smart Account ready at the time of placing the order. For a more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide.

10. Day-2 Operations

Cisco’s Day 2 Operations solution stands out as the first comprehensive technology solution in the industry developed by Cisco for network operators to manage day-2 operations in their networks. Our solution automates, monitors, and analyzes your data center fabric in real time. The components of Day 2 Operations include:

     Cisco Nexus Dashboard

     Cisco Nexus Dashboard Platform

     Cisco Nexus Insights

See Cisco Nexus Dashboard and Cisco Data Center Day 2 Operations Solution Suite Ordering Guide.

11. Cisco ACI Smart Licensing

Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more consistent way to purchase and manage software across the Cisco portfolio and across your organization. And it’s secure – you control what users can access. With Smart Licensing you get:

     Easy Activation: Smart Licensing establishes a pool of software licenses that can be used across the entire organization—no more PAKs (Product Activation Keys).

     Unified Management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco products and services in an easy-to-use portal, so you always know what you have and what you are using.

     License Flexibility: Your software is not node-locked to your hardware, so you can easily use and transfer licenses as needed.

To use Smart Licensing, you must first set up a Smart Account on Cisco Software Central (software.cisco.com).

For a more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide.

12. Cisco services and support

Achieve business outcomes faster with Cisco Services for Cisco ACI: The Cisco ACI Services portfolio provides a range of professional and support services for each stage of your Cisco ACI journey. Cisco ACI can deliver significant advantages for your business. To help you quickly gain the benefits of your Cisco ACI solution while also mitigating risk, we offer a comprehensive portfolio of services. These services provide expert guidance to enable you to accomplish your business and technical outcomes. Cisco Services can help ensure your success with Cisco ACI, delivering expert support for planning, designing, deploying, and supporting your new infrastructure. To get started in learning more about Cisco Services for ACI, visit this link.

13. Cisco Capital

Flexible payment solutions to help you achieve your objectives

Cisco Capital® makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

14. More information

Cisco Commerce ordering tool

Click here

Cisco ACI solution data sheet

Click here

Cisco APIC data sheet

Click here

Cisco Nexus 9000 Series Switches data sheets

Click here

Cisco Nexus Insights

Click here

Cisco Nexus Dashboard

Click here

Cisco Cloud ACI solution overview

Click here

Technical white papers

Click here

Solution overviews

Click here

Release notes for Cisco ACI and APIC solutions

Click here

Release notes for Cisco Nexus 9000 Series Switches

Click here

Download Cisco ACI software

Click here

 

 

 

Learn more