In This Article

During these unprecedented times, organizations are scrambling to expand, build net-new and create bursting and DR capabilities to their existing data center infrastructures through multicloud solutions. There are many challenges related to connecting multicloud environments to provide expanded resources for remote workers:

  • Segmentation capabilities across the various multicloud instances pose security, compliance and governance challenges.
  • Operational models due to diverse and disjointed visibility and troubleshooting capabilities cause complexity, with no correlation across different cloud service providers.
  • Managing secure connectivity across these hybrid data and application workload environments can prove difficult for organizations without a strategy.
  • Multiple panes of glass are needed to configure, manage, monitor and operate these multicloud instances.
  • There has been a quick ramp-up for training and learning new cloud-native constructs.

The ACI Anywhere solution

The ACI Anywhere architecture that we recommend to organizations allows the flexibility to connect remote workers to applications and maintains business continuity. The goal of ACI Anywhere is to allow a single security and connectivity policy with a single pane of glass to manage all multicloud environments. 

The key to ACI Anywhere is the ACI Multisite Orchestrator (MSO), which allows the administrator to create consistent security and connectivity policies across multiple physical sites. These sites can be on-premise in an organization's data center, in carrier-neutral facility (CNE) such as Equinix and in the public cloud using native cloud constructs.

WWT multicloud single policy infrastructure

The first use case we will examine below is using a CNE to host the organization's secure data and use analytic tools, such as Cisco's Network Assurance Engine (NAE) and Network Insights Resources (NIR), with the app and web layer hosted in one of the public clouds. 

By using a CNE, we can offer a very low latency link to the public cloud for our secure back end data. By using the cAPIC, we can create a secure connectivity policy between on-prem and various public clouds with a single end to end policy. This also allows us to host the applications across multiple public cloud providers for bursting purposes, which aligns with what we are seeing organizations needing today.

WWT multicloud single policy infrastructure - Use Case 1

The second use case is very similar to the first; however, the web, app and data layer would be in a CNE, and you would burst the web and app layer to the public cloud as needed. A global load balancer (GLB) like the F5 GTM can be used to load balance across these sites.

WWT multicloud single policy infrastructure - Use Case 2

The third use case is where the web, app and data layers of the applications reside in various on-prem data centers, the CNE and the public cloud. A GLB solution would allow connectivity to the applications an organization needs to consume based on location awareness and load on a site.

WWT multicloud single policy infrastructure - Use Case 3

The last solution is using the ACI Mini, or the remote leaf option, of the ACI Anywhere solution to stand up a small data center for remote centers of operations. Using MSO, this temporary remote site could be stood up very quickly and would be useful in an environment such as a temporary medical site. 

WWT multicloud single policy infrastructure - Use Case 4

Want to try ACI?

At WWT, we are dedicated to helping our customers pivot and help with being very agile in building out connectivity to various multicloud environments. We offer training, demonstrations and workshops to help our customers in these uncharted waters. 

Our labs are on-demand, include easy to follow step-by-step instructions and there is no charge to use them. Learn more about a few of our ACI offerings: Cisco ACI Basics and Deploying an ACI Multisite Fabric Module 1 of 4.

Please reach out to your WWT account team for any further information on these solutions or contact us directly.