In this article

During these unprecedented times, organizations are scrambling to expand, build net-new and create bursting and DR capabilities to their existing data center infrastructures through multi-cloud solutions. There are many challenges related to connecting multi-cloud environments to provide expanded resources for remote workers:

  • Segmentation capabilities across the various multi-cloud instances pose security, compliance, and governance challenges.
  • Diverse and disjointed visibility and troubleshooting capabilities cause complexity, with no correlation across operational models and cloud service providers.
  • Managing secure connectivity across these hybrid data and application workload environments can prove difficult for organizations without a strategy.
  • Multiple panes of glass are needed to configure, manage, monitor, and operate these multi-cloud instances.
  • There has been a quick ramp-up for training and learning new cloud-native constructs.

The ACI Anywhere solution

The ACI Anywhere architecture that we recommend to organizations allows the flexibility to connect remote workers to applications and maintains business continuity. ACI Anywhere aims to allow a single security and connectivity policy with a single pane of glass to manage all multi-cloud environments. 

The key to ACI Anywhere is the ACI Multisite Orchestrator (MSO), which allows the administrator to create consistent security and connectivity policies across multiple physical sites. These sites can be on-premise in an organization's data center, in the carrier-neutral facility (CNE) such as Equinix, and in the public cloud using native cloud constructs.

WWT multicloud single policy infrastructure

The first use case we will examine below is using a CNE to host the organization's secure data and use analytic tools, such as Cisco's Network Assurance Engine (NAE) and Network Insights Resources (NIR), with the app and web layer hosted in one of the public clouds. 

Using a CNE, we can offer a very low latency link to the public cloud for our secure back-end data. Using the cAPIC, we can create a secure connectivity policy with a single end-to-end policy between on-prem and various public clouds. This also allows us to host the applications across multiple public cloud providers for bursting purposes, aligning with what we see organizations needing today.

WWT multicloud single policy infrastructure - Use Case 1

The second use case is very similar to the first; however, the web, app, and data layer would be in a CNE, and you would burst the web and app layer into the public cloud as needed. A global load balancer (GLB) like the F5 GTM can load balance across these sites.

WWT multicloud single policy infrastructure - Use Case 2

The third use case is where the applications' web, app, and data layers reside in various on-prem data centers, the CNE, and the public cloud. A GLB solution would allow connectivity to the applications an organization needs to consume based on location awareness and load on a site.

WWT multicloud single policy infrastructure - Use Case 3

The last solution is using the ACI Mini, or the remote leaf option, of the ACI Anywhere solution to stand up a small data center for remote centers of operations. Using MSO, this temporary remote site could be used quickly and valuable in an environment such as a temporary medical site. 

WWT multicloud single policy infrastructure - Use Case 4

Want to try ACI?

At WWT, we are dedicated to helping our customers pivot and help with being very agile in building out connectivity to various multi-cloud environments. We offer training, demonstrations, and workshops to help our customers in these uncharted waters. 

Our labs are on-demand, include easy-to-follow step-by-step instructions, and there is no charge to use them. Learn about a few of our ACI offerings: Cisco ACI Basics and Deploying an ACI Multisite Fabric Module 1 of 4.

Please get in touch with your WWT account team for any further information on these solutions or contact us directly.