We performed a comparison between Cisco ACI and VMware NSX based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco ACI is a solid, robust solution but can be complex to understand and manage for users not familiar with the Cisco ecosystem. VMware is considered a solution that is easy to learn and manage and offers great security with a distributed firewall. This added security and micro-segmentation make VMware NSX a trusted, complete value-added solution.
"It provides flexibility, so you can install it everywhere."
"This solution allows you to do everything quicker and more efficiently."
"We can implement customer requirements more quickly."
"This product improved the way our company functions by enabling us to establish our goal of moving to a zero-trust model. That's how Cisco ACI helps us the most."
"We get a full holistic view of the ecosystem."
"We had different networks and combined them with ACI so we could have the control of one controller-based network. Also, everything is combined now."
"It is easy to use because you have all the information coming from the same technology."
"The most valuable feature of Cisco ACI is that it is eay to manage. We can automate and it can be scripted. Virtual ACI is very good."
"We like that everything is integrated."
"It is easy to implement it."
"VMware NSX's overlay network is its most valuable feature, as it aligns with any network philosophy and allows for efficient addressing mechanisms. Additionally, the ability to extend the on-premise network into the provider space is beneficial. There are many features provided."
"Though I haven't been working a lot on VMware NSX, it's good to have. What I like the most about it is that its console is good, and it doesn't take a lot of effort in terms of doing my daily tasks on it or what it's meant for. VMware NSX is still a preferred product in the market."
"It operates on a logical level, providing a comprehensive and centralized way to manage your network resources."
"Over the last two years, they've enhanced a lot, especially in regard to integration with OpenStack."
"The migration methods are the most valuable aspect of this solution."
"The ability to scale from different clouds. At the moment, the scalability of the product is the number one thing that I saw."
"The tool's initial deployment is complex and takes five hours to complete."
"We faced some issues while configuring the microsegment."
"It is more about resolving bugs early on in the code. Otherwise, as the product gets more mature and those bugs get discovered sometimes by the customer, then Cisco will resolve them."
"Our problems with Cisco ACI are mainly related to the contracts and how to manage them easily in the platform. Cisco also needs to improve the log files and the complexity of the graphical interface."
"The error messages should be improved. Sometimes we want to remove an error message so we acknowledge an error and we would then like to remove it but there's no real way of doing that. If we need to do it, we need to open a tech case. That could use improvement."
"Quality Assurance could be better, and there are a lot of bugs in each release. We discover these bugs when we upgrade the ACI environment, sometimes resulting in downtime. In the next release, I would like to be able to manage hybrid cloud networking. So currently, if you have an ACI environment running on-premise or Epic in the cloud, we can handle it with the NexSys dashboard. But if Cisco can integrate SD WAN-related features, through which we can do multi-cloud networking, that will be an awesome feature. It should be more flexible."
"Its scalability and reliability capabilities should be enhanced."
"I would like to see more troubleshooting apps."
"One drawback is this solution requires a lot of other products in the VMware ecosystem to have a full end-to-end operation orchestration monitoring. You have to buy a lot of add-ons to fully utilize the functionality."
"It's not feature-rich."
"I think that one of the more important things to see better integrated into the NSX product would be an IDS/IPS type solution."
"The engineering team has room for improvement. They should have have more of a Knowledge Base about different case studies and should develop more advanced features. These kinds of improvements will change the way things get done."
"It needs to be cheaper."
"The solution could benefit from improvements in its pricing and scalability."
"A room for improvement in VMware NSX is that it has some security vulnerabilities, which means my company has to apply the patches every once in a while."
"The solution could improve by having a more streamlined setup."
Cisco ACI is ranked 1st in Network Virtualization with 96 reviews while VMware NSX is ranked 2nd in Network Virtualization with 93 reviews. Cisco ACI is rated 8.0, while VMware NSX is rated 8.0. The top reviewer of Cisco ACI writes "Stable, easy to extend, scalable, and has a host-based routing feature". On the other hand, the top reviewer of VMware NSX writes "Allows for seamless micro-segmentation and the support is exceptional". Cisco ACI is most compared with Cisco Secure Workload, Akamai Guardicore Segmentation, Nuage Networks, Juniper Contrail Networking and HPE SDN, whereas VMware NSX is most compared with Nutanix Flow Network Security, Illumio, Akamai Guardicore Segmentation, Cisco Secure Workload and Cisco DNA Center. See our Cisco ACI vs. VMware NSX report.
See our list of best Network Virtualization vendors and best Cloud and Data Center Security vendors.
We monitor all Network Virtualization reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
There are some very major differences between both the Products and to name a few.
-Cisco ACI have physical network gear (9K Switches) where the Code runs in ACI Policy Mode & the UCS server where APIC software runs.
-VMware NSX doesn't have any physical network gear of its own, VMware NSX software runs on ESXi hosts(Any Vendor) & even NSX Bare Metal Edge runs on any Vendor hardware(check compatibility)
-Cisco ACI offers both Underlay & Overlay functionality
-VMware NSX is a software and it builds an Overlay tunnel for (VM/Container) communication on top of an already established IP network which can be build on hardware network gear (Cisco Legacy/ACI/Juniper etc.)
-Cisco ACI: To use micro-segmentation on a VM or Container level you will need some other Cisco products
-VMware NSX: Micro-segmentation can be done Out of the Box because DFW Distributed Firewall are applied on the vnic of a VM i.e. on the ESXi kernel.
Being different in many manners but they still define the SDN realm with L2-L7 Network services and what you choose over the other may depend on many other factors like what network gear you already have or if its Green or Brownfield deployment. For example if your infra already have something other than Cisco 9K switches and is well configured then it will make more sense to use NSX to make use of all the SDN functionalities. This is just an example not a recommendation.
Once you know your way around the Cisco ecosystem, using Cisco ACI is not so difficult. It is a global product, so when you change one interface, changes are automatically reflected on every switch. Cisco ACI can connect with both virtualized networks and physical networks.
As with many Cisco solutions, Cisco ACI has a steep learning curve. It is not user-friendly and most of our team would like to see a better GUI. It would be great if we could test upgrades in a simulation before implementing; this could save a lot of rework and downtime.
The key component for us with VMware NSX is the distributed firewall. VMware NSX can segment every application and server based on the ports with which they need to communicate. We can activate the ports we need and disable the ones we don’t. This really helps to keep things very secure and makes VMware NSX very flexible.
We would like to see VMware NSX integrate better with other open-source solutions; integration can be very complex leading many to simply choose not to use VMware NSX at all. We found some maximums can be very limiting, especially with very large environments. VMware can only be used with virtualized networks.
Conclusion:
Cisco ACI and VMware have many similar qualities and features. The fundamental difference is that Vmware NSX’s primary focus is on virtualized networks, while Cisco ACI can connect to both virtual and physical networks.
Vmware NSX can provide better levels of granularity and visibility into how your workload performs and functions. Cisco ACI does not provide this.
Because Cisco ACI is more robust and can handle both physical and virtual networks, Cisco ACI might be a more appropriate solution. At the end of the day, it really depends on your organization’s ecosystem and applications, features and utilities needed, and, of course, cost of implementation. You may need one of these solutions or both.