Upload
doanh
View
251
Download
6
Embed Size (px)
Citation preview
Cisco Integrated Services Router
Architectural Overview and Use Cases
Matt Bolick – Technical Marketing Engineer
• How an ISR is born.
• ISR Portfolio Update – ISR G2 & 800 Series
• ISR Portfolio Update – ISR 4000 Series
• ISR 4K Architecture
• Integrated Compute Options
• Open Service Containers
• Cisco UCS E-Series: The Server in your router.
• Modules!
• ISR G2 / ISR 4K Comparison
Agenda
3
How an ISR is born
4
Cisco Branch Router Evolution
ISR 4431 & 4300 familyMaking for a complete ISR 4000 familyISR 4451-X
First ISR based on IOS XE
ISR G2 family
800, 1900, 2900 &
3900
Taking the ISR
concept to the next
level
ISR G1 family
1800, 2800, 3800
The first architecture
custom designed for
integrated services
Cisco 2500
Cisco’s first family of
branch routers for 23
different deployments
Cisco 2600
Superseded 2500.
Considered one of Cisco's
premier products.
2014
2013
2009
2004
1998
1993
Not shown here: 700, 1600, 1700,
4000/4500, 3600 & 3700 series routers
PrivateCloud
Intelligent WAN: Leveraging the InternetSecure WAN Transport and Internet Access
Hybrid WAN
Transport
IPsec Secure
• Secure WAN transport for private and virtual private cloud access
• Leverage local Internet path for public cloud and Internet access
• Increased WAN transport capacity; and cost effectively!
• Improve application performance (right flows to right places)
Branch
VirtualPrivateCloud
PublicCloud
MPLS (IP-VPN)
InternetDirect Internet
Access
Intelligent WAN Solution Components
Internet
Branch
WAAS PfR
3G/4G-LTE
AVC
MPLS
PrivateCloud
VirtualPrivateCloud
PublicCloud
Application
Optimization
• Application monitoring with Application Visibility and Control (AVC)
• Application Accelerationand bandwidth savingswith WAAS
Secure
Connectivity
• Certified strong encryption
• Comprehensive threat defense with ASA and IOS Firewall/IPS
• Cloud Web Security (CWS) for scalable secure direct Internet access
Intelligent
Path Control
• Application best path based on delay, loss, jitter, path preference
• Load Balancing for full utilization of all bandwidth
• Improved network availability
• Performance Routing (PfR)
Transport
Independent
• Consistent operational model
• Simple Provider migrations
• Scalable and Modular design
• DMVPN IPsec overlay design
High-End Branch
Standard Branch
Mobile Branch
ISR G2 PortfolioW
AN
Access S
peed
Wit
h S
ervic
es
2911
1921 1941
2901
3945
150 Mb100 Mb75 Mb50 Mb35 Mb25 Mb
3945E
3925E
350 Mb
2921
2951
3925
800
15 Mb 250 Mb10 Mb
Recommended Positioning with Services
High-End Branch
Standard Branch
Mobile Branch
ISR 4K PortfolioW
AN
Access S
peed
Wit
h S
ervic
es
4321
500 Mb400 Mb300 Mb200 Mb100 Mb50 Mb 2 Gb
4331
4351
800
25 Mb 1 Gb15 Mb
Recommended Positioning with Services
4451
4431
ISR Portfolio UpdateISR G2
Service Modules 3x-7x increase in service module
performance
Existing NM support through adapter
EPoE capable
Internal Services Module 3x increase in service
module performance
Configurable power savings mode
Not available on 3900E & 1941W
EHWIC 2x performance
increase
HWIC/WIC/VWIC/VIC support natively
EPoE capable
Multi-core Network Processor 5x- 7x performance
increase
Multi Gigabit Fabric Module to module
communications
Packet prioritizationand shaping
DSP Modules Video ready DSP modules
4x increase in audio conferencing and transcoding
Configurable power savings modes
GE Ports 4 on 3900E
3 on 2911+
SFP slots on 2921and above
USB Console over USB
Convenience storage
Security credentials
Services Performance Engine (3900) Upgradeable engines
SPE-200 & SPE-250
Under the Covers
Integrated Services Router Generation 2
ISR G2 Architecture1941 and Above
CPU
MGF
HWIC
EHWIC
NM
SM
ISM PVDM
Gigabit Ethernet
PCI-Express
HWIC DDR
ISR G2 ModelsCisco 1921/1941/1941W
•Modular platform with 2xEHWIC slots
•1941/1941W Can support 9-port switch plus WAN interface
•1921 provides 1 RU option
•Factory 802.11n Wifi on 1941W
Cisco 2901/2911/2921/2951
•UC and Video Ready platforms
•Increased density on GE and SFP ports, Service Module slots and PVDM3 slots
•Performance increase across the line with 2951 at 75Mbps WAN Access
•External RPS option on 2911-2951
Cisco 3925/3945/3925E/3945E
•Field replaceable Service Performance Engine (SPE) to upgrade performance up to 350 Mbps
•Online Insertion and Removal (OIR) support for Service Modules
•Support up to 4 Service Module slots
•Optional integrated Redundant Power Supply
No date set.
“The ISR G2 EOS dates are not firm, but likely around Dec-2017, with one year of notice and 5 years of support”
What about End of Sale dates for G2
• Price deltas
• 3945E Base @ 8% premium of 4451 Base
• 3945E AX @ 8% premium of 4451 AX
• 3925E @ 33% premium of 4431, Base as well as AX
ISR G2 vs. ISR 4000 Platform Pricing As of August 8th, 2015
3945E (350 Mbps)$19,500 or $27,000-AX
3RU
3925E (250 Mbps)$16,500 or $24,000-AX
3RU
4451 (1 or 2Gbps)$18,000 to $20,000
AX: $23,000 to $25,000
2RU
4431 (500 or 1000 Mbps)$11,000 to $13,000
$16,000-AX or $18,000-AX
1RU
ISR Portfolio UpdateISR 800 Series
ISR 860s
• Positioned for very small branches with low performance needs
GE Ethernet
VADSL (Annex A or Annex B SKUs)5 Switch Ports
WiFi on some models
(Americas and Europe)
ISR 880s
• Positioned for small branches with medium performance with backup WAN needs
Primary WAN - Choice of Ethernet or VADSL (Annex A or B or M) or G.SHDSL
Backup WAN (option of ISDN or 3G/4G) 4 Switch Ports
PoE OptionalWiFi on some
models
ISR 890s• Positioned for mid-sized branches that need multiple primary and backup WAN options
Multiple Primary WAN Options
2GE or GE & VADSL or GE & G.SHDSL
8 Switch Ports
PoE option on some model
SFP on some models
ISR 809s/810sDesigned for rugged environments.
Ethernet WAN
3G/4G LTE WAN Options
4 Switch Ports
Serial
C891-24X: All-in-One Routing and Switching
Radiator Fins for
passive cooling
Single
Power/Status LED
Console/Aux USB Switched
Ports
Routed
Ports
Status
LED
Internal AC
Power and POE
Modern ISR
Bezel Design
Cisco 829 Industrial Integrated Services Routers
Four 10/100/1000Base-T
30W Shared PoE/PoE+
SFP WAN Port
One RJ-45 RS232 Serial Port
One RJ-45 RS232/RS485 Serial Port
USB Type A port
(not supported at FCS)
6-32 VDC Power Input
Ignition Sense (not supported at FCS)
Cellular AUX WLAN 5GHz
WLAN 2.4 GHz
WLAN 5 GHz GPS WLAN 2.4 GHz
Dimensions:
• 7.7”x11”x1.73” (DxWxH)
• 10.55”x11”x1.73” (DxWxH)
with IP54 cable guard
Temperature: -40C to +60CAccelerometer and Gyroscope
(not supported at FCS)
Cover for expansion slot
Cellular MAINMini USB
Console Dual
SIM
CPU: Intel Atom C2308 Dual-Core
Rangeley @ 1.25 GHz
Memory: 2GB DDR3 (1GB for GuestOS)
Storage: 8GB eMMC flash (2-3 GB for
GuestOS)
Cisco 809 Industrial Integrated Services Routers
Two 10/100/1000Base-T
One RJ-45 RS232 Serial Port
One RJ-45 RS232/RS485 Serial Port
One USB 2.0 Type A port
(not supported at FCS)
9-60 VDC Power Input
Digital Alarm Ports (not supported at FCS)
One USB Type B Port
Cellular MAIN GPS Cellular AUXDimensions:
• 5”x 6.25”x1.25” (DxWxH)
Temperature: -40C to +60C
Accelerometer and Gyroscope
(not supported at FCS)
CPU: Intel Atom C2308 Dual-Core
Rangeley @ 1.25 GHz
Memory: 2GB DDR3 (1GB for GuestOS)
Storage: 8GB eMMC flash (2-3 GB for
GuestOS)
ISR Portfolio UpdateISR 4K
Revolutionary Platform ArchitectureArchitected for the Optimal Application Experience
Converged Branch with
UCS® E-SeriesIntegrated compute
Up to 8 cores
4-10 Times Faster Than ISR G2 at similar price
Native L2-7 ServicesSecurity, optimization
Pay as You GrowPerformance and services
Virtualized Services
FrameworkAppliance-level
performance
Service-Aware
Data Plane For efficient traffic handling
Cisco ISR
4000
Powering the Intelligent WAN
Pay-As-You-Grow with Cisco ISR 4000 Series
ISR 432150-100 Mbps
ISR 4331100-300 Mbps
ISR 4351 200-400 Mbps
ISR 4431 500-1000 Mbps
ISR 4451 1-2 Gbps
Investment Protection Without Oversubscription
4-10X Faster
Add performance and services anytime
Flexible consumption options
Cisco ISR 4451ISR4451-X/K9
Entity ISR 4451
CPU architecture4 core control/services 10 core data
plane
Network Interface
Modules3
Enhanced Service
Modules2
Front-Panel Ethernet 4 GE (all dual-phy RJ45 or SFP)
ISC slot 1 for all ISC cards
USB type A ports 2
Power Dual internal AC or DC
Control/services
memory
Base 4 GB; max 16 GB
1600 MHz DIMMs 2 DIMM slots
Mgmt Ethernet 1 Gbps
1 Gbps or 2 Gbps Performance
Migrate from Cisco® 3900E ISR
For YourReference
Cisco ISR 4431ISR4431/K9
500 Mbps or 1 Gbps Performance
Migrate from Cisco® 3900 Series ISR
Entity ISR 4431
CPU architecture4 core control/services
6 core data plane
Network Interface
Modules3
Enhanced Service
Modules0
Front-Panel Ethernet 4 GE (all dual-phy RJ45 or SFP)
ISC slot 1 for all ISC cards
USB type A ports 2
Power Dual internal AC or DC
Control/services
memory
Base 4 GB; max 16 GB
1600 MHz DIMMs 2 DIMM slots
Mgmt Ethernet 1 Gbps
For YourReference
Cisco ISR 4351ISR4351/K9
200 Mbps or 400 Mbps Performance
Migrate from Cisco® 2951 ISR
Entity ISR 4351
CPU architecture 8-core CPU
Network Interface
Modules3
Enhanced Service
Modules2
Front-Panel Ethernet 3 GE (all dual phy RJ45 or SFP)
ISC slot 1 for all ISC cards
USB type A ports 2
Power Single internal AC or DC
Control/services
memory
Base 4 GB; max 16 GB
1600 MHz DIMMs 2 DIMM slots
Mgmt Ethernet 1 Gbps
For YourReference
Cisco ISR 4331ISR4331/K9
100 Mbps or 300 Mbps Performance
Migrate from Cisco® 2911 or 2921
ISR
Entity ISR 4331
CPU architecture 8-core CPU
Network Interface
Modules2
Enhanced Service
Modules1
Front-Panel Ethernet
1 dual-phy (SFP or RJ45)
1 RJ45 only
1 SFP only (copper SFP supported)
ISC slot 1 for all ISC cards
USB type A ports 1
Power 1 internal AC
Control/services
memory
Base 4 GB; max 16 GB
1333 MHz DIMMs 2 DIMM slots
Mgmt Ethernet 1 Gbps
For YourReference
Cisco ISR 4321ISR4321/K9
50 Mbps or 100 Mbps Performance
Migrate from Cisco® 1941 or 2901
ISR
Entity ISR 4321
CPU architecture 4-core CPU
Network Interface
Modules2
Enhanced Service
Modules0
Front-Panel Ethernet 2 GE (1 dual-phy, 1 RJ45 only)
ISC slot 1 for all ISC cards
USB type A ports 1
Power 1 external AC
Control/services
memory
Base 4 GB; max 12 GB
1333 MHz DIMMs 2 DIMM slots
Mgmt Ethernet 1 Gbps
For YourReference
Buy Only What You Need TodayPay as You Grow, Software License Only, No Truck Rolls
Investment Protection Without Oversubscription
2 Levels of Performance
ISR 4451 1 or 2 Gbps
ISR 4431 500 Mbps - 1 Gbps
ISR 4351 200 Mbps - 400 Mbps
ISR 4331 100 Mbps - 200 Mbps
ISR 4321 50 Mbps - 100 Mbps
Service on Demand
Security (SEC)
Voice (V)
Application Experience (AX)
OR
Cisco® ONE Software Suites
1
2
Cisco ONE SoftwareA Simple, Flexible Software Consumption Model
100sA La Carte, Separately Priced Items
Traditional Model
Licensing Tied to Hardware
Perpetual for the Lifetime of the Box
3x3 Software Suites
Offered as a Solution
Software License Portability
Access to Ongoing Innovation
Perpetual, Subscription, and ELA Options
Cisco ONE
ISR 4K Architecture
Cisco ISR 4000 Family I/O Design
Management Interface
out-of-band control plane
connection directly to a
management network
Front-Panel GE
RJ45/SFP GE Interfaces
PoE+ available on some
models
Network Interface Modules Larger and more powerful than EHWICs
Up to 8 ports per module
DSPs directly on modules
Optional Drive NIM for
Service Containers RAID 1 for data protection
Single HD (future) and
dual SSD options
Embedded SSD option
USB Connections 2 type A for file storage
USB type B console in addition
to RJ45 console and aux ports
Enhanced Service Modules Compatible with Cisco® ISR G2
Up to 10-Gbps connection to system
Faster and more powerful than SMs
Internal Services Card
Internal Expansion
Currently for CUBE DSPs
b
Cisco ISR 4400 Series Architecture
Control Plane (1
core) and Services
Plane (3 cores)
Data Plane (6 or 10
cores)
Multigigabit
Fabric
FPGE
ISC
SM-X
NIMService Plane
(control plane CPU)
KVM - Hypervisor
ISR-WAAS
Service containers
live here
IOS
Cisco ISR 4400 Packet Flow
DRAM
Mgt Eth
USB
Cons/Aux
Flash
Platform
Controller
Hub
Control Plane
(1 core) and Services
Plane (3 cores)
System
FPGA
Data Plane (6 or 10
cores)
Multigigabit
Fabric
NIM
ISC
SM-X
FPGE
DRAM
4xPCIe
4xPCIe
10G XAUI
4xSGMII
1 Gb SGMII
10 Gb/slot
2 Gb/slot
Cisco ISR 4300 Series Architecture
Service Plane (control plane CPU)
KVM - Hypervisor
ISR-WAAS
IOS
Service Container
Multigigabit
Fabric
FPGE
ISC
SM-X
NIM
Data Plane Cores
Note:4321 uses 2DP, 1CP & 1SC cores
ASIC-Like Performance Pay-as-you-Go Performance
Additive features and services
0
0.5
1
1.5
2
4451-X no-perf license
4451-X perf license
Software-Only Router
Application HostingService Containers
The Lean Branch OfficeBalancing IT Efficiency and User Experience
• No local servers
• Full reliance on WAN
• Simplicity, low cost
• No service guarantees
Serverless Branch
Data Center/
Cloud
WAN/Internet
Branch Office
Lean Branch
Data Center/
Cloud
WAN/Internet
Branch Office
• 4-5 local servers
• Full reliance on WAN except for mission-critical applications
• All servers local
• No reliance on WAN
• Complexity, high cost
• Service guarantees
Full-Service Branch
Data Center/
Cloud
WAN/Internet
Branch Office
What is a Service Container?Service Containers use virtualization technology
(LXC and KVM) to provide a hosting environment
on Cisco routers/switches for applications which
may be developed and released independent of
platform release cycles.
Virtualized environment on a cisco device.
Use Case Cisco Virtual Services:
• Work/Appliance Consolidation
• Lightweight Application Hosting
• Example: ISR4451X-WAAS
Use Case Third Party Services:
• Process Hosted Applications
Container
Network OS
Virtual Service
Service Containers
Native Process
•Very Tight Integration
•Best Performance
LXC
•Strict Kernel Requirements
•Good performance with some security
Docker
•Emerging Industry Standard
•Future Support
KVM
•Any OS
•Complete separation
•Linux host OS normally – Type 2 hypervisor
Type 1 Hypervisor
•Service Module Only
•VMWare, HyperV, Zen…
Cisco Service ContainersLinux ContainersOpen Service Containers
Application Hosting Spectrum
Linux OS
KVM/LXC
IOS-XE Software Architecture
IOSd
Control Plane
Cisco Apps (WAAS, Snort)Customer and 3rd Party
Applications
Platform-Specific Data Plane AppNav
Internal Services Blade
(UCS® E-Series)
External Services Blade
(UCS)
Virtual Ethernet
Cisco WAASImprove application performance and user experience
WAAS Express
• Integrated ISR G2
• On-demand IOS-based
• Bandwidth optimization
• Inline IOS features (Security, QoS)
• Small footprint, Cost-effective, Single CLI
Virtual WAAS
• Application acceleration from
Private/Virtual Private Cloud
• VMWare ESX/ESXi and UCS
deployments
• Agile, elastic, multi-tenant deployment
• vCM: common virtualized management
for physical/virtual WAAS
ISR-WAAS on ISR 4K
• Integrated on platform
• Full Feature Parity
• Software on-demand provisioning
• No fork lift upgrade
WAAS Appliance
• Application acceleration
• Virtual blades in branch offices
• Scalable platforms for range of
deployments
Introducing
Product Overview
Open source intrusion prevention system for real-time traffic analysis
Lightweight threat defense for price sensitive customers
Integrated in ISR 4K service container
IPS/IDS functionality with an IOS IPS look and feel
Open Service Container Application Ideas
General purpose virtual machine with custom and open-source troubleshooting tools.
(Wireshark, Speedtest, etc.)
Troubleshooting VM
Common network functions such as Print Server, Domain Controller, File Storage, etc.
Network Functions
Network Analysis and Application Performance Monitoring without a dedicated probe.
Analytics
Augment the capabilities of the host platform in some way. (Custom encryption, business-
based routing, specialized API interface)
Device Customization
STORAGE
POWER & COOLING
SERVER
NETWORK
DATABASE
CLOUD
USER EXPERIENCE
APPLICATION
MONITOR
• Predictive Analytics
• SLA Compliance
• Dashboards &
Reporting
• Intelligent Alerts
VIRTUALIZATION
BIG DATA MAINFRAME
A unified view and architecture to manage
your internal and external infrastructure .
CA Unified Infrastructure ManagementUnified IT Monitoring Providing Broad Coverage
UIM Reference Architecture
KVM
Relay
Hub
KVM
Polling
Robot
ISR 4400/4300
KVM
Relay
Hub
KVM
Polling
Robot
ISR 4400/4300
KVM
Relay
Hub
KVM
Polling
Robot
ISR 4400/4300
Location 1 Location 2 Location 3
Servers
w/RobotsNetwork
Infrastructure
Servers
w/RobotsNetwork
Infrastructure
Servers
w/RobotsNetwork
Infrastructure
UIM CORE
UIM
Portal
UIM
DB
UIM
Primary HUB
Recommended Probe
Technologies included with
ISR UIM OVAs:
• CDM/RSP
• SNMPC
• UCS
• URL Response
• Net Connect
• DNS Response
• XenApp
• e2e appmon
Virtual Image Requirements:
• Relay Hub: 1 CPU – Quad
Core, 8GB Memory.
Redhat/CentOS 6 or 7.
• Polling Robot: 1 CPU –
Quad Core, 8GB Memory.
Redhat/CentOS 6 or 7.
What do I need to add to an ISR4K system?
• Service Containers (currently) REQUIRE additional DRAM beyond the 4GB system default
• Additional DRAM beyond 4GB will be available to a KVM application
• Example: 8GB DRAM will have 4GB available to Service Containers
• Example: 16GB DRAM will have 12GB available to Service Containers
Memory
• No storage is included by default and applications do not have access to bootflash.
• Options include internal MSATA SSD on 4300 Series, NIM-SSD or NIM-HD on all ISR4K.
• Smaller sizes and lower reliability SSD options at lower price will be available in late CY15.
Storage
Note: ASR1K/CSR requirements will be different.
NIM-SSD:
• 1 or 2 hot-swappable 200GB SSD drives
• 100GB and 400GB options in the future
NIM-HD:
• 1 hot-swappable 500GB or 1TB drive
• Available late 2015
SSD-MSATA-200G:
• Doesn’t consume a NIM slot!
• Embedded 200GB SSD storage
• Not available on 4431/4451
Storage Options
More Information Cisco DevNet• Online community for developers
• Direct access to Cisco Engineers and Product Teams
• Repository of how-to guides, best practices and sample code
• This will be the primary source for Service Container information and sample OVAs
• Due to Cisco support requirements, VMs will not be posted to Cisco.com directly.
• Keep an eye out for a Service Container Hackathon with fabulous prizes!
Early Access: http://cs.co/9007BngmL
Links
WAY MORE INFO:What the Heck is a Service Containers? (blog)
http://cs.co/9006BnlDC
An Introduction to Service Containers (Presentation)
http://cs.co/9005BnlD7
Fundamentals of Service Containers (Techwise Video)
http://cs.co/9004BnlDA
Wireshark on the Catalyst 4500
http://cs.co/9002BnlD4
Virtual Service Container Config Guide (NXOS &IOSXE)
http://cs.co/9001BnlDN
Application HostingUCS E-Series
Cisco End-to-End SolutionUCS B-Series, C-Series and E-Series for Data Center and Branch Locations
Cisco UCS B/C Series
Unified compute platform for infrastructure consolidation in the data center and large branch offices. Offers innovative virtualization, memory, provisioning, I/O, and management capabilities.
Cisco UCS E-Series Servers
Residual compute platform with all-in-one device convergence that facilitates centralization of small to mid size branch office
applications into the data center.
Data Center/Cloud
Branch Office
WAN/Internet
Address WAN-induced performance, availability, compliance challenges
Consolidate
Infrastructure
Centralize
Applications
Support User
experience
Location-Suitable Form Factors, Consistent Device Management
Cisco UCS E-Series DC-class Servers
Cisco® UCS E160D
Service module
VMware, Hyper-V,
Citrix certified
Intel E5 6 core processor
vNGIPS, vWLC, vWAAS, virtual
desktops, physical security
Cisco UCS E180D
Service module
VMware, Hyper-V,
Citrix certified
Intel E5 8 core processor
vNGIPS, vWLC, vWAAS, virtual
desktops, physical security, security
applications
Cisco UCS® E140S
Service module
VMware, Hyper-V,
Citrix certified
Intel E3 4 core processor
vNGIPS, vWLC, vWAAS,
physical security
Performance
Scala
bili
ty
Cisco UCS E-Series Single-Wide Blade Compact, Multipurpose Blade Housed in Cisco ISR G2 – UCS-E140S M2
Up to 2 SATA, SAS, or SSD hard drives
Configuration and
management through CIMC
Intel® Xeon® E3 Family quad-core
processor
On-board hardware RAID 0/1 with hot-
swappable capability
One external and two
internal GE ports
USB 2.0 port for external
device connectivity
8, 12, and 16 GB
DRAM options
Maximum 65 W power draw
80 percent less than server
Wire-free, plug-and-play modularity,
low shipping weight (2.5 lb/1.1 kg)
Remote and
schedulable power
management
iSCSI initiator
hardware offload
KVM console connector
10/100 Ethernet
management port
Two SD cards: One for the CIMC
and temporary storage of OS and
one for a blank virtual drive
Cisco UCS E-Series Double-Wide BladeMultipurpose Blade Housed in ISR G2 and ISR 4000 – UCS-E140D/UCS-E160D/UCS-E180D
Up to 3 SATA, SAS, SSD hard drives or 2
HDD and a PCIe card
Out-of-band
configuration and
management through
CIMC
On-board hardware RAID 0, 1,
and 5 configuration options
with hot-swappable capabilityTwo external and two internal GE ports
with TCP/IP acceleration
Front-panel VGA, 2 USB, and serial
console connectors
8 GB - 96 GB
DRAM options
Maximum 130 W power draw,
80 percent less than server
Wire-free, plug-and-play modularity,
low shipping weight (7 lb / 3.2 kg)
Remote and
schedulable power
management
iSCSI initiator
hardware offload
Two SD Cards: one for the CIMC
and temporary storage of OS
and one for a blank virtual drive
Intel Xeon E5-2400 Quad
Core/Six-Core/Eight-Core
Processor
Cisco UCS E-Series Network Compute Engine
Cisco® UCS EN140N
NIM network compute module
Virtualization enabled
Network compute applications -
FirePower, vWAAS
Cisco UCS EN120S
Service module
VMware and
Hyper-V certified
Network compute
applications - FirePower, vWAAS
Cisco UCS® EN120E
Enhanced HWIC
Virtualization enabled
Network compute applications -
FirePower, vWAAS
Performance
Scala
bili
ty
(Supported on ISR-G2 only)
(Supported on ISR4000 only)
Cisco UCS E-Series NCE Double Wide EHWICSmall form factor, Compact, Multipurpose Blade Housed in ISR G2 only
Cisco UCS E-Series NCEs provide excellent performance and value for workloads including the
following:
Core Microsoft Windows services
Lightweight Mission-critical business applications
Client-management services
Cisco Network Applications
PRODUCT FEATURES
Intel® Atom® 2-core processor
Upto 8GB of RAM
Upto 256GB(200GB usable) SSD storage
Cisco Integrated Management controller (Cisco
IMC) comes standard for out of band management
Certified for Bare-metal OS like Microsoft 2012 R2
and Redhat Linux and Hypervisors like Vmware
ESXi 5.5 and Microsoft Hyper-V
Available on all ISR G2 routers starting from ISR 1921
CUSTOMER BENEFITS
All-in-one device integration benefits: Integrates all branch services such as
Networking, compute, storage, network applications and business critical applications in
one box
Blade server form factor benefits – eliminates wires, components and space to reduce
costs, rapidly provision hardware with plug and play modularity
Lower TCO – Savings through lower power consumption, wire-free set up , eliminates
truck roll and savings from a single service contract.
PID Description List
Price
Orderable
UCS-EN120E-54/K9= UCS E-Series NCE DW-EHWIC, 2C
Rangeley, 4GB RAM , 50GB HDD , 2GB SD$1,495
Now
UCS-EN120E-58/K9= UCS E-Series NCE DW-EHWIC, 2C
Rangeley, 8GB RAM , 50GB HDD , 2GB SD
$1,800
Now
UCS-EN120E-108/K9=
UCS E-Series NCE DW-EHWIC, 2C
Rangeley, 8GB RAM , 100GB HDD , 2GB
SD
$2,295
Now
UCS-EN120E-208/K9=
UCS E-Series NCE DW-EHWIC, 2C
Rangeley, 8GB RAM , 200GB HDD , 2GB
SD
$3,000
Now
Cisco UCS E-Series Network Compute EngineCompact, Multipurpose Blade Housed in 4000 Series ISR -Cisco UCS EN140N M2
Up to 8 GB RAM
Intel® Atom
quad-core processor
One 2GB SD card
for CIMC
50, 100, 200 GB mSATA
SSD options
Dedicated
management port
One external Gigabit
Ethernet port/ Two
internal Gigabit
Ethernet ports
KVM console
connectorUSB 2.0 port for
external device
connectivity
Cisco UCS E-Series Servers Support Model
Hardware Support Provided by Cisco
Cisco UCS® E-Series hardware supported under ISR G2 SMARTnet® at no additional cost
Hypervisor and OS supported by hypervisor and OS vendor
ISR
Cisco® UCS E-Series Server Module
Hypervisor
Supported by Cisco SMARTnet
Attached to ISR G2
Supported by OS / hypervisor vendor
Purchased separately
Modules!
ISR G2 Module Compatibility
ISR G2 ISR 4000
EHWIC
ISM
PVDM-3
SM
SM-X
NIM
ISC
PVDM-4
SM-X(not backward-compatible)
SM-X(backward-compatible)
Connectivity Options
Outside the office Inside the office
Analog Voice FXS, E/M
SRST
CME
Ethernet / Switching
SM 16/24/48 port
switch module
Routed port (1 GE / 10
GE) CU/SFP module
NIM 4- and 8-port
switch module
(roadmap)
Cisco UCS® E-Series
2, 4, 6 and 8-core
Intel® Xeon® processors
Up to 3 TB storage and
48 GB DRAM
T1/E1
FXO, PRI
T1/E1, T3/E3,
serial
ADSL, VDSL,
SHDSL (2016)
Async (2016)
3G/4G – By 819
3G/4G built in
PSTN
WAN/
Internet
Backup
• DC Power supply
• 4451 – Available
• 4431 – Available
• 4351 – Available
• 4331 – Not Planned
• 4321 – Not Planned
• 4451 & 4351
• Same DC Power supply
• PWR-4450-DC
ISR 4000 Power supply roadmap
• PoE Power supply
• 4451 - Available
• 4431 - Available
• 4351 - Available
• 4331 - Available
• 4321 - Available
• PoE Module for OnBoard GE – Available
For YourReference
SM-X Ether Switch Modules
L3 and L2 Ether switch modules for ISR G2 and ISR 4K
Cisco Trust Sec/MACSec/POE+
L3 SKUs support same licensing capabilities as Catalyst 3560-X: LAN Base, IP Base and IP Services
Module ID Description
SM-X-ES3-16-P 16-port, Gigabit Ethernet, POE+, MACSec PHY, L3 Service Module
SM-X-ES3-24-P 24-port, Gigabit Ethernet, POE+, MACSec PHY, L3 Service Module
SM-X-ES3D-48-P 48-port, Gigabit Ethernet, POE+, MACSec PHY, L3 Double-Wide Service Module
NIM Switch Module: 4/8 LAN Ports Available Summer 2015
Features:
• 4/8 port LAN switch module
• POE+ (30W) available for 8 port module
• 128 bit MACsec support (post-FCS software)
Benefits:
• Small form factor
• Online Insertion and Removal (OIR)
• Configurable from router CLI
Product Number Product Description
NIM-ES2-4=4-port Layer 2 GE Switch Network Interface
Module
NIM-ES2-8=8-port Layer 2 GE Switch Network Interface
Module
NIM-ES2-8-P=8-port POE/POE+ Layer 2 GE Switch Network
Interface Module
Gigabit Ethernet Routed SM-XShipping
• Increased density of GE Ethernet interfaces
• First 10GE port module in ISR family
• All “routed” ports = Feature parity with onboard ports
• All 1GE ports are dual-phy: RJ45 or SFP
• Two options
• 6 port GE
• 4 port GE OR 1 port 10GE• Switchable between 4x1G and 1x10G
6 x 1 GE 4 x 1 GE or 1 x 10 GE
Gigabit Routed NIMNIM-1GE-CU-SFP & NIM-2E-CU-SFP
• 1 & 2 port Routed GE Interfaces
• Same feature capabilities as front-panel GE
• Supported in all ISR4K
• SFP or RJ45 interface with failover
• 256-bit MACSec support (2 port NIM only)
4G LTE NIM for ISR 4000 Series PlatformsAvailable since Summer 2015
Same chipset/features as ISR G2 EHWIC
• NIM-4G-LTE-GA
• NIM-4G-LTE-VZ
• NIM-4G-LTE-ST
• NIM-4G-LTE-NA
Legends:
• GA: Global: Europe and Australia (selected LATAM & APAC Countries / SPs)
• VZ: USA Verizon ST: USA Sprint AT: USA AT&T
• NA: USA & Canada: AT&T, Bell, Telus and Rogers
Next Generation VADSL Network Interface Modules Available Now
NIM-VAB-A, NIM-VAB-M, NIM-VA-B
• High-speed Multimode to ISR 4K series
• Support Bonding and Vectoring on Annex A,
Annex M variants
• Optimized B or J in one SKU
• Targeted for 50/150M service
XR
oa
dm
ap
Availa
ble
Voice Modules
• Digital Voice Cards:
• Available 1, 2, 4 and 8 port Multiflex Trunk Voice Cards (T1/E1)
• Analog Voice Cards:
• Available 2 and 4 FXO or FXS ports
• New: Combo card with 2 FXS ports and 4 FXO ports in the same NIM
• E&M cards:
• 2 and 4 port cards.
• BRI cards:
• 2 and 4 port cards (Voice only). FCS early 2015.
• Adapter SM NIM.
• DSP Farm card with up to 3,000 DSP channels. Available 2015.
• EVM high-capacity cards – VG Series Platforms
What’s new?
No transcoding DSP on the MB all
cards have dedicated DSP on the card
itself
All cards are NIM (not SM). Max # of
NIM slots on 4K
is 3. Can be extended to 5 using the
SMNIM adapter.
For customers who use SIP with
transcoding and/or conferencing,
additional DSP via the DSP Farm card
SM-X Carrier Card for NIM
• Converts an SM slot to chassis equivalent NIM slot
• Supports ONE single-wide or ONE double-wide NIM
• Brings ISR 4K port density closer to ISR-G2.
• Facilitates high-density voice, data & compute solutions
Bla
nk
With N
IM
ISR 4K DSP Resources
• PVDM4 uses the same DSP as the PVDM3
• Physically different form-factor
• Designed to fit on voice NIMs as well as platform ISC slot
• Platform DSP intended for CUBE
• Module DSP intended for transcoding
• Allows DSP resources to grow incrementally with modules
• Look for module+DSP value bundles
PVDM4
NIM-2MFT-T1/E1
High-density DSP-Farm (PVDM) SM-X ModulesISR 4000 Series ISR Only
Expand the motherboard DSP capacity for very high-density voice
deployments.
Use for conferencing, transcoding & media-optimization.
Number in the PID signifies the maximum number of G.711
transcoding sessions.
Conferencing capacity is roughly 2x of transcoding capacity.
Supported codecs -
G.711, G.729A, G.729AB
AMR Narrow-band
G.722, iLBC & iSAC
• Use DSP calculator to determine scale on a specific platform.
Module Options
SM-X-PVDM-500
SM-X-PVDM-1000
SM-X-PVDM-2000
SM-X-PVDM-3000
ISR G2 MigrationConfiguration, Performance, Features & Scale
Modular ISR Migration PathsB
ran
ch
co
ns
oli
da
tio
n
Application services
4451
(2 RU, 1000-2000 Mbps)
4431
(1 RU, 500-1000 Mbps)
4351
(2 RU, 200-400 Mbps)
4331
(1 RU, 100-300 Mbps)
4321
(1 RU (Desktop), 50-100 Mbps)
3945E
3925E
3945
3925
2951
2921
2911
2901
1921 1941
Migration Guide
• At-a-Glance Available Now*
• In-depth Guide Available Soon
* http://www.cisco.com/c/dam/en/us/products/collateral/routers/4000-series-integrated-services-routers-isr/aag_c83-731053.pdf
or at http://www.cisco.com/go/isr4000
Cisco Active Advisor• Free, cloud based service
• Agentless – nothing to download
• It provides customers:
• Security Advisories (PSIRTs)
• End-of-life & End-of-support dates
• Warranty & service contract status
• Personalized device health score*
• Assistance in IOS migration**
• Accessible at:www.CiscoActiveAdvisor.com
* Roadmap; For Cisco Wireless Controllers
**Available soon for ISR Routers
Configuration Convertor: IOS IOS-XE
Download an IOS-XE
configuration for
Target Platform
ASIC-Like Experience with New Services Appliance-Level Performance
Enabling TechnologiesMiercom Testing: Cisco® 4451 ISR
0
0.5
1
1.5
2
4451-X no-perf license
4451-X perf license
Software-only router
Additive features and services
Multicore architecture
Service-aware data plane
Multigigabit fabric
Benefits
Up to 10 times faster performance
Scalability
Layer 7 services
Steady performance curve maintained
with new additive services
ISR 4000 Performance Curve
• ISR 4000 architecture limits throughput to a predifined performance license limit• 4321-100Mbps, 4331-300Mbps, 4351-400Mbps
• 4431-1000Mbps & 4451-2000Mbps
• ISR 4000 allows throughput up to the maximum theoretical licensed limit for many service combinations
• Some services like QoS/HQoS and IPSec show a lower number even though reach licensed limit @ a low CPU load.
@65%
CPU
@33%
CPU
@20%
CPU@54%
CPU
@22%
CPU
@53%
CPU@43%
CPU
@65%
CPU
@81%
CPU
@89%
CPU
• Notice that many of the results are at the exact licensed max limit.
• This means router hit shaper before bottoming out
• How much CPU is then left?
ISR 4000 Performance Curve
IWAN ISR Performance
33.1 38.3 38.352.3 48.71
63.551.72
68.8
117.7140.1
70
158
191
318
528
16.2 21 25.4 31.8 26.8 31.7 35.56 46.14
91.4109.1
52
113137
241
419
0
100
200
300
400
500
600
2921 2921-ISM 2951 2951-ISM 3925 3925-ISM 3945 3945-ISM 3925E 3945E 4321 4331 4351 4431 4451
IWAN-Base IWAN-Adv w/o WAAS
Base Profile: DMVPN+HQoS+Crypto+PfrV3 (Mbps)
Advanced Profile (without WAAS): DMVPN+HQoS+Crypto+PfrV3+NAT (20% HTTP) +ZBFW+AVC (Fine Grain)
IWAN ValueBase Platform Price vs Throughput
• ISR 4K Delivers the performance Enterprise customers need
• ISR 4K Series deliver significantly better value than ISR G2s
• Aggressive bundle pricing on G2s could bring them in line
• Note: Calculations use actual and expected base system pricing. Bundle pricing and required upgrades could change the math.
$0
$100
$200
$300
$400
$500
$600
$700
Pri
ce p
er
Mb
ps o
f P
erf
orm
an
ce
Base Price/Mbs Advanced Price/Mbs
L2/L3 Routing
AAA, ACL, AToM, BFD, BGP, CEF, CoPP, DHCP, DNS,
EIGRP,EEM, EIGRP, Frame Relay, FHRP, Flexible
Netflow, HSRP, HTTP(S), IEEE 802.1Q, IGMP, IP SLA,
IPv6 (Multicast, QoS, IS-IS, BGP, OSPF, RIPng,
Switching), ISIS, L2TPv3,LISP, L2VPN, LLQ, MLPPP,
MPLS (TE, VPN), MLPPP, Mobile IPv6, NAT, NBAR,
NSF, Net Flow, NTP, NHRP, OER, OSPFv3, PIMv6,
PPPoE, PfR, PBR, QoS, RADIUS, RGMP, RSVP, RRI,
SNMPv3, SSH, SCPv2, SSM, TACACs+, VRRP, X.25
Voice
CUBE, CME, SRST, TDM
GW, TCL, MGCP, H323,
SIP, SCCP,E-SRST, RSVP,
CAC, VXML
Security
TrustSec, DMVPN,
TrustSec, MVPN,
DMVPN, GETVPN,
FlexVPN, SSLVPN,
EasyVPN, PKI server,
ZBFW, IPS SNA,
SNAsw
DLSw,
STUN
BSTUN
…
Supported
No Support on IOS XEContact BU for prioritization.
On Roadmap
G2/XE Feature compatibility/Gaps
ISR IPsec Performance
891 1921 1941 2901 2911 2921 2951 3925 3945 3925E 3945E 4321 4331 4351 4431 4451
Encryption Throughput* (Max/IMIX)
75 Mbp
s
51 Mbps
58 Mbps
58 Mbps
64 Mbps
80 Mbps
150 Mbps
212 Mbps
244 Mbps
633 Mbps
800 Mbps
100Mbps
300Mbps
400Mbps
1.0Gbps
1.3 Gbps
ISM-VPN Encryption Throughput* (Max/IMIX)
NA NA170
Mbps170
Mbps170
Mbps215
Mbps395
Mbps715
Mbps715
MbpsNA NA NA NA NA NA NA
Tunnels (no ISM / with ISM)
50 150150 / 500
150 / 700
225 / 1000
900 / 1500
1000 / 2000
1500 / 2500
2000 / 3000
1500 2000 250 1000 1500 2000 4000
* Throughput is unidirectional performance with a single IPSec Tunnel and stateless traffic
For YourReference
Unified Collaboration Scale
CUBE
CME
SRST
2901
100
35
35
100
50
50
2921
400
100
100
2951
600
150
250
3925
800
250
730
3945
950
350
1200
2911
200
50
50
3925E
2100
400
1350
3945E
2500
450
1500
500
100
100
1000
250
750
3000
350
1200
6000
450
2000
4431
4331
4321
(2 RU, 1000-2000 Mbps)
(1 RU, 500-1000 Mbps)
(2 RU, 200-400 Mbps)
(1 RU, 100-300 Mbps)
(1 RU(Desktop), 50-100 Mbps)
4451
4351
For YourReference
AX Bundle
SEC LicenseAX License
Cisco ISR-AX—What’s Inside?Build on the Cisco ISR Foundation
Operational Simplification and Manageability
AVC
• NBAR2
• QoS
• Media Monitoring
• WAN Path Selection (PfR)
WAN Optimization
• Application Acceleration
• TPC Compression
• Data Redundancy Elimination
ISR Hardware
• SRE or Max DRAM
• Option for UCS-E Series Server
• Disks for 4451
Security
• VPN Encryption
• IOS Firewall
• Intrusion Prevention
• Cloud Web Security
Now AXV with
Voice Support!
Why ISR4K?
Business ISR4K Differentiators
Performance for mobile-cloud era
Uncompromised cloud app experience
Faster time to market
Ease of management/troubleshooting
Simplified operations
4-10X faster for same price
Appliance-level performance
Ultra-efficient traffic handling
Common enterprise OS
All-in-one network, compute, storage
No disruptions for network changes
Day 2 network-wide monitoring
Network-wide visibility without probes
Hop-by-hop analysis for root cause
Day 0/1 deployment in minutes
4G-ready for primary WAN access
Performance and services on demand
Best-of-breed threat defense
Secure direct Internet access
High reliability/performance for less
Application acceleration
1
5
4
3
2
Cisco ISR 4000 SeriesPurpose-Built for the Ultimate Branch Application Experience
High Performance IT SimplicityGreater Agility
ISR 4321(50-100 Mbps)
ISR 4331(100-300 Mbps)
ISR 4351 (200-400 Mbps)
ISR 4431 (500-1000 Mbps)
ISR 4451 (1-2Gbps)
For Optimal User Experience
4-10X faster
Virtualized services
For Better Business Outcomes
Revolutionary architecture
Innovative services
Pay as you grow
Drive to Lowest TCO
Automation / programmability
App and user-centric policy
All-in-one box
B C
A
Q & A
Complete Your Online Session Evaluation
Learn online with Cisco Live!
Visit us online after the conference
for full access to session videos and
presentations.
www.CiscoLiveAPAC.com
Give us your feedback and receive a
Cisco 2016 T-Shirt by completing the
Overall Event Survey and 5 Session
Evaluations.– Directly from your mobile device on the Cisco Live
Mobile App
– By visiting the Cisco Live Mobile Site http://showcase.genie-connect.com/ciscolivemelbourne2016/
– Visit any Cisco Live Internet Station located
throughout the venue
T-Shirts can be collected Friday 11 March
at Registration
Thank you