Cisco ISR 4000 Series

Cisco ISR 4000 Series

Dax Choksi,

Product Manager, Enterprise Routing, Cisco

Feb 2017

Product Update

Cisco Confidential 2

Cisco Branch Router Evolution

ISR 4431 & 4300 familyMaking a complete ISR 4000 familyISR 4451

First ISR based on IOS XE

ISR G2 family

800, 1900, 2900 &

3900

Taking ISR G1

architecture to the next

level

ISR G1 family

1800, 2800, 3800

The first architecture

custom designed for

integrated services

Cisco 2500

Cisco’s first family of

branch routers for 23

different deployments

Cisco 2600

Superseded 2500.

Considered one of Cisco's

premier products.

2014

2013

2009

2004

1998

1993

Not shown here: 700, 1600, 1700,

4000/4500, 3600 & 3700 series routers


Introducing the Cisco ISR 4000 FamilyEnabling Branch Services for the 21st Century Network

Delivering the Ultimate Application Experience Over Any Connection

4-10 times faster, at the same price

Deterministic performance with

services

Pay as you grow

Virtualized network function

Revolutionary Architecture Service InnovationCisco® Application Centric

Infrastructure (ACI) for the WAN

Native Layer 2 – 7 services

Converged network, compute,

storage

Simple, scalable WAN path control

Best-of-breed security:

Sourcefire® IDS

Automation, orchestration,

User/app-based policy

Changes without disruption


Pay-As-You-Grow with Cisco ISR 4000 Series

ISR 432150-100 Mbps

ISR 4331100-300 Mbps

ISR 4351 200-400 Mbps

ISR 4431 500-1000 Mbps

ISR 4451 1-2 Gbps

Investment Protection Without Oversubscription

4-10X Faster

Add performance and services anytime

Flexible consumption options

ISR 422135-75 Mbps


Modular ISR Migration PathsB

ran

ch

co

ns

oli

da

tio

n

Application services

4431

(1 RU, 500-1000 Mbps)

4351

(2 RU, 200-400 Mbps)

4331

(1 RU, 100-300 Mbps)

4321

(1 RU (Desktop), 50-100 Mbps)

3945E

3925E

3945

3925

2951

2921

2911

2901

1921 1941

4451

(2 RU, 1000-2000 Mbps)

4221

(1 RU (Desktop), 35-75 Mbps)


Cisco ISR 4451

Entity ISR 4451

CPU architecture4 core control/services 10 core data

plane

#NIMs 3

#SMs 2

FPGE Up to 4 GE / 4 SFP (Max = 4)

ISC slot 1 for all ISC cards

USB type A ports 2

Power Dual internal AC or DC

Control/services

memory

Base 4 GB; max 16 GB

1600 MHz DIMMs 2 DIMM slots

Mgmt Ethernet 1 Gbps

1 Gbps or 2 Gbps Performance

Maps to Cisco® 3900E ISR


Cisco ISR 4431

500 Mbps or 1 Gbps Performance

Maps to Cisco® 3900 Series ISR

Entity ISR 4431

CPU architecture4 core control/services

6 core data plane

#NIMs 3

#SMs 0

FPGE Up to 4 RJ45 / 4 SFP (Max = 4 GE)


USB type A ports 2

Power Dual internal AC or DC

Control/services

memory





Cisco ISR 4351

200 Mbps or 400 Mbps Performance

Maps to Cisco® 2951 ISR

Entity ISR 4351

CPU architecture 8-core CPU

#NIMs 3

#SMs 2



USB type A ports 2

Power Single internal AC or DC

Control/services

memory



Mgmt. Ethernet 1 Gbps


Cisco ISR 4331


Maps to Cisco® 2911 or 2921 ISR

Entity ISR 4331


#NIMs 2

#SMs 1



USB type A ports 1

Power 1 internal AC

Control/services

memory





Cisco ISR 4321


Maps to Cisco® 1941 or 2901 ISR

Entity ISR 4321


#NIMs 2

#SMs 0



USB type A ports 1

Power Single external AC

Control/services

memory

Base 4 GB; max 8 GB




Cisco ISR 4221ISR4221/K9


Migrate from Cisco® 1921 or 1941 ISR

Entity ISR 4221


Network Interface

Modules2 (limited NIM support)

Enhanced Service

Modules0

Front-Panel Ethernet 2 GE (1 dual-phy, 1 RJ45 only)

ISC slot 0

USB type A ports 1

Power 1 external AC

Control/services

memory

Fixed 4 GB

3 GB for IOS, 1 GB for SNORT



Cisco 4300 Comparison to 4400: Differences

4400 Family

Benefits

Redundant power

Ability to physically separate control, services,

and data plane CPU sockets

Additional service container capacity through

faster CPUs

Higher throughput for base and performance

licenses

Cisco Confidential 13C97-732576-00 © 2014 Cisco and/or its affiliates. All rights reserved.

ISR 4000 Architecture


Revolutionary Platform ArchitectureArchitected for the Optimal Application Experience

Converged Branch with

UCS® E-SeriesIntegrated compute

Up to 8 cores

4-10 Times Faster Than ISR G2 at similar price

Native L2-7 ServicesSecurity, optimization

Pay as You GrowPerformance and services

Virtualized Services

FrameworkAppliance-level

performance

Service-Aware

Data Plane For efficient traffic handling Cisco ISR

4000

Powering the Intelligent WAN


ASIC-Like Experience with New Services Appliance-Level Performance

Enabling TechnologiesMiercom Testing: Cisco® 4451 ISR

0

0.5

1

1.5

2

4451-X no-perf license

4451-X perf license

Software-only router

Additive features and services

Multicore architecture

Service-aware data plane

Multigigabit fabric

Benefits

Up to 10 times faster performance

Scalability

Layer 7 services

Steady performance curve maintained

with new additive services


Cisco ISR 4000 Family I/O Design

Management Interface

out-of-band control plane

connection directly to a

management network

Front-Panel GE

RJ45/SFP GE Interfaces

PoE+ available on some

models

Network Interface Modules

(NIMs) Larger and more powerful

than EHWICs

Up to 8 ports per module

DSPs directly on modules

Optional Drive NIM for

Embedded Applications RAID 1 for data protection

Single HD (future) and

dual SSD options

USB Connections 2 times type A for file storage

USB type B console in addition to RJ45 console and aux ports

Enhanced Service Modules Compatible with Cisco® ISR G2

Up to 10-Gbps connection to system

Faster and more powerful than SMs


Cisco ISR 4400 Series Architecture

Control Plane (1

core) and services

plane (3 cores)

Data Plane (6 or 10

cores)

Multigigabit

Fabric

FPGE

ISC

SM-X

NIMServices Plane

(Control Plane CPU)

KVM - Hypervisor

ISR-WAAS

Service containers

live here

IOSd



Services Plane (Control Plane CPU)

KVM - Hypervisor

ISR-WAAS

Service Container

IOSd

Multigigabit

Fabric

FPGE

ISC

SM-X

NIM

Data Plane Cores

Note:4321 uses 2DP, 1CP & 1SC cores


Cisco ISR 4400 Packet Flow

DRAM

Mgt Eth

USB

Cons/Aux

Flash

Platform

Controller

Hub

Control Plane

(1 core) and

Services Plane (3

cores)

System

FPGA

Data Plane (6 or

10 cores)

Multigigabit

Fabric

NIM

ISC

SM-X

FPGE

DRAM

4xPCIe

4xPCIe

10G XAUI

4xSGMII

1 Gb SGMII

10 Gb/slot

2 Gb/slot



IOS

SnortFPGE

NIM

Data Plane Cores

1 Gb/slot

Fixed USB

(4GB)

RJ45

Cons

Fixed Flash

(8GB)

Platform

Controller

Hub

System

FPGA


Modules


Connectivity Options

Outside the office Inside the office

Analog Voice FXS

E/M

Ethernet / Switching

EtherSwitch LAN

16 / 24 / 48 ports

4 / 8 port

Ethernet WAN

4 & 6 port GE

10 GE port

1 & 2 port GE

Cisco UCS® E-Series

Up to 8 cores

Intel® Xeon® processor

Up to 3 TB storage and 96 GB DRAM

T1/E1

FXO

BRI Voice

T1/E1, T3/E3,

Serial

ADSL, VDSL

SHDSL (roadmap)

3G / 4G / LTE

PSTN

WAN/

Internet

Mobile


NIM targeted for Terminal Server use

Two NIM versions

NIM-16A and NIM-24A

New serial cable to accommodate both 16 ports and 24 ports SKUs

NIM-16A

2 x 8 port connectors.

NIM-24A

3 x 8 port connectors

NIM-Async IOS Release: XE: 16.4


Cisco ISR 4000 Family Modules (1 of 2)

Category Type Name Available

LANSM-X Ethernet Switches: 16, 24 & 48 ports Yes

NIM Ethernet Switches: 4 & 8 ports Yes

UCS E-SeriesSM-X CPU: 2, 4, 6 & 8 cores Yes

NIM CPU: 4 cores Yes

Voice

NIM T1/E1: 1, 2, 4 & 8 ports Yes

NIM FXS/FXO: 2 & 4 ports. Also, 4FXS+2FXO combo NIM. Yes

NIM E/M & BRI Voice Yes

PVDM PVDM4: 32, 64, 128 & 256 channels Yes

SM-X High-density DSP farm Yes

WAN Ethernet

SM-X 1GE: 4 ports OR 1-port 10GE Yes

SM-X 1GE: 6 ports Yes

NIM 1GE: 1 & 2 ports Yes

WAN 4G / LTE

NIM USA, Canada, Europe, Australia Yes

NIM LATAM / APAC (Incl. Band 28 for Australia and LTE TDD for China/India) Polaris 16.4

ISR G2 -

EHWIC and

800BB

LATAM / APAC (Incl. Band 28 for Australia and LTE TDD for China/India) Polaris 16.4

For YourReference


Cisco ISR 4000 Family Modules (2 of 2)

Category Type Name Available

WAN T3/E3 SM-X T3/E3: 1-port Yes

WAN T1/E1NIM T1/E1: 1 & 2 ports Yes

NIM T1/E1: 8 ports Yes

WAN xDSL NIM Multi-mode VDSL2 / ADSL Annex A, B & M Yes

WAN SerialNIM Synchronous Serial: 1, 2 & 4 ports Yes

NIM Asynchronous Serial: 16 & 24 ports + new cable for 24 port version Sep 2017

StorageNIM Dual SSD carrier. Each SSD may be 200G or 400G. Yes

mSATA 200G SSD Yes

NIM Adaptor SM-X Converts SM-X slot to 1 NIM slot Yes

NIM-ISDN BRI-Data

In progress

NIM-G.SHDSL

In progress.

For YourReference


UCS E-Series Updates


UCS E-Series Service Module RoadmapS

ca

lab

ility

Performance

UCS-E160D

6-core, 2.0 GHz,

96 GB RAM

UCS-E180D

8-core, 1.8 GHz,

96 GB RAM

UCS-E160S

6-core, 2.0 GHz,

32 GB RAM

UCS-E140S

4-core, 1.8 GHz,

16 GB RAM

Shipping Roadmap


UCS-E160S-M3/K96-core, 32 GB, 2 Disks

Up to 32 GB DRAM

options

Up to 4TB SATA Storage

Upgraded LSI controller for higher

performance

Dual External 10G USB 3.0 port for external device

connectivity

6-core, Intel Broadwell, 2.0 GHz

Dual EMMC Storage with

RAID

Available


Note: Dates subject to change. AEOS = Announced End of Sale

UCS-E Service Modules - Storage Options

Type Size UCS-E Models Availability

SATA 500 GB 120S only Now

SATA 1 TB All Now

SATA 2 TB M2 & M3 only April 2016

SAS-SED 600 GB All Now

SAS 900 GB All Now

SAS-SED 1.2 TB M2 & M3 only May 2016

SAS 1.8 TB M2 only Now

SSD 200 GB M1 & M2 only AEOS

SSD 200 GB M1 & M2 only Now

SSD 400 GB M1 & M2 only Now

SSD 480 GB M2 & M3 only April 2016

SSD 960 GB M2 & M3 only April 2016


Service Integration


World’s Broadest Service Offerings in One BoxSimplified Services Integration

The Ultimate Converged Branch – No More Appliances

Native, Full Featured

Security, AVC, WAN Opt, UC

Ease of Service Deployment

– No Truck Rolls

Network, Compute,

and Storage

SecurityCompute Storage

WAN Opt Path Control App Visibility UC


Service Virtualization for Networking

VM 1 VM 2 VM 3WAAS Energywise Future App

Service Containers

Dedicated virtualized compute

resources

CPU, disk, memory

for each service

Easily repurpose resources

Industry-standard hypervisor

Benefits

Better performing network services

Ease of deployment with zero

footprint; no truck roll

Greater security through fault isolation

High reliability

Flexibility to upgrade network services

independent of router IOS® Software

Cisco Confidential 33© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Enable Advanced Threat Protection Across BranchesSecurity Services

HIGH

PERFORMANCE VPN

ADVANCED THREAT

DEFENSECLOUD WEB

SECURITY

CONSISTENT POLICY

ENFORCEMENT

DMVPN, GET VPN,

Flex VPN

• Up to 1.3 Gbps encryption

• Advanced encryption (Suite B)

• Integrated crypo without additional hardware

ZB Firewall,

Sourcefire IDS

• Industry leading network intrusion detection

• Soucefire IDS Integrated on UCS E-Series

CWS

with AMP

• Real-time web filtering with AVC

• Threat analytics for full continuum: Before, During, After

TrustSec with

Identity Service

Engine• Single Source for

Policy Rules

• Context Aware

• 80% reduction in rules and policy

VPN


NETWORK

VISIBILITY

Make the WAN Behave Like the LANApplication Optimization Services

WAN

PATH CONTROLAPPLICATION

ACCELERATION

INTELLIGENT

CACHING

Application Visibility

and Control

• Probe-less deployment

• Wired/Wireless view of 1000+ apps

• Rapid root cause analysis

Performance

Routing V3

• 2X WAN bandwidth

• Maintain App Continuity

• Lower bandwidth costs

Wide Area Application

Service (WAAS)

• 50–70% bandwidth reduction

• 2x VDI Sessions

• Faster document processing

Akamai

Connect

• High quality Digital Experience

• Address Last Mile BW Congestion

• WAN Offload

ISR-AX


High Quality Voice/Video Services at the BranchUnified Communications Services

Higher performance

• Prioritize multiple services

simultaneously without

compromise

Easier upgrades and

maintenance

• Simplified infrastructure –

DSPs built into UC cards

Implemented Road mapped

TDM Gateway

• T1/E1 Modules

• BRI & E/M

Cisco SRST

(E-SRST Roadmap) DSP Media Services

• Conferencing

• Transcoding

All protocols: SIP, H.323, MGCP, SCCP, etc.

Cisco Unified CME

Analog Gateway

• FXO, FXS

Cisco Unified Border Element (CUBE)

LMR


ISR 4KOpen Services Containers


What is a Service Container?

Service Containers use virtualization technology

(LXC and KVM) to provide a hosting environment

on Cisco routers/switches for applications which

may be developed and released independent of

platform release cycles.

Virtualized environment on a cisco device.

Use Case Cisco Virtual Services:

• Lightweight Application Hosting

• Example: ISR-WAAS ( KVM )

• Example: SNORT ( LXC )

Use Case Third Party Services:

• KVM Hosted Applications

Container

Network OS

Virtual Service

OS Release: XE: 16.3 onwards


Common Service Container Use Cases

General purpose virtual machine with custom and open-source troubleshooting tools.

(Wireshark, Speedtest, IXIA etc.)

Troubleshooting VM

Common network functions such as Print Server, Domain Controller, File Storage, etc.

Network Functions

Network Analysis and Application Performance Monitoring without a dedicated probe.

Analytics

Augment the capabilities of the host platform in some way. (Custom encryption, business-

based routing, specialized API interface)

Device Customization


Software and Management


Cisco 4000 SeriesPackaging and License Model

Security Application Experience Unified Collaboration

IP Base

Pe

rfo

rma

nce

CM

E/S

RS

T

CU

BE

Hig

h S

ecu

rity

Thank you.

Technology

Cisco ISR 4000 Series