Brkarc 3001

Cisco Integrated Services Router G2
Architectural Overview and Use Cases

BRKARC-3001
Matt Bolick Technical Marketing Engineer

Stefan Mansson Technical Marketing Engineer
Agenda
Branch Routers in 90+ Minutes
Mega-Trends in Branch Environments
Next Generation Enterprise WAN
ISR G2 Portfolio Overview
Geeky ISR G2 Architecture
Cisco Cloud Intelligent Network
Application Hosting
Cloud Connectors
Integrated Application Awareness
Application Visibility and Control
Cisco WAAS
OnePK
BRKARC-3001 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Changing Business Environment
Video and Cloud and Mobility and
Collaboration Virtualization Wireless
Collaboration Enthusiasts 40% of Customers Are Planning Seven Billion New Wireless
Use an Average of 22 Tools to to Move to Cloud Devices by 2015
Connect with Colleagues
Cloud Computing Services 50% of Enterprises Surveyed
45% Employed Millennials to Grow Dramatically Allow Personal Devices
Use Social Networking Sites ($44.2 Billion) by 2013 Use for Work
IoE Trends: The Only Constant Is Change
Cisco ISR 4451-X Prepare IT for Business Impact
Technology Transitions
Mobility / Video Cloud New Breed of Apps Internet of Things Big Data and Analytics
CHANGING ROLE OF IT
Growth Security
New User Experience
and Productivity Globalization and Regulatory
Business Models and Expectations
Opportunities Compliance
BRKARC-3001
Business Implications
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Next-Generation Enterprise WAN
Regional WAN Solution
Meet IT Challenges with Cisco
Secure and Scalable Simplified Operation and
Rich Network Services
WAN Architecture Implementation
Secure to access Hardened Multiservicevoice, video, data Reduced complexity with

from attacks Multiuseany device or app integrated management
Scales to 1000s of sites globally Intelligent network services Application visibilityproactive
Pre-validated designs utilizing for optimal user experience optimization and troubleshooting
Cisco best practices
An Architecture Blueprint to Transform Enterprise WAN to

Support Changing Business Environments and Applications
High Level Topology
Application Performance
Multimedia
Mobility Inter
Connect
Inter
Connect
West East
Security Region Region
WAN Core
IPv4/v6
Cloud
Management
South Region
Remote Remote
Seamless Branch
Regional
Branch
Consistent
WAN Metro
Any-to-Any Interconnect
Security
Services Internet Data Center
Public
Cloud
Hybrid
Private
Cloud
Efficient Use
of Resources
Cloud Service
Provider
Local Campus Data Center
Services
Voice, Video, Etc.
Headquarters /
Datacenter
Regional WAN Branch Profiles
Ultra High-end
Flexible Deployment Options for Branch
Very high BWup to
High-end Branch
Different Service Requirements 1Gb
Performance and Availability
Migration from DS3 to Software and hardware

FastEthernet
Standard Branch redundancy
Dual SP MPLS Same profile as
Most common
deployment Redundant router High-end Branch
Migration from Serial Application Services are provided
to Ethernet performance by dedicated appliance
Mobile Branch
SP MPLS with Internet 5-9s availability
3G/4G or Satellite Deliver HD video
Remote Campus
as backup
WAAS Express to boost
Application
application performance performance Financial Branch,
Branch mobility 4-9s availability Med/Large Branch Office
Deliver video over 4G* Deliver SD video
Retail Banking, Kiosk, Typical Branch

Vehicles, Cruises Office
Intern
3G/4G MPLS et
MPLS MPLS MPLS MPLS
Satellit
e
ISR G2 ISR G2 ISR G2 ISR G2
ASR1K ASR1K
BRKARC-3001 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
For more information.
BRKARC-2091 - Next Generation Enterprise WAN - Branch & Head-End

Tuesday, Jun 25, 8:00 AM - 9:30 AM or Cisco Live 365
This breakout session discusses the disrupting networking trends that are changing
the Enterprise landscape, scope of these changes include the areas of network
security, service delivery , application performance optimization and cloud access in
tomorrow's borderless networks. Borderless Networks is an architectural approach to
networking that can automate business and network processes driving down
operational cost, thus allowing IT to scale. Cisco ISR G2 and ASR 1000 platforms
offer the best in class service richness and flexibility that is needed to deliver the
promise of borderless networks and allow users to turn on services on-demand. This
session discusses the end to end WAN architectures that include both branch and
head-end solutions.
Introducing the new ISR 4451-X
Redefining Branch Routing
Unprecedented Performance and Service Scalability with IT Simplicity
Appliance-level Simplified Service

Services Performance Integration
1-2 Gbps Performance Ease of L2-L7 Service Deployment
Separate Services Planes for Continuity Native, Full-featured WAN Optimization
Pay-As-You-Grow Model Security with Application Visibility
No Disruptions or Truck Rolls Application Service Assurance
Cisco ISR 4451-X

The Ultimate ISR with Application Experience
Cisco Branch Platform Portfolio
ASR1002-X
10Gb (5G36G)
Forwarding Performance with Services
5Gb ASR1001
(2.5G5G)
2Gb
ISR 4451-X
(2 RU, 1G2G)
1Gb
500Mb 3900(E)
(3RU, 100M350M)
350Mb 2900
(2RU, 35M75M)
75Mb
Integrated Services Router Portfolio
3900E Series
3900 Series
4451-X
Interface Density
2951
2921
2911
2901
1900 Series
800 Series Forwarding with Services

25Mbps 35Mbps 50Mbps 75Mbps 100Mbps 250Mbps 350Mbps 500Mbps 2Gbps
ISR 4451-X Typical Deployment
High-End Branch
Interconnect
1-2Gbps with Rich Branch Services
Consistent Operations, Monitoring, and
Troubleshooting Redundant,
Scalable
Optimized Application Performance ASR 1000 ASR 1000 Head End
Embedded, Full-Featured
Appliance-like Services SP A SP B
MPLS MPLS
Pervasive, Scalable
End-to-End Security
Integrated Application Hosting High-End
Branch
ASIC-like Consistent Performance ISR 4451-X ISR 4451-X
ISR 4451-X Typical Deployment
Regional Branch Aggregation
Interconnect
Low-Scale Branch Aggregation
Consistent Features and
Management Campus or
Regional
Optimized Application Performance ISR 4451-X Head-End
Internet
Embedded WAAS and AppNav for
Scalable WAN Optimization Regional
Aggregation
Scalable VPN Aggregation
Performance-on-Demand Regional
ISR G2 ISR G2 ISR G2 Branches
ASIC-like Consistent Performance and Users
ISR 4451-X IO Design
Management Interface Front Panel GE Network Interface Modules (NIM) Optional Drive NIM for
Connects control plane directly 4 RJ45/SFP GE Interfaces Larger & more powerful than EHWICs Embedded Applications
to a management network. PoE available on 2 Interfaces Up to 8 ports per module RAID 1 for data protection
DSPs directly on modules Single HD (future) &
Dual SSD Options
USB Connections
2 x Type A for file storage and Enhanced Service Modules
charging your cell phone Compatible with ISR G2
USB Type B Console in addition Up to 10Gb connection to system
to RJ45 Console and Aux ports Faster & more powerful than SMs
4G LTE with Cisco 812 controlled from 4451-X
Cisco 812 with built-in 4G/LTE

and 802.11n located where
coverage is best
Standard cat5 cable provides

power, data, configuration &
management*
Branch Router buried in

* Configuration & basement or closet with
Management functions poor wireless coverage
are a roadmap feature.
ISR 4451-X Architecture
IOSd
Control Plane
ISR-WAAS Future Cisco Embedded Network Services
Linux OS
Common API (onePK)
Platform Specific Data Plane AppNav AVC
onePK onePK
Internal Services
External Services
Blade (UCS E-
Blade (UCS)
Series)
For more information.
BRKARC-2016 - Integrating Services in the Branch Without Compromise

Tuesday, Jun 25, 8:00 AM - 9:30 AM
Wednesday, Jun 26, 8:00 AM - 9:30 AM
or Cisco Live 365
Here is where you'll learn all the technical details about a new router and how it fits in
with the rest of the ISR portfolio from Cisco. You'll learn the way this new multi-core IOS
XE architecture forwards packets and how the services virtualization layer allow you to
run integrated services, such as WAAS, within the router just like they're on an
appliance. You'll become the expert on this new flagship of the ISR portfolio and know
more about the technology under the hood than anyone else you know.
ISR G2 Portfolio
ISR G2 Portfolio
3945E
High-End Branch
Line Rate
N x FE 3925E
WAN Access Speed With Services
3945
Line Rate Standard Branch 3925

FE +
2951
2921
Server Virtualization
VDSL2+/Sub-rate
2911
FE
Mobile Branch 2901 Voice and Video Collaboration
in the Branch Cloud
EFM
SubrateFE
Secure Remote Cloud Access, WAN
1921 1941
Acceleration and Smart Install
800
10 Mb 15 Mb 25 Mb 35 Mb 50 Mb 75 Mb 100 Mb 150 Mb 250 Mb 350 Mb

Recommended Positioning with Services
Ingegrated Services Router Generation 2
Under the Covers
Services Performance Multi-core Multi Gigabit Fabric NG DSP Modules
Engine (3900) Network Processor Module to module Video ready DSP modules
Upgradeable engines 5x- 7x performance communications 4x increase in audio conferencing
SPE-200 & SPE-250 increase Packet prioritization and transcoding
and shaping Configurable power savings modes
EHWIC GE Ports
2x performance 4 on 3900E
increase 3 on 2911+
HWIC/WIC/VWIC/VIC SFP slots on 2921
support natively and above
EPoE capable
Service Modules Internal Services Module USB

3x-7x increase in service module 3x increase in service Console over USB
performance module performance Convenience storage
Existing NM support through adapter Configurable power savings mode Security credentials
EPoE capable Not available on 3900E & 1941W
ISR G2 Models
Cisco 81x/86x/88x/89x
Fixed Platforms for Ethernet, xDSL, 3G interfaces
New 892-F offers 1 SFP port
802.11n Wifi, Integrated Switch w/POE, SRST optio
Machine-2-Machine Models
Cisco 1921/1941/1941W
Modular platform with 2xEHWIC slots
1941/1941W Can support 9-port switch plus WAN interface
1921 provides 1 RU option
Factory 802.11n Wifi on 1941W
Cisco 2901/2911/2921/2951
UC and Video Ready platforms
Increased density on GE and SFP ports, Service Module slots and PVDM3 slots
Performance increase across the line with 2951 at 75Mbps WAN Access
External RPS option on 2911-2951
Cisco 3925/3945/3925E/3945E
Field replaceable Service Performance Engine (SPE) to upgrade performance up to 350 Mbps
Online Insertion and Removal (OIR) support for Service Modules
Support up to 4 Service Module slots
Optional integrated Redundant Power Supply
24
Cisco 800 Series Overview
812 819 860VAE 880 890
Eth WAN 1*GE 1*GE 1*GE 1*FE 1-2 FE or GE

SFP No No No No MD
VDSL2 No No Yes MD MD
ADSL2/2+ No No Yes MD MD
G.SHDSL No No No MD MD
ISDN BRI No No No MD MD
V.92 No No No No MD
WWAN 3G, 3.7G 3G, 3.7G, 4G No 3G, 3.7G No
PSTN FXO or BRI Voice
No No No No
interconnect (MD)
FXS Ports No No No 4 (MD) No
802.11n 2.4 & 5 GHz (MD) 2.4 & 5 GHz (MD) No 2.4 & 5 GHz (MD) 2.4 & 5 GHz (MD)
* MD = Model Dependent
Cisco 800 Series Overview (Cont.)
812 819 860VAE 880 890
Switch Ports 0 4 * FE 4* FE, 0-1*GE (MD) 4 * FE 8 * FE or GE (MD)
VLANs 0 8 5 8 14
Hardware-Based IPsec
Yes Yes No Yes Yes
Encryption
Flash 512 MB 256 or 1024 MB (MD) 56, 64 or 128 MB (MD) 128 or 256 MB (MD) 256M
Flash upgradeable No No No No No
DRAM 512 MB 512 or 1024 MB 256 MB 256 1024 MB (MD)* 256 1024 MB (MD)*
DRAM upgradeable No No No MD* Yes*
Internal PoE Option No No No 2 Ports 4 Ports, MD
USB Ports 0 0 1 (2.0) 1 (1.1) 1-2 (2.0) MD

Adv. Security or Adv. Security or Adv. Security or
IP Base or
IOS Feature Set Adv. IP Services Adv. IP Services Adv. IP Services Adv. IP Services
Adv. Security (MD)
(upgradeable) (upgradeable) (upgradeable)
* The default and max memory varies per model
Whats New?
819 M2M 3G Gateway
812 MiFI (Cellular plus Wifi) 4G LTE HWIC
w/ Wifi & 4G
Compact, Hardened ISR w/ 3G in AP Form Factor Downlink 100 Mbps / Uplink 50

Mbps
802.11 a/b/g/n Dual Radio Portable, Rapid Deployment
Super Low Latency (< 50 ms) -
4G/LTE , GPS, Mobile IP Ready POE Powered (Optional) 5x Lower than 3G
Cisco 897VAMW Series
Memory Desktop chassis with
Flash external power supply
Default: 256 MB One USB 2.0 flash memory
Max: 256 MB or security e-token
DRAM Default Cisco IOS Advanced
Default: 512 MB IP Services feature set
Max: 1G
VDSL2/ADSL2+ Security Cable
Console & AUX Lock
Over POTS
Integrated 2.4 & 5 Port
USB 2.0 Power
GHz Antenna
Port Switch
RJ45/SFP 8-Port 10/100/1000 Reset

FE Managed Switch Power
Combo WAN Button
4 Port PoE Connector
860VAE-W Hardware Target FCS
2H2013
Only Advanced Security Models
Single WAN option Multimode xDSL either/or GE
2 x GE + 3 x FE
FCC and ETSI 2.4 Ghz WiFi Compliance

No Fan design, 9.5x9.5, Sheet Metal, Same 1RU Industrial Design as 860VAE
1 x PoE port on special SKU ( US WiFi )
800 Series Whats Coming?
860VAE-W (Aug 13)
WiFi + Flex VPN + Nano Cube Lead Free RoHS6 compliant Products
Phase1 (Eth+V/ADSL units) 2H2013
NANO CUBE Lightweight CUBE (Aug
Phase 2 ( WLAN+G.SHDSL units )
13) 2H2014
Expands CUBE to 860VAE, 880, 890
Functionally equivalent to their
4G LTE predecessors SKUs....or better.
EHWIC Canada (2HCY2013) Fanless
EHWIC Japan (2HCY2014) 89x all GE LAN/WAN ports
880, 890 & 819 (new chipset) VDSL2 Bonding & Vectoring (Future)
(1HCY2014)
Two-pair VDSL interface (Bonding)
Increasing bandwidth by 100%
IPv6 in Adv Sec, 15.2(4)M
Reducing cross talk (Vectoring)
Previous only in AIS Increasing bandwidth 50% +
Extending range
Smart Install in 8xx, 15.2(4)M
Cisco VPN ISM for ISR G2
Delivering High Performance VPN for Branch Routers
Availability
IOS Requirement: 15.2(1)T1 or later
Supported Platforms: 1941, 2901, 2911, 2921, 2951, 3925, 3945
(Note: Not supported on 1941W, 3925E, 3945E)
Features
Plug and play Internal Service Module (ISM) for VPN acceleration
Hardware encryption support for both IPsec and SSL VPN
Hardware support for IKEv2 and Suite B crypto algorithms
Performance
High IPsec VPN throughput (Up to 1.2Gbps)
Up to 3X throughput and 2X supported IPsec tunnels over onboard crypto engine
For Your
Reference
IPsec Performance & Scale with ISM-VPN
Platform IMIX Throughput IMIX Throughput 1400-Byte Throughput Max Number of

ISM-VPN IOS only Supported Tunnels
1941 140 Mbps 60 Mbps 500 Mbps 500

2901 145 Mbps 60 Mbps 550 Mbps 750
2911 150 Mbps 65 Mbps 600 Mbps 1000
2921 220 Mbps 80 Mbps 700 Mbps 1500
2951 385 Mbps 150 Mbps 900 Mbps 2000
3925 550 Mbps 210 Mbps 1100 Mbps 2500
3945 600 Mbps 245 Mbps 1200 Mbps 3000
Note: Single stream of IPsec traffic with AES encryption is used for the throughput
measurement
Ethernet Switch Module Overview
o Gigabit Ethernet 10/100/1000 o Higher availability, up to 2x when compared to a
standalone switch
o One L2/L3 and one pure L2 family offered
o Designed to promote Borderless Networks
o 16, 24, and 48 ports of GE or FE LAN, Local line-
rate Layer 2/3 switching o Support the same features and configurations in the
branch are in the headquarters
o Same feature set and roadmap as the latest LSBU o Integrates the latest enterprise switch features into
Catalyst 3560-X/2960-S switches* the router
o Integration with the routers Multi Gigabit Fabric o Increased Power Over Ethernet
LAN optimizes traffic between modules, with no
o Enhanced POE (ePOE) Up to
impact on CPU/WAN performance 20 watts per port
o Smart Install o Takes advantage of 2900/3900 increased power
levels offering up to 1040 watts per chassis
o Zero touch Install/Replace/Backup
o Per port autosensing and configuration
o AutoImage, AutoConfig
of power levels
o Treat the ESM like a line-card or a standalone switch
o EnergyWise per port-based and per slot-based
power saving controls
* No CTS PHY Encryption , or POE+ (30w)

Smart Install
Automatically Deploy Switches in the Branch
Director Routers:
ISR/ISRG2 Director only - 15.1(3)T
Switches:
EtherSwitch Client 12.2(52)SE
Client Director - 12.2(55)SE
Zero Touch Installation
Switch Clients
Zero Touch Upgrade
Zero Touch Replacement
Director ISRG2, ISR G1, Catalyst 3xxx series
Catalyst 3750, 3750-E, 3560, 3560-E, 2960,

Mix-and-Match Clients 2975, All NME and SM EtherSwitch modules
Cisco Integrated Customization Services (CICS)
High Volume, Zero Touch deployment solution from Cisco
New Service from Cisco that supports Cisco Integrated Service Router (ISR) G2
Helps customers realize cost savings, increase operational efficiency, and deliver
services faster (time-to-market)
Open to all Cisco customers
Supported on Cisco Commerce Workspace (CCW) only
Cisco Commerce Workspace (CCW) provides a simplified commerce experience that allows partners to configure, price, and quote
products, software and related service, and to submit orders from one screen
http://www.cisco.com/web/go/ccw
http://www.cisco.com/web/services/ordering/downloads/cisco_commerce_workspace_vod.mp4
Zero-Touch, High-Volume Deployment
Integrated with Support all ISR G2

Tiered service
1 Ordering system 2 3 routers
Cisco Integrated Customization Services (CICS)
Q4 CY13
Tiered offering
Platinum
Includes Gold features
Accessories SIM, cables
Summer Documents (multi language)
CY13 Custom labels (multi language)
Gold
Price
Includes Silver features

Scripts
Unlisted IOS / FW version
Modules in specific slots
Silver ConfigMerge
IOS config file
Standard labels
Levels of customization
Packet Flow in an ISR
ISR G2 Architecture
1941 and Above
CPU
HWIC NM
EHWIC MGF SM
ISM PVDM
Gigabit Ethernet
PCI-Express
HWIC DDR
ISR G2 Packet Flow
Normal Layer 3 Routing
CPU
HWIC NM
EHWIC MGF SM
ISM PVDM
Gigabit Ethernet
PCI-Express
HWIC DDR
ISR G2 Packet Flow
Module-To-Module Communication
CPU
HWIC NM
EHWIC MGF SM
ISM PVDM
Gigabit Ethernet
PCI-Express
HWIC DDR
ISR 4451-X Block Diagram
4xSGMII
DRAM
DRAM Control Plane
(1 core) &
4xPCIe Data Plane FPGE
Services Plane (10 cores)
(3 cores)
DRAM
10G XAUI
4xPCIe
System
FPGA
Mgt Eth
2Gbps
Cons/Aux Platform Multi ISC
Controller Gigabit
USB 10G/slot
Hub Fabric
Flash
SM-X
2G/slot
PCIe & SERDES
SM-X
NIM management links
not shown.
ISR 4451-X Packet Flow
4xSGMII
DRAM
DRAM Control Plane 4xPCIe
(1 core) &
Data Plane FPGE
Services Plane (10 cores)
(3 cores)
DRAM
10G XAUI
4xPCIe
System
FPGA
Mgt Eth
1G SGMII
Cons/Aux Platform Multi ISC
Controller Gigabit
USB 10G/slot
Hub Fabric
Flash
SM-X
2G/slot
SM-X
NIM
Multi-Gigabit Fabric Configuration
Most new modules include MGF and legacy links.
Interfaces will appear as two internal connections to the
same module (SM1/0 and SM1/1 for example).
Configuration for the module-side MGF connection is
performed on the router-side 0 connection.
Configuration information is passed to the module on this
interface.
The router-side MGF connection is a layer-2 trunk port
and is not directly configurable.
Layer 3 MGF configuration on the router is handled
with VLAN interfaces.
Note: MGF configuration not available when a
HWIC-ESW is in the system.
Multi-Gigabit Fabric Configuration
Typical Configuration with an SRE Service Module
interface SM1/0
description PCI connection to SRE-900 module in slot 1 CPU
ip address 10.10.20.1 255.255.255.0
service-module ip address 10.10.20.2 255.255.255.0 SM1/0
!Application: SRE-V Running on SMV HWIC NM
service-module ip default-gateway 10.10.20.1 EHWIC MGF SM
service-module mgf ip address 10.1.30.2 255.255.255.0
service-module mgf ip default-gateway 10.1.30.1
SM1/1
! ISM PVDM
interface SM1/1
description MGF connection to SRE-900 module in slot 1
switchport access vlan 1
switchport mode access
! Other switchport commands, such as switchport trunk,
! would be configured here.
!
interface Vlan1
ip address 10.1.30.1 255.255.255.0
!
For Your
Reference
IOS Order of Operations

Input Feature Processing in 15.1(3)T
1. RITE 16. FPM
2. EPC 17. IPSec Decrypt
3. QoS Drop 18. QoS Marking
4. VRF Classify 19. Policing
5. Packet Debug 20. QoS post-crypto
6. Netflow Classify
7. LISP 21. WAAS
8. BGP Policy Map 22. EZVPN
9. QoS Classify 23. Accounting
10. Fragment Assembly 24. NAT Outside
11. LI 25. Policy Routing
12. IPS 26. WCCP
13. Firewall 27. VRF Select
14. ACL 28. BOOTP/DHCP Reply
15. SBC
For Your
Reference
IOS Order of Operations

Output Feature Processing in 15.1(3)T
1. QoS Classification 15. WAAS
2. NAT Inside 16. QoS Marking
3. NHRP 17. Accounting
4. WCCP 18. RSVP
5. NAT Outside 19. Policing
6. BGP Policy Map 20. Netflow
7. IPSec Classify 21. IPSec Encrypt
8. CTS 22. Packet Debug
9. QoS Classification 23. Packet Capture
10. Firewall 24. HW Checks
11. IPS
12. QoS Drop
13. ACL
14. FPM
Cloud Intelligent Network
UCS E-Series
Lean Branch Office Applications
Edge Applications That Defy Centralization
Core Windows Mission Critical Client Management

Services Business Applications Services
DNS and DHCP Servers Point of Sale Server Software Update Service
Microsoft Active Directory Bank Teller Control Point Client Monitoring Service
Windows Print Services Electronic Medical Records Backup and Recovery
Windows File Services Inventory Management Terminal Server Gateway
Others Others Others
Cisco ISR G2 as Blade Server Enclosure
Use Slots on Most Widely Deployed Branch Device
Secure platform with Redundant power Direct blade to Long service life 2x
small attack surface supply options LAN connectivity typical blade system
1, 2, 4 blade 2 and 3 RU
slots options options
All-in-One Device
for Branch Services
Performance Applications
Mobility Collaboration
Connectivity Security
Cisco UCS E-Series Components
Simplifying Lean Branch Office Infrastructure
App App App App Platform for Edge Applications

OS OS
Microsoft Windows Server certified
OS OS
Various Cisco Virtual Appliances also supported
Hypervisor Hypervisor
Server Virtualization
UCS E Series CIMCE UCS E Series VMWare vSphere (ESXi) or other
Hypervisor/Operating System
IOS, MGF Backplane Switch
Dedicated Blade Management
Cisco Integrated Management Controller
Consistent management for UCS family
Multipurpose x86 Blades

Cisco UCS E-Series modules
House up to 4 server blades in ISR G2
Single-device Network Integration

House all devices in ISR G2 chassis
Multi-Gigabit Fabric backplane switch
UCS E Series Single-Wide
Maximum 65 W Power Intel Xeon E3 family
Draw quad-core processor iSCSI Initiator
8 GB , 12 GB 80% Less Than Server Hardware
and 16 GB Offload
DRAM
Options
Lights Out
Configuration
Remote and
and
Schedulable Power
Management
Management
Through CIMC
Two SD cards: one for
the CIMC and
One External and temporary storage of
Two
OS and one for a blank
Internal GE Ports
virtual drive
10/100 Ethernet Up to 2 SATA, SAS or SSD hard
Management Port drives
KVM Console connector USB 2.0 Port for External Device

Connectivity
On board Hardware RAID 0/1
Wire-Free, Plug-and-Play with Hot-Swap Capability
Modularity,
Low Shipping Weight (2.5 lb/1.1 kg)
UCS E Series Double-Wide
Maximum 130 W Power Draw Intel Xeon E5-2400 quad
80% Less Than Server core or six-core processor iSCSI Initiator
8 GB - 48 GB
DRAM Options Hardware Offload
Remote and Lights Out

Schedulable Power Configuration
Management & MGMT
Through
CIMC
Front-panel VGA, 2 USB, and

serial connections
Two SD cards: one for the CIMC and Up to 3 SATA, SAS, SSD hard
temporary storage of OS and one for a blank drives or 2 HDD and a PCIe card
virtual drive
On board hardware RAID 0, 1 and
Two External and Two Internal GE Ports 5C
onfiguration Options with Hot-Swap
with TCP/IP Acceleration Capability
Wire-Free, Plug-and-Play Modularity,
Low Shipping Weight (7 lb / 3.2 kg)
For Your
UCS E Series Specs Reference
UCS-E140D(P)
UCS-E140S UCS-E160D(P)
Intel Xeon (Sandy Bridge)
Intel Xeon (Sandy Bridge)
Processor E5-2428L (2 GHz) / E5-2418L
E3-1105C (1 GHz)
(1.8 GHz)
Core 4 4/6
8 - 16 GB 8 - 48 GB
Memory
DDR3 1333MHz DDR3 1333MHz
Storage 200 GB- 2 TB (2 HDD) 200 GB- 3 TB (3 HDD*)
SATA, SAS, SED, SSD SATA, SAS, SED, SSD
RAID RAID 0 & RAID 1 RAID 0, RAID 1 & RAID 5*
Internal: 2 GE Ports
Network Port Internal: 2 GE Ports External: 2 GE Ports
External: 1 GE Port PCIE Card: 4 GE or 1 10 GE
FCOE
Distributed VDI on UCS E-series
Fully distributed solution VDI and applications resiliency
Best user-experience
DataCenter Compute offloading
Simplified management
Branch Office
DataCenter/Headquarters
WAN WAAS
ISR G2 & UCS E WAAS
Remote Office clients

Cloud Connectors
Cloud Difficulties in the Branch
Wide-Area Constraints Make Branch Users Suffer
IaaS SaaS
App
OS OS
WAN Connection
Cloud
Branch Office
Higher-Latency, Lower- Apps often designed for
Users expect the same
Bandwidth and Less LAN performance
experience as local apps
Reliable than Local Network not WAN constraints
RESULT: Applications under-perform and are less reliable when

delivered across the WAN than when hosted locally.
Cloud Connectors for Better Cloud Applications
Cloud Intelligence in the Branch Improves User Experience
IaaS SaaS
App
OS OS
WAN Connection
Cloud
Branch Office
Higher-Latency, Lower- Apps often designed for
Users expect the same
Bandwidth and Less LAN performance
experience as local apps
Reliable than Local Network not WAN constraints
RESULT: Application experience is improved by incorporating

cloud intelligence into the branch network.
Secure Public Cloud Access with Cisco Cloud Web
Security (ScanSafe)
Protect Internet Edge at Enterprise Branches Key Benefits:
Avoid expensive backhaul of internet and
Internet public cloud traffic through the
HQ HQ/Datacenter
Internet
Single policy portal, easy of deployment and
Web Filtering Web Security
management
Centralized Reporting
Enhanced security for all users
ASR1K
Consistent Policy Control Solution:
WAN
Branch Branch Integrate ScanSafe Connector in ISR G2.
Router redirects Internet Web traffic to
ScanSafe cloud
Content analysis, detect/stop malware
Web usage control administrator can control

access to websites
Integrated Web
Secure VPN Complement the integrated security
Security Security
(ZBF, IPS) on the router
Cloud Storage Connector
Third Party Connector
MSP Admin Portal End-User Virtual Portal

Manage end-user accounts, Users access their own cloud
service provisioning and billing backups and folders, restore and
share files.
MSP Network
Cisco ISR G2 and
UCS E-Series with
Cloud Storage
Gateway
Backup Agent for

Cloud storage is cached
Roaming Laptop
in the branch. Branch
files are backed up to Agent-Less Solution
the cloud. Branch Office
Build Your Own Cloud Connector
Home Brewed Connection to the Cloud
Custom cloud connectors run

in a Virtual Machine within
Connector
Cloud Cloud
Connected
router.
VM
VM
VM
Service
Familiar set of application
onePK deployment and management
UCS Express tools from VMWare.
Cloud
Service
ISR G2 Branch Router Rich network integration and
awareness through
standardized API
onePK Universal API
How We Interact With Routers & Switches Today
CLI
Vast Toolkit SNMP
Monitoring Routing
Familiar HTML
Many knobs XML
Controlled Access
QoS Discovery
APPLICATION
Special Purpose Tools AAA
CDP
Not Vast Enough Syslog Security Interfaces
Gaps
Inconsistencies Routing Protocols
Not programmatic
Netflow Data
Span Plane
Whats Missing from Todays Interactions?
Consistency
Across Rich Actions
Platforms
Monitoring
Routing
Modern Multiple
APPLICATION
Programming Deployment QoS
Languages Models Discovery
Security
Interfaces
Data Plane
Interaction
Data Plane
OnePK Architecture
Application
1) Write An App
C Java Python
APIs APIs APIs
2) App Talks To
Devices Thrift / Sockets
Network Network Network Network

Abstraction Abstraction Abstraction Abstraction
3) Devices Do
IOS IOSd/XE XR NX-OS
Stuff
OnePK Provides Three Deployment Models
Process Hosting Blade Hosting End-Point Hosting
Cisco Network Cisco Network

Container
Operating Operating
System Cisco Network
System
OnePK Operating
Apps System
Blade
Container
OnePK Apps
External
Server
OnePK
Apps
Best For: Best For: Best For:

Powerful RPs Real Time Less Delay Sensitive
Low Latency Data Plane Multi-Element Apps
ISR-AX
Application Visibility and Control (AVC)
Cisco WAAS
Cisco ISR-AXWhats Inside?
Build on the Cisco ISR G2
Application Visibility WAN Optimization Security Hardware for

and Control ISR-AX
NBAR2 Application Acceleration VPN Encryption
QoS TPC Compression SRE or Max DRAM
IOS Firewall
Media Monitoring Data Redundancy Option for UCS-E
WAN Path Selection (PfR) Elimination Intrusion Prevention Series Server
Cloud Web Security Disks for 4451
Operational Simplification and Manageability
Today Network is an IT Blind Spot
Static port classification is no

longer enough
More and More apps are
opaque
Increasing use of Encryption
and Obfuscation
Application consists of
multiple sessions (Video,
Voice, Data)
Application Visibility and Control
IOS PA
App Visibility &
ISR FNF ISR
User Experience Report
ASR1K ISR App BW Transaction
Time ASR1K
ASR1K WebEx 3 Mb 150 ms High
Citrix 10 Mb 500 ms
Med
NFv9
Low
Reporting Tools
Reporting Tool
Deep Packet Inspection Perf. Collection & Exporting Reporting Tool Control
ISR G2 & ASR collect

Use QoS or PfR to
application bandwidth Advanced reporting
DPI engine (NBAR2) control application
and response time tool aggregates and
identifies applications network usage to
metrics, and export to reports application
using L7 signatures improve application
management tool performance
performance
Cisco WAAS
Improve application performance and user experience
WAAS Appliance Virtual WAAS

Application acceleration Application acceleration from
Virtual blades in branch offices Private/Virtual Private Cloud
Scalable platforms for range of VMWare ESX/ESXi and UCS
deployments deployments
Agile, elastic, multi-tenant deployment
vCM: common virtualized management
for physical/virtual WAAS
WAAS Express
Integrated ISR G2
On-demand IOS-based
Bandwidth optimization WAAS Service Ready Engine
Inline IOS features (Security, QoS) Integrated ISR G2
Small footprint, Cost-effective, Single CLI Application Acceleration
Software on-demand provisioning
No fork lift upgrade
Key Benefits with ISR4451-X ISR-WAAS
All in a box simple to

deploy
FULL FEATURED WAAS
ACCELERATOR INSIDE
Native Simple Scalable
Tighter Integration 3 steps to setup Up to 2500 connections

150Mbps optimized WAN
Service aware data within 10 minutes
Embedded AppNav to
plane AppNav
expand w/ vWAAS on
Dedicated Resources
UCS-E or externally
Summary: Cisco ISR G2 and ISR 4451-X
Industrys richest and most innovative integrated services platform
1 Addresses needs of any branch of any size
Industrys only router integrated secure WAN Optimization solution

2 Doubles your bandwidth and gives you a < 1 year ROI
Video-ready architecture to enable a dynamic, adaptable branch network

3 Provides integrated video assessment, monitoring, and troubleshooting
Network integrated security with reliable wired-wireless LAN/WAN services

4 Scalable VPN services with data protection and business continuity
Make your network application and cloud aware

5 Extensive services that tie applications and networks together for the best experience
Other Sessions of Interest
Product Updates:
BRKARC-2016 - Integrating Services in the Branch Without Compromise
BRKAPP-2030 - Application Visibility and Control in Enterprise WAN
BRKAPP-3006 - Advanced Troubleshooting Cisco Wide Area Application Services (WAAS)
BRKARC-2012 - Application Hosting and OnePK Architecture Overview
Network Troubleshooting:
BRKARC-2002 - Network Diagnosis: Prevent Prepare Repair
Enterprise WAN Design:

BRKARC-2091 - Next Generation Enterprise WAN - Branch & Head-End
BRKRST-2041 - WAN Architectures and Design Principles
Complete Your Online Session Evaluation
Give us your feedback and
you could win fabulous prizes.
Winners announced daily.
Receive 20 Cisco Daily Challenge
points for each session evaluation
you complete.
Complete your session evaluation
online now through either the mobile
app or internet kiosk stations.
Maximize your Cisco Live experience with your
free Cisco Live 365 account. Download session
PDFs, view sessions on-demand and participate in
live activities throughout the year. Click the Enter
Cisco Live 365 button in your Cisco Live portal to
log in.

Brkarc 3001

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Brkarc 3001

Încărcat de

Drepturi de autor:

Formate disponibile

Cisco Integrated Services Router G2

Architectural Overview and Use Cases

Matt Bolick Technical Marketing Engineer

Secure to access Hardened Multiservicevoice, video, data Reduced complexity with

An Architecture Blueprint to Transform Enterprise WAN to

Migration from DS3 to Software and hardware

Retail Banking, Kiosk, Typical Branch

BRKARC-2091 - Next Generation Enterprise WAN - Branch & Head-End

Appliance-level Simplified Service

Cisco ISR 4451-X

800 Series Forwarding with Services

Cisco 812 with built-in 4G/LTE

Standard cat5 cable provides

Branch Router buried in

Platform Specific Data Plane AppNav AVC

BRKARC-2016 - Integrating Services in the Branch Without Compromise

Line Rate Standard Branch 3925

10 Mb 15 Mb 25 Mb 35 Mb 50 Mb 75 Mb 100 Mb 150 Mb 250 Mb 350 Mb

Service Modules Internal Services Module USB

Eth WAN 1*GE 1*GE 1*GE 1*FE 1-2 FE or GE

Switch Ports 0 4 * FE 4* FE, 0-1*GE (MD) 4 * FE 8 * FE or GE (MD)

DRAM upgradeable No No No MD* Yes*

Internal PoE Option No No No 2 Ports 4 Ports, MD

USB Ports 0 0 1 (2.0) 1 (1.1) 1-2 (2.0) MD

* The default and max memory varies per model

Compact, Hardened ISR w/ 3G in AP Form Factor Downlink 100 Mbps / Uplink 50

RJ45/SFP 8-Port 10/100/1000 Reset

Only Advanced Security Models

Single WAN option Multimode xDSL either/or GE

FCC and ETSI 2.4 Ghz WiFi Compliance

1 x PoE port on special SKU ( US WiFi )

Supported Platforms: 1941, 2901, 2911, 2921, 2951, 3925, 3945

(Note: Not supported on 1941W, 3925E, 3945E)

Hardware encryption support for both IPsec and SSL VPN

Hardware support for IKEv2 and Suite B crypto algorithms

Up to 3X throughput and 2X supported IPsec tunnels over onboard crypto engine

IPsec Performance & Scale with ISM-VPN

Platform IMIX Throughput IMIX Throughput 1400-Byte Throughput Max Number of

1941 140 Mbps 60 Mbps 500 Mbps 500

* No CTS PHY Encryption , or POE+ (30w)

Zero Touch Installation

Director ISRG2, ISR G1, Catalyst 3xxx series

Catalyst 3750, 3750-E, 3560, 3560-E, 2960,

Zero-Touch, High-Volume Deployment

Integrated with Support all ISR G2

Includes Silver features

IOS Order of Operations

IOS Order of Operations

Core Windows Mission Critical Client Management

App App App App Platform for Edge Applications

Multipurpose x86 Blades

Single-device Network Integration

KVM Console connector USB 2.0 Port for External Device

Remote and Lights Out

Front-panel VGA, 2 USB, and

UCS E Series Specs Reference

RAID RAID 0 & RAID 1 RAID 0, RAID 1 & RAID 5*

Remote Office clients

RESULT: Applications under-perform and are less reliable when

RESULT: Application experience is improved by incorporating

Web usage control administrator can control

MSP Admin Portal End-User Virtual Portal

Backup Agent for

Eth WAN 1GE 1GE 1GE 1FE 1-2 FE or GE

Switch Ports 0 4 * FE 4* FE, 0-1GE (MD) 4 FE 8 * FE or GE (MD)