elevate your branch infrastructure with cisco · pdf filedax chokshi, product manager stefan...
TRANSCRIPT
Elevate Your Branch Infrastructure with Cisco
ISR4000 SeriesDax Chokshi, Product Manager
Stefan Mansson, Technical Marketing Engineer
PSOCRS-2009
• Today’s landscape
• Enterprise Challenges
• New Consumption Model
• ISR 4000 Deep Dive
• Architecture Overview
• Performance
• Modules and Interfaces
• Management Options
Agenda
Today’s Landscape
Next-Gen
Branch Needs
What’s Happening in Your World?
Mobility, Cloud,
Data Center Virtualization
Greater network loads
New traffic patterns
New application types
Reduced cost
Faster time to market
Instant app experiences
Robust security
Fast innovation
80%of employees and
customers are served by
branches. They need a
LAN-like experience
Pressure
on the
Branch
Disruptions Driving Innovation at the BranchCloud, Mobility, and Next-Generation Apps
Are you meeting your business and user expectations?
Application DeliveryPublic, private, hybrid clouds are redefining the data
center
Application Consumption Mobility is redefining network architecture
Next-Generation ApplicationsHD video, immersive web apps, and SaaS are consuming
more bandwidth
What’s Holding You Back?
Likely, some or all of the following:
An inflexible branch network
An overabundance of manual
tasks
A complex collection of
hardware
Slow application performance
Budget and resource limitations
Security risks
What If You Could…
Accelerate Time to Market
Streamline Operations
Enhance User Experiences
Increase IT’s Strategic Role
Quickly open new offices
Roll out apps faster
Run your branch from one
device
Automate manual tasks
Prioritize traffic by apps and
users
Reduce downtime
Enhance customer experience
Increase employee productivity
Run your branch at the speed your business demands?
Cisco ISR 4000 Routers: Designed with Today’s Branches in Mind
Cloud + Mobility + Video = Big Network Loads
Next-Gen Cloud Apps = New Traffic Patterns
Network Virtualization for Business Agility
Local Apps, Analytics, and Business Intelligence
Future-Proof, All-in-One Platform
Introducing the Cisco ISR 4000 FamilyEnabling Branch Services for the 21st Century Network
Delivering the Ultimate Application Experience Over Any Connection
4-10 times faster, at the same price
Deterministic performance with
services
Pay as you grow
Virtualized network function
Revolutionary Architecture Service InnovationCisco® Application Centric
Infrastructure (ACI) for the WAN
Native Layer 2 – 7 services
Converged network, compute,
storage
Simple, scalable WAN path control
Best-of-breed security:
Sourcefire® IDS
Automation, orchestration,
User/app-based policy
Changes without disruption
Built to Enable the Cisco Intelligent WAN
Security and reliability
without compromise
IT agility with
simplified operations
Ease of access to
cloud networking
services
Virtualize WAN over
any transport
Bandwidth costs
optimized
Apps run with LAN-like
performanceIntelligent
WAN
Software Licensing HurdlesContinued Innovation and Virtualization Are Increasing Licensing Complexity
“There are so many license options.
It’s all too complicated.”
“My IT spend is erratic: why am I buying the same
software and licenses over and over again?”
“I would rather have IT spend more time
on business outcomes, not managing
software licenses.”
Current Software Licensing ModelToo Many License Options: Complex and Hard to Track
Device
Features
Meter
Services
Price
1
2
3
4
5
Cisco
Nexus
3K
Cisco
Nexus
5K
Cisco
Nexus
6K
Cisco
Nexus
N7K
N1110-
SUCS
Server
UCS
FI
ISR
1900
ISR
2900
ISR
3900
ISR
4400ASR 1K
Cat
2K
Cat
3K
Cat
4K
AP
(Wire-
less)
Get Price and TCO for Each Component Separately
Data
Center AccessWAN
Pick and Choose SMARTnet® Coverage for Different Hardware and Software Combinations
AP Interface Node Routers Switches Sessions Seats Users Endpoints
N1K
Ad
v.
PI L
ife
cycle
PIA
ssu
r.
DC
NM
DC
NM
-SA
N
LA
N
EL
2
VD
C L
ic.A
dv
VD
C L
ic.
TR
S
MP
LS
FC
oE
SA
N
N7K
-C70
xx
Alg
o B
oo
st
FC
oE
NP
V
Sto
rage P
ort
s
128 C
PU
Lic
.
256 C
PU
Lic
.
CU
BE
CM
E/ S
RS
T
UC
vN
AM
AV
C
SE
C
AE
S/A
IS
Ap
p
Pri
me
Assu
r.
Pri
me
LC
An
yC
on
ne
ct
CW
S
Wirele
ss P
rim
e
CM
X
IPS
/ES
wIP
S
MS
E B
ase
AP
Lic
.
Pri
me
Assu
r.
Pri
me
LC
Pri
me
Ba
se
EW
IP B
ase
Cisco ONE Software Suites
Cisco ONE SoftwareA Simple, Flexible Software Consumption Model
100sA La Carte, Separately Priced Items
Current Model
Licensing Tied to Hardware
Perpetual for the Lifetime of the Box
3x3Software Suites
Offered as a Solution
Software License Portability
Access to Ongoing Innovation
Perpetual, Subscription (Late 2015), and ELA Options
Cisco ONE
Cisco ONE SoftwareIncluded Licenses and Applications by Suite
Note: Infrastructure software (e.g., operating system) is included with each device. These are not sold as a Cisco ONE bundle, but included with the device
Foundation
Advanced Security
Advanced Applications
Cisco ONE for Data Center
Threat Defense for Data Center
Firepower Services for ASA/FP, ASA Security
Context, ASA Security Plus, ASA Botnet Traffic
Filter, CSM, FSMC
Data Center Fabric
SAN Enterprise
Prime DCNM-SAN
VDC
MPLS
FCoE
Enterprise Cloud Suite
PSC
UCSD
UCS Perf Mgmt
VACS (w/ N1KV Adv)
Foundation for Networking
FabricPath
VDC
OTV/LISP
LAN Enterprise
PI Lifecycle
PI Assurance
Prime DCNM-LAN
Energy Mgmt
Foundation for Compute
PSC Foundation
UCSD Foundation
Intercloud Fabric
N1KV Essentials
UCS Perf Mgmt
Foundation
UCS Central
Energy Mgmt
Networking Compute
ASA 5585, FP, FS
Cisco Nexus®
5K, 6K, 7K
X86, UCS
Cisco ONE for Access
Identity Services for Access
ISE Plus
Campus Fabric
IP Services
Full L3, Virtualization (VRF, EVN) IS-IS, WCCP, Multicast
Advanced Mobility Services
CMX
WIPS
Foundation for Switching
IP Base
TrustSec, MediaNet, StubRouting, Converged Access, FNF, WireShark,
VSS, ISSU
PI Lifecycle
PI Assurance
ISE Base
Energy Mgmt
Foundation for Wireless
WLC AP
MSE Base
PI Lifecycle
PI Assurance
ISE Base
Switching Wireless
ISE
Cisco Catalyst®
2K, 3K, 4K, 6K
WLC, AP
Cisco ONE for WANThreat Defense for WAN
Firepower Services for ASA, Security Context, Security Plus, Botnet Traffic
Filter, CSM, FSMC /
Cloud Web Security Essentials
WAN Collaboration
UC LicenseTDM Gateway / CUBE
UC Apps
CME/SRST
Foundation for WAN
SEC License
TrustSec, MACSec, IOS VPN, IOS IPS,
IOS ZBFW, CWS Connector, SSL VPN
APP License
AVC, MPLS, WAAS, FNF, etc
Prime vNAM
PI Lifecycle
PI Assurance
Energy Mgmt
ASA, FS
ISR, ASR
WAN
Products
Suites
Infrastructure and Base OS
Cisco ONE Software Portfolio
1 Advanced Security offers are subscription based only, with controlled availability expected in April 2015
Foundation
Advanced Security1
Advanced Applications
Cisco ONE for Data Center
Threat Defense for Data Center
Data Center Fabric
Enterprise Cloud Suite
Foundation for Networking
Foundation for Compute
Networking Compute
ASA
Cisco Nexus® 3K, 5K,
6K, 7K, 9K
X86, UCS
Cisco ONE for Access
Identity Services for Access
Campus FabricAdvanced Mobility Services
Foundation for Switching
Foundation for Wireless
Switching Wireless
ISE
Cisco Catalyst®
2K, 3K, 4K, 6K
WLC, MSE, AP
Cisco ONE for WAN
Threat Defense for WAN
WAN Collaboration
ASA, Cloud
ISR, ASR
WANInfrastructure and Base OS
Foundation for WAN
Software Support Service (SWSS)
Technical Support, Updates / Upgrades,
License Portability, Access to Ongoing
Innovation
SMARTnet or Smart Net Total Care
Technical Support (Hardware + Operating System), Device Replacement
Bundling Offers More Value Cisco ONE for WAN Example
$380K
0
Hardware
Cisco 2900
Series ISR
Security
Services
Bundle value: Includes Cisco Application Visibility and Management, WAAS, and Cisco Energy Management and Cisco Prime
Basic a-la-Carte Offering
Cisco ONE for WAN
Hardware
Cisco 2900
Series ISR
WAN
Foundation
BOM: 100 Cisco® 2900 Series ISRs (US$2700 each);
100 Security licenses (US$1200 each)
$40K
225K VALUE
Security
Services
WAN App
Services
Energy Management
Prime vNAM
Prime Assurance
Prime LifeCycle
$ 420K
$225K Value
delivered at
$40,000
Current state
ISR
Cisco ONE (perpetual)
5 year
TCO
Product
Services
$4.7
$0.4 $0.4 $0.4
$5K
1
0
2
$0.4
1 4 50 2 3
Product
$4.7
5 yr TCO
= $11.2K
$5K
2
1
0
5 year
TCO
0 2 3 4 51
H/W
Product
$3.2
$0.5
S/W
Product
S/W Support
$4.8
H/W
Product$0.5 $0.5$0.5
SW support
Smartnet
SW Support
SmartNet
5 yr TCO
= $10K
11%
savings
How This Will Work in Practice Example: Branch IWAN for RetailCo with 20K Employees
Services
SmartNet
Migrate existing devices to Cisco ONE Software
Scenarios Offer
Hardware and eligible software1
purchased within last 2 years
Mid-cycle Refresh discounted Price
Hardware but no eligible
software purchased within last 2
years
Mid-cycle Refresh Full Price
Mid-cycle Refresh: Enable Cisco ONE software on top of the existing devices
Benefits:
Ongoing software innovation
Investment protection: License portability at device refresh
1 List of eligible software available in back up slides.
ISR 4000 Deep Dive
Cisco Branch Router Evolution
ISR 4431 & 4300 familyMaking for a complete ISR 4000 familyISR 4451-X
First ISR based on IOS XE. Purpose built for 21st
century branch requirements
ISR G2 family
800, 1900, 2900 &
3900
Taking ISR G1
architecture to the next
level
ISR G1 family
1800, 2800, 3800
The first architecture
custom designed for
integrated services
Cisco 2500
Cisco’s first family of
branch routers for 23
different deployments
Cisco 2600
Superseded 2500.
Considered one of Cisco's
premier products ever.
2014
2013
2009
2004
1998
1993
Not shown here: IGS, 2000, 3000, 700,
1600, 1700, 4000/4500, 3600 & 3700
series routers
All very solid workhorses of their time
RP
Interconn.
Embedded Services Processor(Dataplane)
FECPCrypto Assist
QFP Subsystem
Interconn.
Route Processor
(Controlplane)
ASR 1k & ISR 4k System Architecture See the resemblance ?
SPAAgg.
SPA SPA
Interconn.
IOCPSPAAgg.
SPA SPA
Interconn.
IOCP
IOSd
Serviceplane
Forwarding Processor(Dataplane)
Forwarding CPUs
Route & ServiceProcessor
(Controlplane)
NIMFPGE SM-X
MGF
ASR 1000 ISR 4000
Cisco ISR 4400 Series Architecture
Control Plane (1
core) and Services
Plane (3 cores)
Data Plane (6 or 10
cores)
Multigigabit
Fabric
FPGE
ISC
SM-X
NIMService Plane
(control plane CPU)
KVM - Hypervisor
ISR-WAAS
Service containers
live here
IOSd
Cisco ISR 4400 Packet Flow
DRAM
Mgt Eth
USB
Cons/Aux
Flash
Platform
Controller
Hub
Control Plane
(1 core) and Services
Plane (3 cores)
System
FPGA
Data Plane (6 or 10
cores)
Multigigabit
Fabric
NIM
ISC
SM-X
FPGE
DRAM
4xPCIe
4xPCIe
10G XAUI
4xSGMII
1 Gb SGMII
10 Gb/slot
2 Gb/slot
Cisco ISR 4300 Series Architecture
Service Plane (control plane CPU)
KVM - Hypervisor
ISR-WAAS
IOSd
Service Container
Multigigabit
Fabric
FPGE
ISC
SM-X
NIM
Data Plane Cores
Note:4321 uses 2DP, 1CP & 1SC cores
Pay-As-You-Grow with Cisco ISR 4000 Series
ISR 432150-100 Mbps
ISR 4331100-300 Mbps
ISR 4351 200-400 Mbps
ISR 4431 500-1000 Mbps
ISR 4451 1-2Gbps
Investment Protection Without Oversubscription
4-10X Faster
Add performance and services anytime
Flexible consumption options
Service Integration
World’s Broadest Service Offerings in One BoxSimplified Services Integration
The Ultimate Converged Branch – No More Appliances
WAN
Optimization
Compute
Storage
Path Control
Application
Visibility
Security
UC
Single Application – Run anywhere
Traditional Features
Challenges
Too many services might make code long and slow
Every service in the same code competes for the same resources
Performance for each service can only scale to the max limit of the CPU
Feature
Cisco Network
Operating System
Single Application – Run anywhere
Process Hosting
• Containerized service
• Full services - No need to cherry pick
• Separate cores/entities
• Not competing for the same CPU resource
• onePK TCP based
• Physically agnostic placement of service container
Network
APIs
ContainerCisco Network
Operating
System
Embedded
Network
Services
Container
Cisco Network
Operating
System
Network Services &
Applications
Blade Hosting
Cisco Network
Operating
System
Feature or Application
End-Point Hosting
Application Horsepower
ISR 4000 Performance
RP
Interconn.
Forwarding Processor(Dataplane)
FECPCrypto Assist
QFP Subsystem
Interconn.
Route Processor
(Controlplane)
System Architecture – The secret sauce
SPAAgg.
SPA SPA
Interconn.
IOCPSPAAgg.
SPA SPA
Interconn.
IOCP
IOSd
Serviceplane
Forwarding Processor(Dataplane)
Forwarding CPUs
Route & ServiceProcessor
(Controlplane)
NIMFPGE SM-X
MGF
ASR 1000 ISR 4000
• Up to 10 cores for Data plane operations
• Same distributed architecture as ASR 1k
• Control plane and Data plane operation separated• In ASR 1k: RP programs ESP
• In ISR4k: Control plane (IOSd) cores programs Dataplane cores
• Never have to compete for the same resources
High Branch Router Performance
System Architecture Comparison
High Resiliency to Heavy Service Combinations.
Pay-As-You-Grow performance with Cisco ISR 4000 Series
ISR 432150-100 Mbps
ISR 4331100-300 Mbps
ISR 4351 200-400 Mbps
ISR 4431 500-1000 Mbps
ISR 4451 1-2Gbps
Investment Protection Without Oversubscription
@33%
CPU
@20%
CPU@54%
CPU
@22%
CPU
@53%
CPU@43%
CPU
@65%
CPU
@81%
CPU
@89%
CPU
• Notice that many of the results are at the exact licensed max limit.
• This means router hit shaper before bottoming out
• How much CPU is then left?
ISR 4000 Performance license limit
ISR 4000 Connectivity Options
Connectivity Options
Outside the office Inside the office
Analog Voice• FXS, E/M
• SRST
• CME
Ethernet / Switching
• Routed ports. 4+10GE & 6
port SM-X. 1 & 2 port NIM
• SM 16/24/48 port switch
module
• 4- and 8-port switch NIM
Cisco UCS® E-Series
• 2, 4, 6 and 8-core SM-X
Intel® Xeon® processors
• Up to 3 TB storage and
96 GB DRAM
• 4 core NIM
• T1/E1
• FXO, PRI
• T1/E1, T3/E3,
serial
• ADSL, VDSL,
SHDSL (CY16)
• 3G/4G/LTE built in
• 3G/4G/LTE – By
using external
casing ( 2nd half
2015 )
PSTN
WAN/
Internet
Backup
Converged Branch Infrastructure Server Virtualization with UCS E-Series Server Modules
Server Blades with Storage
Cisco UCS® E140S
• Intel E3 4 core processor
• 8-16 GB x RAM, 2 TB
Cisco® UCS E160D
• Intel E5 6 core processor
• 8-48 GB RAM, 200 GB - 3 TB
Cisco UCS E180D
• Intel E5 8 core processor
• 8-48 GB RAM, 200 GB - 3 TB
Technology ConsolidationRouting
Security
WAN Optimization
Unified Communications
Mobility
Cisco UCS E-Series NCE – NIMSmall form factor, Compact, Multipurpose Blade Housed in ISR 4Ks only– UCS-EN140N
• Use Case
• Ideal for hosting 1-2 cisco network applications and other lightweight applications
• Product Features
Intel® Atom® 4-core processor
Up to 8GB of RAM
Up to 200GB SSD storage
Available on all ISR 4k routers
Cisco Integrated Management controller (Cisco IMC) comes standard for out of band management
Certified for Bare-metal OS like Microsoft 2012 R2 and Redhat Linux and Hypervisors like Vmware
ESXi 5.5 and Microsoft Hyper-V
Available in
Aug 2015
Network Compute EnginesUCS E-Series Portfolio
Sca
lab
ility
Feature Richness
Cisco UCS-E140S
• SKU: UCS-E140S-
M2/K9
• Price: $3,870
• Cores: 4
• RAM: 8-16GB (2
DIMMs)
• HDD: 2 hard-drives,
available in 3 SSD,
SAS and SATA
options
Cisco UCS-E180D
Cisco UCS-E160D
• SKU: UCS-E160D-
M2/K9
• Price: $5,130
• Cores: 6
• RAM: 8-48GB (3
DIMMs)
• HDD: 3 hard-drives,
available in SSD,
SAS and SATA
options
• SKU: UCS-E180D-
M2/K9
• Price: $5,849
• Cores: 8
• RAM: 8-48GB (3
DIMMs)
• HDD: 3 hard-drives,
available in SSD,
SAS and SATA
options
• SKU: UCS-EN120S-
M2/K9
• Price: $3,400
• Cores: 2
• RAM: 4-16GB (2
DIMMs)
• HDD: 2 hard-drives,
available in 2 SAS
and SATA options
Cisco UCS-EN120S
Cisco UCS-EN120E
• SKU: UCS-EN120E
• Price: $1495-$3000
• Cores: 2
• RAM: 4-8GB (1DIMM)
• HDD: up to 200GB SSD
Storage
Available
Now
Servers
ISR 4000 Management Options
Management and Validated Designs Boost Agility
Intelligent WAN App with APIC-EM
Prime™ Infrastructure 2.2 IWAN System Release 2.0
System for Change
• Simple workflow templates
• Automated provisioning
• Business policy-driven deployment
System of Record
• Historical reporting
• Capacity trending
• Troubleshooting workflows
• IWAN workflows and topology
visualization
End-to-End Validated Design
• Secure WAN virtualization
• Intelligent path control
• Application acceleration
Network Deployment
Automation (Day 1)
Ease of Monitoring
(Day 2)
Prescriptive Design
Blueprint
FCS April 2015
CA December 2014
Specialized Management Cloud-Based Management
• Eliminates manual building of WANs
• Automated SD-WAN orchestration
• Centralized hybrid WAN management
• Quick config updates and IOS upgrades
• Leverages onePK and REST APIs
• Integrates with Cisco AVC and PfR
• Monitor and analyze application traffic
• End-to-end flow visualization
• Flow & App-based Troubleshooting
• Fix and Verify in Realtime
Cisco IWAN Management
Automates Deployment
and Lifecycle ManagementApplication Aware Network
Performance Management
On-Prem Management
Prime
Infrastructure
2.2
• Single-pane view of IWAN
• IWAN deployment workflows
• Plug and Play
• DMVPN, QoS, AVC deployment and
monitoring
• PfR v3 in Q1 2015
• License includes IWAN App and APIC-
EM controller!
End-to-End Assurance of Application
Experience
What You Gain
Performance ready for cloud, mobility, and IT
Uncompromised cloud application experience
Fast time to market with IT agility
Ease of management and IT simplicity
Investment protection with lowest TCO
www.cisco.com/go/isr
Learn More
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card.
• Complete your session surveys though the Cisco Live mobile app or your computer on Cisco Live Connect.
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings
• Related sessions
Thank you