© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cisco Integrated Services Router G2
Architectural Overview and Use CasesBRKARC-3001
2
Matt Bolick ([email protected])
Technical Marketing Engineer
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Agenda
Mega-Trends in Branch Environments
‒ Next Generation Enterprise WAN
ISR G2 Portfolio Overview
Geeky ISR G2 Architecture
Cisco Cloud Intelligent Network
‒ Application Hosting
‒ Cloud Connectors
Integrated Application Awareness
‒ Application Visibility and Control
‒ Cisco WAAS
‒ OnePK
Two Hours of Branch Router Fun!
3
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Changing Business Environment
4
Video and Collaboration
Cloud and Virtualization
Mobility and Wireless
• Seven Billion New Wireless Devices by 2015
• 50% of Enterprises Surveyed Allow Personal DevicesUse for Work
• 40% of Customers Are Planning to Move to Cloud
• Cloud Computing Servicesto Grow Dramatically($44.2 Billion) by 2013
• ―Collaboration Enthusiasts‖ Use an Average of 22 Tools to Connect with Colleagues
• 45% Employed Millennials Use Social Networking Sites
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Borderless Network Architecture
5
Architecture for Agile Delivery of the Borderless Experience
BORDERLESSINFRASTRUCTURE
Application Networking/ Optimization
Switching SecurityRoutingWireless
BORDERLESS NETWORK SYSTEMS
BORDERLESS NETWORK SERVICES
BORDERLESS END-POINT/USER SERVICES Securely, Reliably, Seamlessly: AnyConnect
Mobility:Motion
App Performance: App Velocity
Energy Management:
EnergyWise
Multimedia Optimization:
Medianet
Security:TrustSec
Extended Cloud
ExtendedEdge
UnifiedAccess
POLICY
MANAGEMENT
SMART SERVICES: PROFESSIONAL AND TECHNICALRealize the Value of Borderless Networks Faster
APIs
Next-Generation Enterprise WAN
Regional WAN Solution
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Meet IT Challenges with Cisco
Next Generation Enterprise WAN
7
An Architecture Blueprint to Transform Enterprise WAN toSupport Changing Business Environments and Applications
Secure and ScalableWAN Architecture
Rich Network ServicesSimplified Operation and
Implementation
• Secure to access, hardened
from attacks
• Scales to 1000s of sites and Globally
• Pre-validated designs utilizing
Cisco best practices
• Multiservice—voice, video, data
• Multiuse—any device or app
• Intelligent network services
for optimal user experience
• Reduced complexity with
integrated management
• Application visibility—proactive
optimization and troubleshooting
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Next Generation Enterprise WANHigh Level Topology
8
Management
IPv4/v6
Security
Mobility
Multimedia
Application Performance
Cloud
Local Campus Data Center
Interconnect
Remote Branch
Hybrid Cloud Service
Provider
ServicesVoice, Video, Etc.
Internet
WANPrimary or Back up
South Region
Efficient Useof Resources
SeamlessAny-to-Any
Services
Consistent Security
RegionalWAN
PublicCloud
InterConnect
InterConnect
WestRegion
EastRegionWAN Core
Metro
Remote Branch
Data Center
Private Cloud
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Video Collaboration ChallengeConsistent High Quality Experience Everywhere
Local Campus Data Center
Interconnect
Remote Branch
Hybrid Cloud Service
Provider
ServicesVoice, Video, Etc.
Internet
WANPrimary or Back up
South RegionRemote Branch
Data Center
PublicCloud
Private Cloud
RegionalWAN
InterConnect
InterConnect
WestRegion
EastRegionWAN Core
PfR
Media Trace
SAF
ConsistentQoS
PerformanceMonitoring
Meta Data
Liz
Dan
Bob
Metro
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cloud ChallengeProvisioning Resources Anywhere, Accessing Resources Everywhere
Local Campus Data Center
Interconnect
Remote Branch
ServiceProvider
Internet
WANPrimary or Back up
South RegionRemote Branch
Data Center
InterConnect
InterConnect
WestRegion
EastRegion
Private Cloud
RegionalWAN
PublicCloud
Hybrid Cloud
ServicesVoice, Video, Etc.
High AvailabilityCloud SecurityPath Optimization
Service Levels
• Low Loss
• Low Latency
• High BW
DC Interconnect
• Geo Clustering
• VM Mobility
WAN Core
ERPCloud
Liz
Dan
Bob
Metro
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cloud ChallengeProvisioning Resources Anywhere, Accessing Resources Everywhere
Local Campus Data Center
Interconnect
Remote Branch
ServiceProvider
Internet
WANPrimary or Back up
South RegionRemote Branch
Data Center
InterConnect
InterConnect
WestRegion
EastRegion
Private Cloud
RegionalWAN
PublicCloud
Hybrid Cloud
ServicesVoice, Video, Etc.
High AvailabilityCloud SecurityPath Optimization
Service Levels
• Low Loss
• Low Latency
• High BW
DC Interconnect
• Geo Clustering
• VM Mobility
WAN Core
Liz
Dan
Bob
Metro
ERPCloud
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Mobile and BYOD ChallengeProviding Secure Reliable Seamless Access Everywhere
Local Campus Data Center
Interconnect
Remote Branch
Hybrid Cloud Service
Provider
ServicesVoice, Video, Etc.
Internet
WANPrimary or Back up
South Region
RegionalWAN
Remote Branch
Data Center
PublicCloud
InterConnect
InterConnect
WestRegion
EastRegionWAN Core
Private Cloud
Liz
Dan
Bob
Secure, Seamless, ReliableAccess from anywhere
Application Optimizationand Service Levels
Mobile—iOS, Android, RIM, MS, …VDI—Citrix, VMware, MS, …
Metro
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public 13
Next Generation Enterprise WANDesign Requirements
Modular Design• Each design element is valid alone or with others
• New services can be added without disrupting other services
Standard and High End Options• Standard option offers full functionality and scalability
• High-end option increases scalability and high-availability
Availability and Scalability• Network infrastructure must be able to meet business requirements
• Ability to scale solution up or down to meet customer needs
Flexible Carrier Support• Global deployments cannot rely on offer from single SP
• Maintain service quality across multiple SP clouds
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Regional WAN Branch Profiles
14
ISR G2 ISR G2 ISR G2 ISR G2ASR1KASR1K
MPLS Internet MPLS MPLS MPLS MPLS
Mobile Branch• 3G/4G or Satellite
• WAAS Express to boost
application performance
• Branch mobility
• Deliver video over 4G*
Standard Branch• Most common deployment
• Migration from Serialto Ethernet
• SP MPLS with Internetas backup
• Application performance
• 4-9s availability
• Deliver SD video
High-end Branch• Migration from DS3 to
FastEthernet
• Dual SP MPLS
• Redundant router
• Application performance
• 5-9s availability
• Deliver HD video
Ultra High-end Branch• Very high BW—up to 1Gb
• Software and hardware redundancy
• Same profile asHigh-end Branch
• Services are provided by dedicated appliance
Perf
orm
ance a
nd A
vaila
bili
tyFlexible Deployment Options for Different Service Requirements
3G/4GSatellite
Retail Banking, Kiosk,Vehicles, Cruises Typical Branch Office
Financial Branch, Med/Large Branch Office Remote Campus
14
ISR G2 Portfolio
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
High-End Branch
Standard Branch
Mobile Branch
ISR G2 Portfolio
WA
N A
ccess S
peed
Wit
h S
ervic
es
2911
1921 1941
2901
3945
150 Mb100 Mb75 Mb50 Mb35 Mb25 Mb
EFMSubrateFE
VDSL2+/Sub-rate FE
Line Rate FE +
Line Rate N x FE
3945E
3925E
350 Mb
2921
2951
3925
800
15 Mb 250 Mb10 Mb
Secure Remote Cloud Access, WAN
Acceleration and Smart Install
Voice and Video Collaboration
in the Branch Cloud
Server Virtualization
Recommended Positioning with Services
16
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Service Modules
3x-7x increase in service module performance
Existing NM support through adapter
EPoE capable
Internal Services Module
3x increase in servicemodule performance
Configurable power savings mode
Not available on 3900E & 1941W
EHWIC
2x performance increase
HWIC/WIC/VWIC/VIC support natively
EPoE capable
Multi-core Network Processor
5x- 7x performance increase
Multi Gigabit Fabric
Module to module communications
Packet prioritizationand shaping
NG DSP Modules
Video ready DSP modules
4x increase in audio conferencing and transcoding
Configurable power savings modes
GE Ports
4 on 3900E
3 on 2911+
SFP slots on 2921and above
USB
Console over USB
Convenience storage
Security credentials
Services Performance Engine (3900)
Upgradeable engines
SPE-200 & SPE-250
Under the Covers
Next Generation Integrated Services Routers
17
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
ISR G2 ModelsCisco 81x/86x/88x/89x
• Fixed Platforms for Ethernet, xDSL, 3G interfaces
• New 892-F offers 1 SFP port
• 802.11n Wifi, Integrated Switch w/POE, SRST optio
• Machine-2-Machine Offering
Cisco 1921/1941/1941W
• Modular platform with 2xEHWIC slots
• 1941/1941W Can support 9-port switch plus WAN interface
• 1921 provides 1 RU option
• Factory 802.11n Wifi on 1941W
Cisco 2901/2911/2921/2951
• UC and Video Ready platforms
• Increased density on GE and SFP ports, Service Module slots and PVDM3 slots
• Performance increase across the line with 2951 at 75Mbps WAN Access
• External RPS option on 2911-2951
Cisco 3925/3945/3925E/3945E
• Field replaceable Service Performance Engine (SPE) to upgrade performance up to 350 Mbps
• Online Insertion and Removal (OIR) support for Service Modules
• Support up to 4 Service Module slots
• Optional integrated Redundant Power Supply
• NEBS compliant
18
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cisco 800 Series
Secure Mobility Platform
o Very small offices, Cisco Virtual Office (teleworkers)
o Up to 15 Mbps WAN Access with Security
o Integrated 3G + VDSL on 880 platforms
o Fixed configurations:
Pick your:
1. WAN interface(s)
2. 802.11 Wireless (Y/N)
3. SRST* (Y/N)
4. Backup Interface
890 880G 880 860 860VAE
10/100/1000 WAN Yes Yes *
10/100 WAN Yes Yes Yes Yes *
ADSL2/2+ WAN Yes Yes Yes Yes
VDSL WAN Yes Yes Yes
G.SHDSL WAN Yes Yes
LAN Interfaces8x
10/100
4x
10/100
4x
10/100
4x
10/100
4x
10/100
802.11n (a/b/g/n) Yes
802.11n (b/g/n) Yes Yes Yes
SRST (4 users) Yes Yes *
3G Wireless Yes
* SRST available with 10/100 or G.SHDSL WAN
19
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Availability Now Now Fall 2012 Fall 2012
819 819H 819W 819WH
3G/4G WAN 3G 3G 3G & LTE 3G & LTE
3G Antenna External/Diversity External/DiversityEmbedded &
External/DiversityEmbedded &
External/Diversity
WLAN (a/b/g/n) no no 2.4 or 5.0 GHz 2.4 or 5.0 GHz
Unified Support (Licensed Option) no no yes yes
Wifi Antenna no no External External
Onboard WAN Ports 1 GE 1 GE 1 GE 1 GE
12-in-1 Serial (Licensed Option for Sync WAN)
1 1 1 1
Onboard LAN Ports 4 FE 4 FE 4 FE 4 FE
GPS / SMS yes yes yes yes
IOS (Universal Image) 15.2(1)T 15.2(1)T
Reset to Safe/Golden IOS &
Configyes yes yes yes
Hardened (-20/60C / IP41) no yes no yes
Power Supply External External External External
Dimensions (HxDxW) 178x173x44 mm 178x173x44 mm 178x173x44 mm 178x173x44 mm
ISR 819
20
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cisco 1900 SeriesIntegrated Services Routers
Integrated Services Routers
1941
o 25Mbps WAN Access with Services
o Factory selectable Integrated wireless 802.11n option
o Desktop form factor with Double Wide HWIC Support
1941W 1941 1921
SM / EVMSlots
0 0 0
ISM SlotsFixed 802.11n
Radio1 0
EHWIC Slots 2 2 2
Onboard WAN Ports
2 GE 2 GE 2 GE
Onboard DSPSlots
0 0 0
Default Flash 256 MB 256 MB 256 MB
Max Flash 4 GB 4 GB* 256 MB
Default DRAM 512 MB 512 MB 512 MB
Max DRAM 2.5 GB 2.5 GB 512 MB
2RU 2RU 1RU
o 15Mbps WAN Access with Services
o 1 RU with Double Wide HWIC support
o No MGF
o External PoE
1921
21
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
o Up to 75Mbps WAN Access with Services
o Video-ready DSP support
o Increased service density with Second Services module Slot
o 12 Inch Depth on 2911
Secure Collaboration Platform
Cisco 2900 SeriesIntegrated Services Routers
2901 2911 2921 2951
SM / EVM Slots 0 1 SW 1 x SW/DW2 x SW or 1 x DW
ISM Slots 1 1 1 1
EHWIC Slots 4 4 4 4
Onboard DSP Slots 2 2 3 3
Onboard WAN Ports 2GE 3GE 3GE 3GE
Default Flash 256MB 256MB 256MB 256MB
Max Flash 4GB 4GB 4GB 4GB
Default DRAM 512MB 512MB 512MB Max 512MB
DRAM 2.5GB ** 2.5GB ** 2.5GB ** 4GB *
Form Factor 1RU 2RU 2RU 2RU
22
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
New Services Performance Engine 200s:
o Up To 350Mbps WAN Access With Services
o 4 GE ports onboard
All 3900 Series:
o Up to 1040 watts with PoE Boost
o Configurable dual Integrated Redundant Power supplies
o Hot swappable fans and power supply
Scalable Rich-media Services Platform
3945E 3925E 3945 3925
Onboard WAN4GE
(2 SFP)4GE
(2 SFP)3GE
(2 SFP)3GE
(2 SFP)
For WAN BW 350 Mbps 250 Mbps 150 Mbps100
Mbps
SM Slots 4 2 4 2
ISM Slots 0 0 1 1
EHWIC Slots 3 3 4 4
Onboard DSP Slots 3 3 4 4
Motherboards SPE-250 SPE-200 SPE-150 SPE-100
Default DRAM 1 GB 1 GB 1 GB 1 GB
Max DRAM 4 GB 4 GB 4 GB 4 GB
Form Factor 3RU 3RU 3RU 3RU
Cisco 3900 SeriesIntegrated Services Routers
23
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Module Picture Description
EHWIC
Enhanced High Speed WAN Interface Card
Interface cards (WAN or LAN) with 1-4 ports
Up to 1.6 Gbps aggr to CPU over DDR bus
Up to 2 Gbps aggregate to other module slots over MultiGigabit Fabric (MGF)
ISM
Internal Service Module
Internal module for services with dedicated CPU & memory
Up to 4 Gbps aggr to CPU over PCIeUp to 2 Gbps aggr to other module slots over MGF
SM
Service Module
Independent CPU and memory for hosting services autonomously.
Up to 4 Gbps aggr to CPU over PCIe bus Up to 2 Gbps aggr to other module slots over MGF
PVDM3
Packet Voice/ Data ModuleHigh density rich-media voice & video DSP modules
Next-Gen ISR Module Improvements
24
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
NME-X
NME
Platform Module Slot Evolution
Pre-ISR ISR ISR G2
EHWIC
Supports HWICWIC, VIC & VWIC
SM
Supports NM, NME& EVM via Adapter card
ISM
PVDM3
Supports PVDM2 Via Adapter Card
HWIC
Supports WIC, VWIC, VIC
NME,EVM
Supports NM,NME-X,NME-XD
AIM
PVDM2
WIC
Supports VIC, VWIC
NM
AIM
25
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Downlink 100 Mbps / Uplink 50 Mbps
Super Low Latency (< 50 ms) - 5xLower than 3G
819 M2M 3G Gateway w/ Wifi & 4G – Q3CY12
812 MiFI (Cellular plus Wifi) –Q3CY12
4G HWIC –Verizon Model - Q1FY12
Worldwide – Q3FY12
ISR w/ 3G in AP Form Factor
Portable, Rapid Deployment
POE Powered (Optional)
Compact, Hardened
802.11 a/b/g/n Dual Radio
4G/LTE – Fall of CY12
, GPS, Mobile IP Ready
What’s is New for FY12?
26
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Std DSL chipset
Fanless
ScanSafe Support
QoS and BGP
High Density 32-port AsyncSerial
880 ISR with Voice – Nov 2012
860VAE– Nov 2012
Remote Call Center Agent
4 FXS, 2BRI, 1 FXO
SRST, Cube, CME
Optional POE
Up to 192 async ports
Terminal / Dial access Server
Feature Parity with HWIC-8A/16A
SMB, Branch Offices & Enterprise Teleworker
27
What’s Else is New?
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Expanding Fiber Portfolio
Low-Cost Routed Port EHWIC1 Port, Combo SFP/CU
892F with pluggable SFP GPON/EPON SFP
• Flexible Metro Ethernet Access Options• Cisco and third party SFP support• Consistency across the portfolio
28
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public 29
Cisco VPN ISM for ISR G2Delivering High Performance VPN for Branch Routers
Availability
IOS Requirement: 15.2(1)T1 or later
Supported Platforms: 1941, 2901, 2911, 2921, 2951, 3925, 3945
‒ (Note: Not supported on 1941W, 3925E, 3945E)
Features
Plug and play Internal Service Module (ISM) for VPN acceleration
Hardware encryption support for both IPsec and SSL VPN
Hardware support for IKEv2 and Suite B crypto algorithms
Performance
High IPsec VPN throughput (Up to 1.2Gbps)
Up to 3X throughput and 2X supported IPsec tunnels over onboard crypto engine
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Ethernet Switch Module Overview
* No CTS PHY Encryption , or POE+ (30w)
o Higher availability, up to 2x when compared to a standalone switch
o Designed to promote Borderless Networks
o Support the same features and configurations in the branch are in the headquarters
o Integrates the latest enterprise switch features into the router
o Increased Power Over Ethernet
o Enhanced POE (ePOE) Up to20 watts per port
o Takes advantage of 2900/3900 increased powerlevels offering up to 1040 watts per chassis
o Per port autosensing and configurationof power levels
o EnergyWise per port-based and per slot-based power saving controls
o Gigabit Ethernet 10/100/1000
o One L2/L3 and one pure L2 family offered
o 16, 24, and 48 ports of GE or FE LAN, Local line-rate Layer 2/3 switching
o Same feature set and roadmap as the latest LSBU Catalyst 3560-X/2960-S switches*
o Integration with the router’s Multi Gigabit Fabric LAN optimizes traffic between modules, with no impact on CPU/WAN performance
o Smart Install
o Zero touch Install/Replace/Backup
o AutoImage, AutoConfig
o Treat the ESM like a line-card or a standalone switch
30
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Smart InstallAutomatically Deploy Switches in the Branch
DirectorISR/ISRG2
ClientEtherSwitch
Switch Clients
Routers:
Director only - 15.1(3)T
Switches:
Client – 12.2(52)SE
Director - 12.2(55)SE
Zero Touch Installation
Zero Touch Upgrade
Zero Touch Replacement
Director ISRG2, ISR G1, Catalyst 3xxx series
Mix-and-Match ClientsCatalyst 3750, 3750-E, 3560, 3560-E, 2960,
2975, All NME and SM EtherSwitch modules
31
Packet Flow in an ISR G2
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
ISR G2 Architecture
1941 and Above
CPU
MGF
HWIC
EHWIC
NM
SM
ISM PVDM
Gigabit EthernetPCI-ExpressHWIC DDR
33
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
ISR G2 Packet Flow
Normal Layer 3 Routing
CPU
MGF
HWIC
EHWIC
NM
SM
ISM PVDM
Gigabit EthernetPCI-ExpressHWIC DDR
34
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
ISR G2 Packet Flow
Module-To-Module Communication
CPU
MGF
HWIC
EHWIC
NM
SM
ISM PVDM
Gigabit EthernetPCI-ExpressHWIC DDR
35
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
ISR G2 Packet Flow
Voice/Video Traffic Requiring DSP Processing
CPU
MGF
HWIC
EHWIC
NM
SM
ISM PVDM
Gigabit EthernetPCI-ExpressHWIC DDR
V
36
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Multi-Gigabit Fabric Configuration
Most new modules include MGF and legacy links.
‒ Interfaces will appear as two internal connections to the
same module (SM1/0 and SM1/1 for example).
Configuration for the module-side MGF connection is
performed on the router-side ―0‖ connection.
‒ Configuration information is passed to the module on this
interface.
‒ The router-side MGF connection is a layer-2 trunk port
and is not directly configurable.
Layer 3 MGF configuration on the router is handled
with VLAN interfaces.
Note: MGF configuration not available when a
HWIC-ESW is in the system.
37
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
ISR G2 Architecture
1941 and Above
CPU
MGF
HWIC
EHWIC
NM
SM
ISM PVDM
Gigabit EthernetPCI-ExpressHWIC DDR
SM1/0
SM1/1
38
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Multi-Gigabit Fabric Configuration
Typical Configuration with an SRE Service Moduleinterface SM1/0
description PCI connection to SRE-900 module in slot 1
ip address 10.10.20.1 255.255.255.0
service-module ip address 10.10.20.2 255.255.255.0
!Application: SRE-V Running on SMV
service-module ip default-gateway 10.10.20.1
service-module mgf ip address 10.1.30.2 255.255.255.0
service-module mgf ip default-gateway 10.1.30.1
!
interface SM1/1
description MGF connection to SRE-900 module in slot 1
switchport access vlan 1
switchport mode access
! Other switchport commands, such as switchport trunk,
! would be configured here.
!
interface Vlan1
ip address 10.1.30.1 255.255.255.0
!
39
Cloud Intelligent Network
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Lean Branch Office ApplicationsEdge Applications That Defy Centralization
Core Windows ServicesMission Critical Business
ApplicationsClient Management
Services
DNS and DHCP Servers
Microsoft Active Directory
Windows Print Services
Windows File Services
Others …
Point of Sale Server
Bank Teller Control Point
Electronic Medical Records
Inventory Management
Others …
Software Update Service
Client Monitoring Service
Backup and Recovery
Terminal Server Gateway
Others …
43
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cisco ISR G2 as Blade Server EnclosureUse Slots on Most Widely Deployed Branch Device
Direct SRE blade
to LAN connectivity
Redundant power
supply optionsLong service life 2x
typical blade system
Secure platform with
small attack surface
All-in-One Device for Branch Services
Performance
Connectivity
Mobility
Applications
Collaboration
Security
2 and 3 RU
options1, 2, 4 blade
slots options
44
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Services Ready Engines
45
SM SRE 700 / 710 SM SRE 900 / 910
Processor1.86 GHz Intel Core 2 Duo
(Single Core)
1.86 GHz Intel Core 2 Duo
(Dual Core)
Maximum Memory 4 GB 4 GB–8 GB*
Maximum Storage500 GB SATA HDD
5400 vs. 7200 rpm
2 x 500 GB SATA HDD (RAID
0/1)
5400 vs. 7200 rpm
Ports
2 Internal GE Ports
1 External GE Port
1 External USB Port
2 Internal GE Ports
1 External GE Port
1 External USB Port
SecurityCavium Nitrox Security
Co-Processor
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cisco UCS Express Components Simplifying Lean Branch Office Infrastructure
Platform for Edge Applications Microsoft Windows Server certified
Server Virtualization Cisco SRE Virtualization powered by
VMware vSphere HypervisorTM (ESXi)
Dedicated Blade Management Cisco Integrated Management Controller
Consistent management for UCS family
Multipurpose x86 Blades Cisco Service Ready Engine modules
House up to 4 server blades in ISR G2
Single-device Network Integration House all devices in ISR G2 chassis
Multi-Gigabit Fabric backplane switch
IOS, MGF Backplane Switch
SRE Blade
SRE-V Hypervisor
OS
App
OS
App
CIMCE SRE Blade
SRE-V Hypervisor
OS
App
OS
App
46
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public 47
Single Device Integration
Higher Flexibility
Faster Provisioning
Less Ports and Wires
Right-Sized Blade Servers
Faster Provisioning
Less Parts and Wires
Lower Operating Costs
Bare-Metal Hypervisor
Lower Hardware Costs
Faster Failure Recovery
Shorter Time-to-Market
Virtualization
Platform Network
Platform
Compute
PlatformDomain-Based
Management
Unified Computing System ExpressAddressing Lean Branch Office Challenges
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
UCS E Series Single-Wide
48
Up to 2 SATA, SAS or SSD hard drives
Lights Out Configuration and Management Through CIMC
Intel Xeon E3 family quad-core processor
On board Hardware RAID 0/1 with Hot-Swap Capability
One External and Two Internal GE Ports
USB 2.0 Port for External Device Connectivity
8 GB , 12 GB and 16 GB DRAM Options
Maximum 65 W Power Draw 80% Less Than Server
Wire-Free, Plug-and-Play Modularity, Low Shipping Weight (2.5 lb/1.1 kg)
Remote and Schedulable Power Management
iSCSI Initiator Hardware Offload
KVM Console connector
10/100 Ethernet Management Port
Two SD cards: one for the CIMC and temporary storage of OS and one for a blank virtual drive
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
UCS E Series Double-Wide
49
Up to 3 SATA, SAS, SSD hard drives or 2 HDD and a PCIe card
Intel Xeon E5-2400 quad core or six-core processor
On board hardware RAID 0, 1 and 5 •Configuration Options with Hot-Swap CapabilityTwo External and Two Internal GE Ports with TCP/IP
Acceleration
Front-panel VGA, 2 USB, and serial console connectors
8 GB - 48 GB DRAM Options
Maximum 130 W Power Draw 80% Less Than Server
Wire-Free, Plug-and-Play Modularity, Low Shipping Weight (7 lb / 3.2 kg)
Remote and Schedulable Power Management
iSCSI Initiator Hardware Offload
Two SD cards: one for the CIMC and temporary storage of OS and one for a blank virtual drive
Lights Out Configuration & MGMT Through CIMC
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
UCS E Series Specs
50
UCS-E140S
UCS-E140D(P)
UCS-E160D(P)
ProcessorIntel Xeon (Sandy Bridge)
E3-1105C (1 GHz)
Intel Xeon (Sandy Bridge)
E5-2428L (2 GHz) / E5-2418L (1.8
GHz)
Core 4 4 / 6
Memory8 - 16 GB
DDR3 1333MHz
8 - 48 GB
DDR3 1333MHz
Storage 200 GB- 2 TB (2 HDD)
SATA, SAS, SED, SSD
200 GB- 3 TB (3 HDD*)
SATA, SAS, SED, SSD
RAID RAID 0 & RAID 1 RAID 0, RAID 1 & RAID 5*
Network Port Internal: 2 GE Ports
External: 1 GE Port
Internal: 2 GE Ports
External: 2 GE Ports
PCIE Card: 4 GE or 1 10 GE
FCOE
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Cisco Cloud Connected FrameworkDelivering Optimal Experience, Pervasive Security, and Simplified Operations
Branch Private/Public/HybridCloud-Ready Platforms
OS
HQ / Data Center Cloud
Integrated Management and Policy
ISR ASR CSR
Visibility Optimization Collaboration App Hosting
Branch Office
Cloud-Ready Network Services
WebSecurity
Storage 3rd PartyCollaboration
Survivability
Cloud Connectors
Security
51
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public 52
Secure Public Cloud Access with ScanSafeProtect Internet Edge at Enterprise Branches
Key Benefits:
Avoid expensive backhaul of internet and
public cloud traffic through the
HQ/Datacenter
Single policy portal, easy of deployment and
management
Enhanced security for all users
Solution:
Integrate ScanSafe Connector in ISR G2.
Router redirects Internet Web traffic to
ScanSafe cloud
‒ Content analysis, detect/stop malware
‒ Web usage control – administrator can control access to
websites
Complement the integrated security
(ZBF, IPS) on the router
Internet
Branch Branch
Internet
WAN
Centralized Reporting
Consistent Policy Control
Web SecurityWeb Filtering
HQ
Secure VPNIntegrated
Security
Web
Security
ASR1K
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public 53
Build Your Own Cloud ConnectorHome Brewed Connection to the Cloud
ISR G2 Branch Router
UCS Express
VM
Cloud
Service
VM
VM
Clo
ud
Connecto
r
onePK
Cloud
Connected
Service
Custom cloud connectors run in
a Virtual Machine within router.
Familiar set of application
deployment and management
tools from VMWare.
Rich network integration and
awareness through
standardized API
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public 54
Cloud Storage ConnectorProof of Concept Third Party Connector
End-User Virtual Portal• Users access their own cloud
backups and folders, restore and
share files.
MSP Admin Portal• Manage end-user accounts,
service provisioning and billing
Cisco ISR G2 and UCS® E-Series with Cloud Storage Gateway
MSP Network
Backup Agent for
Roaming Laptop
Branch OfficeAgent-Less Solution
Cloud storage is cached
in the branch. Branch
files are backed up to
the cloud.
Integrated Application Awareness
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Application Visibility and Control
56
Use QoS or PfR to
control application
network usage to
improve application
performance
ASR1K
ISR G2
Control
High
Med
Low
Advanced reporting
tool aggregates and
reports application
performance
App Visibility &
User Experience Report
Reporting Tool
ISR G2 & ASR collect
application bandwidth
and response time
metrics, and export to
management tool
ASR1K
ISR G2
NFv9
FNF
IOS PA
Reporting Tool Perf. Collection & Exporting
Reporting Tools
App BW Transaction
Time
…
WebEx 3 Mb 150 ms …
Citrix 10 Mb 500 ms …
DPI engine (NBAR2)
identifies applications
using L7 signatures
ASR1K
ISR G2
Deep Packet Inspection
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
WAAS Express
• Integrated ISR G2• On-demand IOS-based• Bandwidth optimization• Inline IOS features (Security, QoS)• Small footprint, Cost-effective, Single CLI
Virtual WAAS• Application acceleration from Private/Virtual Private Cloud• VMWare ESX/ESXi and UCS deployments• Agile, elastic, multi-tenant deployment• vCM: common virtualized management for physical/virtual WAAS
WAAS Service Ready Engine
• Integrated ISR G2• Application Acceleration• Software on-demand provisioning• No fork lift upgrade
WAAS Appliance
• Application acceleration• Virtual blades in branch offices• Scalable platforms for range of deployments
Cisco WAASImprove application performance and user experience
57
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public 58
High Performance Virtual
DesktopsCisco WAAS
Cisco WAAS
No changes to
clients
No changes to
servers
Branch OfficeData Center
Transparent
Handshake
Virtual Desktops
Transparent insertion into encrypted ICA/CGP
communication.
WAAS applies TCP flow optimization to maximize bandwidth usage and mitigate
packet loss.
WAAS delivers Citrix-aware multi-user Context-Aware Data Redundancy that
removes redundant data from across all end user connections.
WAAS applies an inline compression algorithm over the optimized data,
maximizing savings
Citrix XenDesktop and XenApp OptimizationCisco WAAS offers automated interoperability with HDX and ICA
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
How We Interact With Routers and Switches
Today
59
CLI
AAA
SNMP
HTML
XML
Syslog
Span
Netflow
CDP
Routing Protocols
Data Plane
Monitoring
QoS
Security
Routing
Discovery
Interfaces
Vast Toolkit
• Familiar
• Many knobs
• Controlled Access
• Special Purpose Tools
Not Vast Enough
• Gaps
• Inconsistencies
• Not programmatic
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
What’s Missing from Today’s Interactions?
60
Consistency Across
PlatformsRich Actions
Modern Programming Languages
Multiple Deployment
Models
Data Plane Interaction
Routing
Discovery
Interfaces
Monitoring
QoS
Security
Data Plane
APP
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
OnePK Architecture
61
Thrift / Sockets
Application
CAPIs
JavaAPIs
PythonAPIs
IOS IOSd/XE XR
Network
Abstraction
NX-OS
Network
Abstraction
Network
AbstractionNetwork
Abstraction
1) Write An App
2) App Talks
To Devices
3) Devices
Do Stuff
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
OnePK Provides Three Deployment Models
62
Container
Container
End-Point HostingProcess Hosting Blade Hosting
Cisco Network Operating System
OnePK Apps
Cisco Network Operating System
OnePK Apps
Bla
de
Cisco Network Operating System
Exte
rnal
Se
rver
OnePK Apps
Best For:•Real Time•Data Plane
Best For:•Powerful RPs•Low Latency
Best For:•Less Delay Sensitive•Multi-Element Apps
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
SBA Designs and Cisco Validated Designs
Lower Total Cost of Ownership
‒ Network performance is improvedwith a pretested architecture
Prescriptive Solutions
‒ Preselected Cisco solutions providethe right functions for customers
Modular Design for the Future
‒ Build a network platform ready to support future deployments of unified communications, switching, wireless, routing, video, and data center
Complete designs with deployment guides fororganizations scaling from 100 to 10,000 endpoints
69
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
ISR Simplicity – Tested and Pre-Integrated Solutions
Smart Business Architecture
• Prescriptive, Modular Designs
• Tested and Validated
• Focused on most common network deployments
• Targeted to customers from SMB to small Enterprise
Next Generation Enterprise WAN
• Prescriptive, modular design
• Focused on building a foundation for Borderless Services
• Targeted to large Enterprise and Public Sector networks
Mobile Workforce Architecture
• Architecture for supporting worker mobility options
• Provisioning, security, access and cost control
• Seamless connectivity for Smart devices
• Targeted at customers of all size
Cisco Virtual Office
• Complete turnkey solution
• Zero-touch deployment
• Integrated FW, Content Filter and VPN CPE
• Data protection, integrated UCand security
• Targeted at customers of all sizes
Provides Customers with confidence in deploy ability of solutionsProvides Partners with replicable deployment models to enhance profitabilityMakes solution design simpler and reduces the risks of new technologies.
70
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Summary: Cisco ISR G2
Industry’s richest and most innovative integrated services platform –Addresses needs of any branch of any size
Industry’s only router integrated secure WAN Optimization solution –Doubles your bandwidth and gives you a < 1 year ROI
Video-ready architecture to enable a dynamic, adaptable branch network –Provides integrated video assessment, monitoring, and troubleshooting
Network integrated security with reliable wired-wireless LAN/WAN services –Scalable VPN services with data protection and business continuity
Make your network application and cloud aware –Extensive services that tie applications and networks together for the best experience
1
2
3
4
5
71
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public
Complete Your Online
Session Evaluation Give us your feedback and you could
win fabulous prizes.
Winners announced daily.
Receive 20 Passport points for each
session evaluation you complete.
Complete your session evaluation
online now (open a browser through
our wireless network to access our
portal) or visit one of the Internet
stations throughout the Convention
Center.
Don’t forget to activate your
Cisco Live Virtual account for access to
all session material, communities, and
on-demand and live activities throughout
the year. Activate your account at the
Cisco booth in the World of Solutions or visit
www.ciscolive.com.
72
© 2012 Cisco and/or its affiliates. All rights reserved.BRKARC-3001 Cisco Public