Cisco Systems Bulks Up ISRs

The router's new features aim to reduce branch office expenses.

Cisco Systems, fresh from selling its 2 millionth Integrated Services Router, is launching a host of additional services and features in the branch office router.

Officials for Cisco, which rolled out the ISRs more than two years ago with integrated support for voice over IP, security and other services, said Dec. 4 that the company will add new options, such as WAN optimization and application acceleration, new tunnel-less VPN security, network monitoring and troubleshooting, several new VOIP functions, and more WAN interface options.

Several factors have contributed to the success of the ISRs, including the reduced costs realized by cutting the number of devices in the branch office, the desire for a consistent architecture in remote offices and the fact that many enterprises were using aging Cisco access routers.

"Over half of [existing installed remote routers] were put in place because of Y2K, so [existing routers] are well past their life span," said Zeus Kerravala, an analyst at Yankee Group.

"And the ISR is a platform that can last past the normal three- to five-year life cycle. Im hearing people say they want to keep it for five to seven years."

To keep pace with increasing performance requirements, Cisco added a new Services Engine Module for the modular 2800 and 3800 ISRs.

The engine, which offloads advanced services processing from the main routing processor, is 2.5 times faster than the existing services engine and can run Linux, said Inbar Lasser-Raab, director of product marketing for Ciscos Network Systems unit, in San Jose, Calif.

Leading the list of modules that exploit the new services engine is the WAAS (Wide Area Application Services) Module, which represents Ciscos first implementation of its WAAS technology for the ISR form factor.

The WAAS Module optimizes the performance of applications traffic traversing slow-speed WAN links.

The WAAS Module is key for beta testers at managed services provider Conxerge, which plans to deploy "LAN-like services for our customers without deploying servers [to customer sites]," said CEO Philip Skeete in Houston.

"We offer hosted file and print services, but the burden and cost of administering [locally deployed] servers to maintain those services is prohibitive," Skeete said. "With the [lower WAAS Module] price, it seemed like a pretty good fit." The WAAS Module is priced starting at $3,750. The entry price of the existing WAAS server is $13,000.

Cisco also integrated a new NAM (Network Analysis Module) into the ISRs, which can work hand in hand with the WAAS Module to help enterprises tune their WAN optimization for the best performance possible for applications traffic, Lasser-Raab said.

/zimages/3/28571.gifClick here to read more about Ciscos competition against Juniper in the branch market.

The NAM provides visibility into the behavior of network traffic traversing WAN links, allowing users to apply not only the most appropriate WAAS optimization techniques but also apply IOS (Internetwork Operating System)-based QOS (quality of service) prioritization to mission-critical or real-time traffic.

On the security services front, Cisco also will add a new tunnel-less VPN capability across both modular ISRs and fixed-configuration 800 and 1800 models.

The emerging Cisco Group Encrypted Transport protocol, implemented in IOS, allows enterprises to define groups that need to communicate and predistribute keys to those group members.

"We use DES [Data Encryption Standard] or AES [Advanced Encryption Standard] to encrypt the payload of the packet, other [group members] can decrypt the payload encryption, but the regular routed network routes the secure traffic," Lasser-Raab said.

Such functionality, which works across MPLS (Multiprotocol Label Switching) networks, can reduce latency as well as the administrative overhead associated with managing multiple tunnels, Yankee Groups Kerravala said.

It can also improve the performance of real-time voice and video applications, Lasser-Raab said.

The tunnel-less VPN functionality, tested extensively with AT&T, will form the basis of a managed service AT&T intends to add, based on the ISR 3800 models.

New VOIP functionality added to the ISRs includes SIP (Session Initiation Protocol) trunking; consolidation of voice, video and data on a single ISDN PRI (Primary Rate Interface); and secure Survivable Remote Site Telephony on Ciscos CallManager Express.

The new services and options are due this month, except for the NAM, which is due in the first quarter of 2007.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.