Cisco® 4000 Series Integrated Services Routers (ISRs) form an intelligent WAN platform that delivers the performance, security, and convergence capabilities that today’s branch offices need.
Product Overview
The Cisco 4000 Series Integrated Services Routers (ISR) revolutionize WAN communications in the enterprise branch. With new levels of built-in intelligent network capabilities and convergence, the routers specifically address the growing need for application-aware networking in distributed enterprise sites. These locations tend to have lean IT resources. But they often also have a growing need for direct communication with both private data centers and public clouds across diverse links, including Multiprotocol Label Switching (MPLS) VPNs and the Internet.
The Cisco 4000 Series contains six platforms: the 4451, 4431, 4351, 4331, 4321 and 4221 ISRs (Figure 1).
Figure 1. Cisco 4000 Series Integrated Services Routers
Features and Benefits
Cisco 4000 Series ISRs provide you with Cisco Intelligent WAN (IWAN) software features and a converged branch infrastructure. Along with superior throughput, these capabilities form the building blocks of next-generation branch-office WAN solutions.
Cisco Intelligent WAN (IWAN)
Cisco IWAN is a set of intelligent software services that allow you to reliably and securely connect users, devices, and branch office locations across a diverse set of WAN transport links. IWAN-enabled routers like the 4000 Series dynamically route traffic across the “best” link based on up-to-the-minute application and network conditions for great application experiences. You get tight control over application performance, bandwidth usage, data privacy, and availability of your WAN links—control that you need as your branches conduct greater volumes of mission-critical business.
Cisco Converged Branch Infrastructure
The Cisco 4000 Series ISRs consolidate many must-have IT functions, including network, compute, and storage resources. The high-performance, integrated routers run multiple concurrent IWAN services, including encryption, traffic management, and WAN optimization, without slowing your data throughput. And you can activate new services on demand through a simple licensing change.
Table 1 breaks out many of the features and benefits of the Cisco 4000 Series that create an intelligent WAN and a converged branch infrastructure.
Table 1. Cisco 4000 Series ISR General Feature Highlights
Business Requirement(s) | Feature/Solution |
Performance ● Throughput● Service reliability | ● Concurrent software services at speeds up to 2 Gbps. Backplane architecture supports high-bandwidth module-to-module communication at speeds up to 10 Gbps.● A distributed multicore architecture with the industry’s first internal services plane.● Remote installation of application-aware services, which run identically to their counterparts in dedicated appliances. |
Lower WAN expenditures | ● Embedded IWAN solution for creating lower-cost, business-class Internet connections. |
Pay-as-you-grow ● Performance upgrade model● Investment protection● CapEx budget management | ● Router capacity can be increased with a remote performance-on-demand license upgrade (no hardware upgrade) for exceptional savings. |
Superior and secure user application experiences | ● ISR-AX “Application Experience” software bundle with advanced routing and network monitoring services.● Dynamic Multipoint VPN (DMVPN), zone-based firewalls, intrusion prevention (Snort and Umbrella Branch) and content management using Cisco Cloud Web Security and OpenDNS protecting data, providing authentication credentials, and enabling transmissions that are not backhauled through the data center.● Secure boot feature performs hardware-based authentication of the bootloader software to prevent malicious or unintended software from booting on the system.● Code signing verifies digital signatures of executables prior to loading to prevent execution of altered or corrupted code.● Hardware authentication protects against hardware counterfeiting by using an on-board tamper-proof silicon, including field replaceable modules. If authentication fails, the module is not allowed to boot. |
IT consolidation, space savings, and improved total cost of ownership (TCO) | ● Single converged branch platform integrates routing, switching, virtual server, storage, security, unified communications, WAN optimization, and performance management tools. |
Business continuity and increased resiliency | ● 4400 Series models (4451 and 4431 ISRs) support dual integrated power supplies for backup. The entire 4000Series supports optional power supply capable of delivering additional PoE power to endpoints. Defined models provide for a DC power supply.● Modular network interfaces with diverse connection options for load-balancing and network resiliency.● Modular interfaces with online removal and insertion (OIR) for module upgrades without network disruption.● Cisco Unified Survivable Remote Site Telephony (SRST), which serves as a resiliency complement to Cisco Hosted Collaboration Solution (HCS), a Cisco cloud-based UC service.● Support for multiple, diverse access links: T1/E1, T3/E3, Serial, xDSL, Gigabit and Ten-Gigabit Ethernet. |
Lower telephony costs with VoIP and rich media experiences | ● High-performance analog/digital gateway, allowing VoIP over less expensive Session Initiation Protocol (SIP) trunks.● Integrated IP PBX (Cisco Unified Communications Express) and Session Border Controller (Cisco Unified Border Element, or CUBE). |
Easier manageability and support | ● Single, universal software image for all features and performance-on-demand licensing flexibility.● No additional services and support needed for compute and storage.● Supported by Cisco and third-party management tools, with programmability and automation. |
Platform Architecture
Table 2 lists the primary hardware architectural features and benefits of the Cisco 4000 Series. The routers run modular Cisco IOS® XE Software, widely deployed in the world’s most demanding networks. The software’s comprehensive portfolio of services spans multiple technology areas, including security, WAN optimization, app and network quality of service (QoS), and embedded management.
Table 2. Architectural Highlights
Architectural Features | Benefits/Description |
Multicore processors | ● High-performance multicore processors support high-speed WAN connections. The data plane uses an emulated Flow Processor (FP) that delivers application-specific integrated circuit (ASIC)-like performance that does not degrade as services are added. |
Embedded IP Security (IPsec) VPN hardware acceleration | ● Increases scalability. When combined with an optional Cisco IOS XE Software Security license, enables WAN link security and VPN services. |
Integrated Gigabit Ethernet ports | ● The Cisco 4000 Series provides up to four built-in 10/100/1000 Ethernet ports for WAN or LAN.● Based on the platform, some of the 10/100/1000 Ethernet ports can support Small Form-Factor Pluggable (SFP)-based connectivity in addition to RJ-45 connections, enabling fiber or copper connectivity.● Optionally, depending on the platform, up to 30W PoE+ can be enabled on two of the built-in front panel Gigabit Ethernet interfaces to provide power to external devices such as fourth-generation (4G) LTE routers.● An additional dedicated Gigabit Ethernet port is provided for device management.[1] |
USB-based console access | ● A mini type B USB console port1 supports management connectivity when traditional serial ports are not available.● Traditional console and auxiliary ports are also available.[2] |
Optional integrated power supply for distribution of PoE | ● An optional upgrade to the internal power supply provides inline power (802.3af-compliant PoE or 802.3at-compliant PoE+) to optional integrated switch modules.● Redundant PoE conversion modules provide an additional layer of fault tolerance. |
Optional integrated redundant power supply (RPS) | ● For the 4400 Series, power redundancy is available by installing an optional integrated RPS for decreasing network downtime and protecting the network from power failures.● Optional PoE boost mode increases total PoE capacity to up to 1000W. |
Cisco Enhanced Services Module (SM-X) | ● Each service-module slot offers high data-throughput capabilityof up to 10 Gbps toward the system and up to 1 Gbps to other module slots.● Support for both single- and double-wide service modules provides flexibility in deployment options.● An SM-X slot can be converted into a Network Interface Module (NIM) slot using an optional carrier card.● Service modules support online insertion and removal (OIR), avoiding network disruption when installing new or replacement modules.1 |
Cisco Network Interface Modules (NIMs)[3] | ● Up to three integrated NIM slots on the Cisco 4000 Series allow for flexible configurations.● Each NIM slot offers options of up to two 2-Gbps connections, one toward the route processor and one for direct module-to-module communication. The 4221 ISR has only one 1-Gbps connection to the route processor.● NIMs support OIR.● Special NIMs add support for solid-state drives (SSDs) and hard disk drives (HDDs).1 |
Cisco Integrated Services Card (ISC) slot on motherboard | ● Integrated Services Card natively supports the new Cisco High-Density Packet Voice Digital Signal Processor Modules (PVDM4s), providing greater-density rich-media voice.● Each Integrated Services Card slot connects to the system architecture through an up to 2-Gbps link.● Future modules can be hosted on the Integrated Services Card slot, improving system functions. |
Flash memory support | ● A single flash memory slot is available to support high-speed storage densities, upgradable to up to 32 GB. The 4221 ISR ships with a fixed 8 GB flash.● Two USB type A 2.0 ports provide capabilities for convenient storage.1 |
DRAM | ● For the 4400 Series ISRs, the default control-plane memory is 4 GB, upgradable to 16 GB to provide additional scalability for control-plane features. The default data-plane memory is 2 GB.● For the 4300 Series ISRs, the default memory is 4 GB, upgradable to 16 GB (only 8 GB for the 4321) to provide additional scalability.● The 4200 Series comes with 4 GB fixed DRAM. |
Managing Your Cisco 4000 Series ISRs
The Cisco network management applications listed at the top of Table 3 are standalone products that can be purchased or downloaded to manage your Cisco network devices. The applications are built specifically for the different operational phases; select those that best fit your needs. Those management capabilities listed under the “Cisco IOS Software XE Embedded Management” heading are directly integrated into the routers’ software operating system.
Table 3. Network Management Solutions
Operational Phase | Application | Description |
Device staging and configuration | WebUI | ● A GUI-based device-management tool for Cisco IOS and Cisco IOS XE Software-based access routers. This tool simplifies routing, firewall, VPN, unified communications, and WAN and LAN configuration through easy-to-use wizards. |
Network-wide deployment, configuration, monitoring, and troubleshooting | Cisco Prime®Infrastructure | ● Offers comprehensive lifecycle management of wired and wireless access, campus, and branch-office networks, rich visibility into end-user connectivity, and application performance assurance.● Provides wired lifecycle functions such as inventory, configuration, and image management; automated deployment; compliance reporting; integrated best practices; and reporting. |
Staging, deployment, and changes to configuration and image files | Cisco Configuration Engine | ● A secure network management product that provides zero-touch image and configuration distribution through centralized, template-based management. |
Context-aware security configuration and monitoring | Cisco Prime Security Manager | ● Management tool for configuring and managing context-aware security. The application supports both single- and multi-device manager form factors.● Provides the ability to write and enforce the granular context-aware security policies. |
Cisco Wide Area Application Service (WAAS) management | Cisco WAAS Central Manager | ● The management tool for the WAAS1,[4] (WAN optimization and application acceleration) integrated service. It provides a centralized mechanism for configuring WAAS features, reporting, and monitoring. |
Cisco IOS XE Software Embedded Management Capabilities |
Feature | Description |
Cisco IOS Embedded Event Manager (EEM) | ● A distributed and customized approach to event detection and recovery.● Offers the ability to monitor events and take informational, corrective, or any desired EEM action when the monitored events occur or when a threshold is reached. |
Cisco IOS XE IP Service-Level Agreements (IP SLAs) | ● Helps assure the performance of new business-critical IP applications as well as IP services that use data and voice in an IP network. |
SNMP, Remote Monitoring (RMON), syslog,NetFlow, IP Flow Information Export (IPFix) | ● Network monitoring and accounting tools. |
Product Specifications
Table 4 lists the general product specifications for the Cisco 4000 Series routers.
Table 4. Specifications of Cisco 4000 Series Integrated Services Routers
Technical Specifications | Cisco 4451 | Cisco 4431 | Cisco 4351 | Cisco 4331 | Cisco 4321 | Cisco 4221 |
Aggregate Throughput | 1 Gbps to 2 Gbps | 500 Mbps to 1 Gbps | 200 Mbps to 400 Mbps | 100 Mbps to 300 Mbps | 50 Mbps to 100 Mbps | 35 Mbps to 75 Mbps |
Total onboard WAN or LAN 10/100/1000 ports | 4 | 4 | 3 | 3 | 2 | 2 |
RJ-45-based ports | 4 | 4 | 3 | 2 | 2 | 2 |
SFP-based ports | 4 | 4 | 3 | 2 | 1 | 1 |
Enhanced service-module slots | 2 | 0 | 2 | 1 | 0 | 0 |
Doublewide service-module slots | 1 (assumes no singlewide SM-X modules installed) | 0 | 1 (assumes no singlewide SM-X modules installed) | 0 | 0 | 0 |
NIM slots | 3 | 3 | 3 | 2 | 2 | 2 |
OIR (all I/O modules) | Yes | Yes | Yes | Yes | Yes | No |
Onboard ISC slot | 1 | 1 | 1 | 1 | 1 | No |
Default memory double-data-rate 3 (DDR3) error-correction-code (ECC) DRAM (Combined control/services/data planes) | NA | NA | 4 GB | 4 GB | 4 GB | 4 GB |
Maximum memory DDR3 ECC DRAM (Combined control/services/data planes) | NA | NA | 16 GB | 16 GB | 8 GB | 4 GB |
Default memory DDR3 ECC DRAM (data plane) | 2 GB | 2 GB | NA | NA | NA | NA |
Maximum memory DDR3 ECC DRAM (data plane) | 2 GB | 2 GB | NA | NA | NA | NA |
Default memory DDR3 ECC DRAM (control/services plane) | 4 GB | 4 GB | NA | NA | NA | NA |
Maximum memory DDR3 ECC DRAM (control/services plane) | 16 GB | 16 GB | NA | NA | NA | NA |
Default flash memory | 8 GB | 8 GB | 4 GB | 4 GB | 4 GB | 8 GB |
Maximum flash memory | 32 GB | 32 GB | 16 GB | 16 GB | 8 GB | 8 GB |
External USB 2.0 slots (type A) | 2 | 2 | 2 | 1 | 1 | 1 |
USB console port -type B mini (up to 115.2 kbps) | 1 | 1 | 1 | 1 | 1 | 0 |
Serial console port - RJ45 (up to 115.2 kbps) | 1 | 1 | 1 | 1 | 1 | 1 (combo CON/AUX port) |
Serial auxiliary port - RJ45 (up to 115.2 kbps) | 1 | 1 | 1 | 1 | 1 | 1 (combo CON/AUX port) |
Power-supply options | Internal: AC, DC (roadmap) and PoE | Internal: AC, DC, and PoE | Internal: AC, DC (roadmap) and PoE | Internal: AC and PoE | External: AC and PoE | External AC only |
Redundant power supply | Internal: AC, DC (roadmap) and PoE | Internal: AC, DC, and PoE | N/A | N/A | N/A | NA |
Power Specifications |
AC input voltage | 100 to 240 VAC autoranging | 100 to 240 VAC autoranging | 100 to 240 VAC autoranging | 100 to 240 VAC autoranging | 100 to 240 VAC autoranging | 100 to 240 VAC autoranging |
AC input frequency | 50 to 60 Hz | 50 to 60 Hz | 50 to 60 Hz | 50 to 60 Hz | 50 to 60 Hz | 50 to 60 Hz |
AC input current range, AC power supply (maximum) | 7.1 to 3.0A | 3 to 1.3A | 7.1 to 3.0A | 3 to 1.3A | 1.5 to 0.6A | 1.5 to 0.6A |
AC input surge current | <50 A | 60 A peak and less than 5 Arms per half cycle | 60 A peak and less than 12 Arms per half cycle | 60 A peak and less than 5 Arms per half cycle | 90 A peak and less than 3 Arms per half cycle | 90 A peak and less than 3 Arms per half cycle |
Typical power (no modules) (watts) | 158 | 65 | 48 | 42 | 36 | 24 |
Maximum power with AC power supply (watts) | 450 (no PoE) | 250 (no PoE) | 430 | 250 | 125 | 90 |
Maximum power with PoE power supply (platform only) (watts) | 1000 with PoE redundant 1450 with PoE boost no redundancy | 500 with PoE redundant 1000 with PoE boost no redundancy | 990 | 530 | 260 | NA (no PoE support) |
Maximum endpoint PoE power available from PoE power supply (watts) | 500 W with optional redundancy | 250 W with optional redundancy | 500 | 250 | 120 | NA (no PoE support) |
Maximum endpoint PoE power capacity with PoE boost (watts) | 950 W no redundancy | 500 W no redundancy | N/A | N/A | N/A | NA (no PoE support) |
Sizes and Weights |
Dimensions (H x W x D) | 3.5 x 17.25 x 18.5 in (88.9 x 438.15 x 469.9 mm) | 1.73 x 17.25 x 19.97 in (43.9 x 438.15 x 507.2 mm) | 3.5 x 17.25 x 18.5 in (88.9 x 438.15 x 469.9 mm) | 1.75 x 17.25 x 17.25 in (44.45 x 438.15 x 438.15 mm) | 1.75 x 14.55 x 11.60 in (44.55 x 369.57 x 294.64 mm) | 1.72 x 12.7 x 10 in (43.7 x 322.6 x 254 mm) |
External Power Supply Dimensions (H x W x D) | N/A | N/A | N/A | N/A | 2.95 x 1.18 x 6.10 in (75 x 30 x 155 mm) | 37 x 73 x 152 mm (Phihong mfg PN: AA90U-120A-R) 36.5 x 67 x 155 mm (Delta mfg PN: ADP90GR BA) |
Shipping Box Dimensions (H x W x D) | 9.75 x 22.25 x 26 in (24.76 x 56.51 x 66.04 mm) | 7.88 x 22.25 x 28.75 in (200.2 x 565.1 x 730.25 mm) | 9.75 x 22.25 x 26 in (24.76 x 56.51 x 66.04 mm) | 7.125 x 22.75 x 22.5 in (180.98 x 577.85 x 571.5 mm) | 7.0 x 21.5 x 16.125 in (177.8 x 546.1 x 409.6 mm) | 4.13 x 18.25 x 12.94 in (104.9 x 463.6 x 328.7 mm) |
Rack height | 2 rack units (2RU) | 1 rack units (1RU) | 2 rack units (2RU) | 1 rack unit (1RU) | 1 rack unit (1RU) | 1 rack unit (1RU) |
Rack-mount 19in. (48.3 cm) EIA | Included | Included | Included | Included | Included | Optional |
Rack-mount 23in. (58.4 cm) EIA | Optional | Optional | Optional | Optional | N/A | NA |
Wall-mount | No | Yes | No | Yes | Mounting holes under chassis | Yes |
Weight with 1, 450-WAC power supply (no modules) | 28.8 lb (13.1 kg) | N/A | 28.8 lb (13.1 kg) | N/A | N/A | NA |
Weight with 1 1,000-WAC power supply+ 1 PoE power module (no other modules) | 30.6 lb (13.9 kg) | N/A | 29.0 lb (13.2 kg) | N/A | N/A | NA |
Weight with AC PS (no modules) | N/A | 18.5 lb (8.4 kg) | N/A | 13.5 lb (6.2 kg) | 7.7 lb (3.5 kg) + 1.2 lb (0.66 kg) external PS | 7.1 lb (3.22 kg) |
Weight with AC PS with POE (no modules) | N/A | 18.6 lb (8.4 kg) | N/A | 14.1 lb (6.4 kg) | N/A | NA |
Typical weight (fully loaded with modules) | 42.7 lb (19.4 kg) | 22.4 lb (10.2 kg) | 37.7 lb (17.1 kg) | 16.1 lb (7.3 kg) | 9.14 lb (4.2 kg) + 1.2 lb (0.66 kg) external PS | 8.11 lb (3.68 kg) |
Packaging Weight | 6.4 lb (2.9 kg) | 5.9 lb (2.7 kg) | 6.4 lb (2.9 kg) | 4.6 lb (2.1 kg) | 2.2 lb (1 kg) | 1.28 lb (0.58 kg) |
Airflow | I/O side to bezel side | I/O side to bezel side | I/O side to bezel side | I/O side to bezel side | Right I/O side to Left I/O side | I/O side to bezel side |
MTBF (Hours) | 480770 | 512970 | 566310 | 587250 | 593270 | 593270 |
Environmental Specifications |
Operating Conditions |
Temperature | 32º to 104ºF (0º to 40ºC) | 32º to 104ºF (0º to 40ºC) | 32º to 104ºF (0º to 40ºC) | 32º to 104ºF (0º to 40ºC) | 32º to 104ºF (0º to 40ºC) | 32º to 104ºF (0º to 40ºC) |
Altitude (China) | 0 – 6,560 ft. (0 – 2,000 m) | 0 – 6,560 ft. (0 – 2,000 m) | 0 – 6,560 ft. (0 – 2,000 m) | 0 – 6,560 ft. (0 – 2,000 m) | 0 – 6,560 ft. (0 – 2,000 m) | 0 – 6,560 ft. (0 – 2,000 m) |
Altitude (Rest of the world) | 0 – 10,000 ft. (0 – 3,050 m) | 0 – 10,000 ft. (0 – 3,050 m) | 0 – 10,000 ft. (0 – 3,050 m) | 0 – 10,000 ft. (0 – 3,050 m) | 0 – 10,000 ft. (0 – 3,050 m) | 0 – 10,000 ft. (0 – 3,050 m) |
Relative humidity | 5% to 85% | 5% to 85% | 5% to 85% | 5% to 85% | 5% to 85% | 5% to 85% |
Short-term humidity | 5% to 90%, not to exceed 0.024 kg water/kg of dry air | 5% to 90%, not to exceed 0.024 kg water/kg of dry air | 5% to 90%, not to exceed 0.024 kg water/kg of dry air | 5% to 90%, not to exceed 0.024 kg water/kg of dry air | 5% to 90%, not to exceed 0.024 kg water/kg of dry air | 5% to 90%, not to exceed 0.024 kg water/kg of dry air |
Acoustics: Sound pressure (Typical/maximum) | 50.6/73.1 dBA | 54.3/79.1 dBA | 50.6/73.1 dBA | 52.8/74.8 dBA | 24.2/51.9 dBA | 28.5/53 dBA |
Acoustics: Sound power (Typical/maximum) | 58.2/78.8 dBA | 57.2/80.8 dBA | 58.2/78.8 dBA | 61.2/81.6 dBA | 31.9/59.9 dBA | 41/68 dBA |
Nonoperating Conditions |
Temperature | -40º to 158ºF (-40º to 70ºC) | -40º to 158ºF (-40º to 70ºC) | -40º to 158ºF (-40º to 70ºC) | -40º to 158ºF (-40º to 70ºC) | -40º to 158ºF (-40º to 70ºC) | -40º to 158ºF (-40º to 70ºC) |
Relative humidity | 5% to 95% | 5% to 95% | 5% to 95% | 5% to 95% | 5% to 95% | 5% to 95% |
Altitude | 15,584 ft (4750m) | 15,584 ft (4750m) | 15,584 ft (4750m) | 15,584 ft (4750m) | 15,584 ft (4750m) | 15,584 ft (4750m) |
Regulatory and Compliance |
Safety | UL 60950-1 CAN/CSA C22.2 No. 60950-1 EN 60950-1 AS/NZS 60950-1 IEC 60950-1 | UL 60950-1 CAN/CSA C22.2 No. 60950-1 EN 60950-1 AS/NZS 60950-1 IEC 60950-1 GB-4943 | UL 60950-1 CAN/CSA C22.2 No. 60950-1 EN 60950-1 AS/NZS 60950-1 IEC 60950-1 GB-4943 | UL 60950-1 CAN/CSA C22.2 No. 60950-1 EN 60950-1 AS/NZS 60950-1 IEC 60950-1 GB-4943 | UL 60950-1 CAN/CSA C22.2 No. 60950-1 EN 60950-1 AS/NZS 60950-1 IEC 60950-1 GB-4943 | UL 60950-1 CAN/CSA C22.2 No. 60950-1 EN 60950-1 AS/NZS 60950-1 IEC 60950-1 GB-4943 |
EMC | 47 CFR, Part 15 ICES-003 Class A EN55022 Class A CISPR22 Class A AS/NZS 3548 Class A VCCI V-3 CNS 13438 EN 300-386 EN 61000 (Immunity) EN 55024, CISPR 24 EN50082-1 SD/EMI KN22, KN24 | 47 CFR, Part 15 ICES-003 Class A EN55022 Class A CISPR22 Class A AS/NZS 3548 Class A VCCI V-3 CNS 13438 EN 300-386 EN 61000 (Immunity) EN 55024, CISPR 24 EN50082-1 KN22, KN24 | 47 CFR, Part 15 ICES-003 Class A EN55022 Class A CISPR22 Class A AS/NZS 3548 Class A VCCI V-3 CNS 13438 EN 300-386 EN 61000 (Immunity) EN 55024, CISPR 24 EN50082-1 KN22, KN24 | 47 CFR, Part 15 ICES-003 Class A EN55022 Class A CISPR22 Class A AS/NZS 3548 Class A VCCI V-3 CNS 13438 EN 300-386 EN 61000 (Immunity) EN 55024, CISPR 24 EN50082-1 KN22, KN24 | ICES-003 Class A EN55022 Class A CISPR22 Class A AS/NZS 3548 Class A VCCI V-3 CNS 13438 EN 300-386 EN 61000 (Immunity) EN 55024, CISPR 24 EN50082-1 KN22, KN24 | ICES-003 Class A EN55022 Class A CISPR22 Class A AS/NZS 3548 Class A VCCI V-3 CNS 13438 EN 300-386 EN 61000 (Immunity) EN 55024, CISPR 24 EN50082-1 KN22, KN24 |
Telecom | T1 IC CS-03:2004 TIA-968-B:2009 HKTA 2028:2010 HKTA 2017:2010 HKTA 2015: 2006 G.703:2001 ID0002:2007 IS6100:2004 DSPR Gray Book:2000 DSPR Technical Condition: 2004 E1 AS/ACIF S016: 2001 AS/ACIF S038: 2001 G.703:2001 TBR 4:1995 TBR 12:1993 TBR 13:1996 RRA 2009-38 (RRL 2005-96) IDA TS DLCN:2011 IDA TS ISDN PRA:2005 IS6100: 2004 PTC 220:2008 Ethernet IEEE 802.3 ANSA X3.263 | TIA-968-B CS-03 ANSI T1.101 ITU-T G.823, G.824 IEEE 802.3 RTTE Directive Homologation requirements vary by country and interface type. For specific country information, refer to the online approvals data base at:http://www.ciscofax.com. | TIA-968-B CS-03 ANSI T1.101 ITU-T G.823, G.824 IEEE 802.3 RTTE Directive Homologation requirements vary by country and interface type. For specific country information, refer to the online approvals data base at: http://www.ciscofax.com. | TIA-968-B CS-03 ANSI T1.101 ITU-T G.823, G.824 IEEE 802.3 RTTE Directive Homologation requirements vary by country and interface type. For specific country information, refer to the online approvals data base at:http://www.ciscofax.com. | TIA-968-B CS-03 ANSI T1.101 ITU-T G.823, G.824 IEEE 802.3 RTTE Directive Homologation requirements vary by country and interface type. For specific country information, refer to the online approvals data base at: http://www.ciscofax.com. | TIA-968-B CS-03 ANSI T1.101 ITU-T G.823, G.824 IEEE 802.3 RTTE Directive Homologation requirements vary by country and interface type. For specific country information, refer to the online approvals data base at: http://www.ciscofax.com. |
Cisco IOS XE Software |
Protocols | IPv4, IPv6, static routes, Routing Information Protocol Versions 1 and 2 (RIP and RIPv2), Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Border Gateway Protocol (BGP), BGP Router Reflector, Intermediate System-to-Intermediate System (IS-IS), Multicast Internet Group Management Protocol Version 3 (IGMPv3), Protocol Independent Multicast sparse mode (PIM SM), PIM Source-Specific Multicast (SSM), Resource Reservation Protocol (RSVP), Cisco Discovery Protocol, Encapsulated Remote Switched Port Analyzer (ERSPAN), Cisco IOS IP Service-Level Agreements (IPSLA), Call Home, Cisco IOS Embedded Event Manager (EEM), Internet Key Exchange (IKE), access control lists (ACL), Ethernet Virtual Connections (EVC), Dynamic Host Configuration Protocol (DHCP), Frame Relay (FR), DNS, Locator ID Separation Protocol (LISP), Overlay Transport Virtualization (OTV),[5] Hot Standby Router Protocol (HSRP), RADIUS, authentication, authorization, and accounting (AAA), Application Visibility and Control (AVC), Distance Vector Multicast Routing Protocol (DVMRP), IPv4-to-IPv6 Multicast, MPLS, Layer 2 and Layer 3 VPN, IPsec, Layer 2 Tunneling Protocol Version 3 (L2TPv3), Bidirectional Forwarding Detection (BFD), IEEE 802.1ag, and IEEE 802.3ah |
Encapsulations | Generic routing encapsulation (GRE), Ethernet, 802.1q VLAN, Point-to-Point Protocol (PPP), Multilink Point-to-Point Protocol (MLPPP), Frame Relay, Multilink Frame Relay (MLFR) (FR.15 and FR.16), High-Level Data Link Control (HDLC), Serial (RS-232, RS-449, X.21, V.35, and EIA-530), and PPP over Ethernet (PPPoE) |
Traffic management | QoS, Class-Based Weighted Fair Queuing (CBWFQ), Weighted Random Early Detection (WRED), Hierarchical QoS, Policy-Based Routing (PBR), Performance Routing (PfR), and Network-Based Application Recognition (NBAR) |
Cryptographic algorithms | Encryption: DES, 3DES, AES-128 or AES-256 (in CBC and GCM modes); Authentication: RSA (748/1024/2048 bit), ECDSA (256/384 bit); Integrity: MD5, SHA, SHA-256, SHA-384, SHA-512 |
Services Plane: Enabling the Branch-in-a-Box
All Cisco 4000 Series ISRs contain processing cores built in as standard to allow full-featured services to run on board. This includes the full-featured Cisco WAAS engine that provides application acceleration and highly responsive virtual desktop experience. The technology is known as Cisco Service Containers, and it uses a standard hypervisor to allow x64-based applications to run.
The 4000 Series routers can be fitted with solid-state drives (SSD) and server cards for local storage and computing capability. The Cisco UCS® E-Series server cards are available with 8-core Intel® Xeon® processors with up to 48 GB of high-speed DDR3 memory and three drives built in, offering RAID 0, 1, and 5. This immense amount of compute power can eliminate the need for any dedicated servers at branch sites. Cisco UCS E-Series cards can be configured and managed using VMware vCenter and pooled with data center compute resources.
Product Performance and Scalability
The Cisco 4000 Series is built on a multicore CPU architecture. It runs modular Cisco IOS XE Software, which allows the platform to use to full advantage a distributed multicore architecture. The architecture of the Cisco 4000 Series separates control- and data-plane operations and integrates an industry-first services plane. This design delivers full-featured integrated services up to Layer 7 at high performance, with the ability to deliver application-aware network services while maintaining a stable platform and a high level of performance during periods of heavy network traffic.
The 4000 Series consists of three subseries of routers – the 4400 Series, the 4300 Series, and the 4200 Series – whose performance levels are represented in Figure 2.
Figure 2. Cisco 4000 Series ISRs Performance Comparison
Throughout the 4000 Series, all platforms come with fixed maximum performance levels. One fixed base performance level is delivered as the factory default, with an optional performance-on-demand license to increase the base forwarding throughput. This scenario enables deployment in high-speed WAN environments through performance-on-demand licensing to double or, for one of the platforms, triple the router capacity without any hardware upgrades.
All 4000 Series platforms have their fixed performance levels set well within actual capacity, with the result that performance does not necessarily degrade when a service is added to the configuration. This setup provides a deterministic performance, eliminating a network administrator’s guesswork when planning for new services.
For a more detailed document on 4000 Series performance and platform scalability, refer to the white paper at http://www.cisco.com/c/en/us/products/collateral/routers/4000-series-integrated-services-routers-isr/white-paper-c11-734550.html.
Interfaces and Modules Support
The Cisco 4000 Series Integrated Services Routers (ISRs) are modular routers with LAN and WAN connectivity. The routers provide for network interface module (NIM) slots and enhanced service module (SM-X) slots, offering a rich set of modules, such as LAN, WAN and wireless interfaces, plus a range of compute engines for embedded services.
For the complete list of modules supported on the 4000 Series, refer to the Interfaces and Modules data sheet at http://www.cisco.com/c/en/us/products/routers/4000-series-integrated-services-routers-isr/relevant-interfaces-and-modules.html.
Support for Intelligent WAN
The 4000 Series is optimized for Cisco Intelligent WAN. For enterprises, this means that business-critical applications run faster, with more reliability and reduced operational expenditures (OpEx). The Intelligent WAN achieves this by giving all branches and data centers the ability to monitor, control, move, and report on streams of application data, such as specific web (HTTP) traffic. The 4000 Series has deep packet inspection capability and can accurately identify and control thousands of different applications, including custom in-house enterprise applications.
The 4000 Series with Intelligent WAN can pay for itself in WAN cost savings within months, and the ongoing deep application visibility and reporting will continue to provide valuable application, site, and user statistics to better manage the rollout of new sites or applications.
The benefits are immense:
1. Business-critical applications no longer have to contend with each other or with traffic that should be served on a best effort basis.
2. The enterprise network becomes more reliable because multiple paths can be used.
3. Costs are greatly reduced because dual MPLS links can be replaced with a mix of MPLS and Internet.
4. The time required to bring up new remote sites is dramatically reduced because the Intelligent WAN supports rapidly deployed DSL and 3G/4G LTE connections as easily as MPLS.
5. Security is assured across these connections using a zero-touch secure VPN technology used by governments and finance organizations worldwide.
From a platform perspective, the 4000 Series has the following:
1. Separate control and data planes for prevention of denial-of-service (DoS) attacks, with intrusion prevention system (IPS) and firewall capability built in.
2. Software-as-a-service (SaaS) applications can have content locally cached. The caching is automatic and peers directly with Akamai technology to obtain intelligence.
3. Application performance speed is greatly increased using built-in application acceleration technology that can locally cache at a byte level.
Support for Data Modeling
Enterprises and service providers wish to drive down the operational cost (OpEx) of their networks and increase the agility and speed with which they deliver new services, furthered by investments in software-defined networking (SDN) and network functions virtualization (NFV). Cisco routers provide support for Netconf and YANG data modeling, with increasing model coverage in successive releases.
Cisco IOS Software Licensing and Packaging
Universal Cisco IOS XE Image
A single Cisco IOS XE Universal image encompassing all functions is delivered with the platform. Advanced features can be enabled simply by activating a software license on the Universal image. Technology packages and feature licenses, enabled through right-to-use licenses, simplify software delivery and decrease the operational costs of deploying new features.
Four major technology licenses are available on the Cisco 4000 Series; these licenses can be activated through the Cisco software activation process identified at http://www.cisco.com/go/sa. The following licenses are available:
● IP Base: This technology package is available as the default.
● Application Experience (APPX): This license includes data and application performance features.
● Unified Communications (UC):[6] This license includes voice features.
● Security (SEC) or Security with No Payload Encryption (SEC-NPE): This license includes features for securing network infrastructure.
The Cisco 4000 Series has a performance-on-demand license to increase the base forwarding throughput with no hardware changes. Also present is the High Security (HSEC) license, which removes the curtailment enforced by the U.S. government export restrictions on the encrypted tunnel count and encrypted throughput. The HSECK9 license is a separately required license for a feature to have full crypto functionality. Without the HSECK9 license, only 225 secure tunnels and 85 Mbps of crypto bandwidth would be available.
For additional information and details about Cisco IOS Software licensing and packaging on the Cisco 4000 Series, please visithttp://www.cisco.com/c/en/us/td/docs/routers/access/4400/software/configuration/guide/isr4400swcfg.pdf.
Cisco 4000 Series Bundles
Cisco 4000 Series routers are available is several attractive bundles. The AX bundles integrate Cisco Wide Area Application Services (WAAS), Security (SEC), and Data (DATA) licenses into a single bundle that is simple to order, configure, and deploy. For customers who are also interested in voice along with all of these features, AXV presents an attractive option. See Table 5 for details.
Table 5. Cisco 4000 Series Feature Bundles
Bundles | Features |
Application Experience with Voice (AXV) | AX + Voice |
Voice with Security (VSEC) | Voice + Security |
Application Experience (AX) | IP Base + Security + advanced networking protocols: L2TPv3, BFD, MPLS, VRF, VXLAN[7](bandwidth less than 100 Mbps) Application Experience: PfRv3, WAAS with AppNav, NBAR2, AVC, IPSLA Hybrid Cloud Connectivity: LISP, OTV5 (for bandwidth less than 100 Mbps), Virtual Private LAN Services (VPLS), Ethernet over MPLS Intelligent web caching: Akamai Connect |
Voice (V) | IP Base + Unified Communications: Cisco Unified Communications Manager Express, Survivable Remote Site Telephony (SRST), CUBE |
Security (SEC) | IP Base + Advanced Security: Zone-based firewall, IPsec VPN, EzVPN, Dynamic Multipoint VPN (DMVPN), FlexVPN |
Note: The 4221/K9 does not support UC (voice). Hence, there are no V, VSEC, or AXV bundles for the 4221/K9 model.
More information on ISR AX bundles is available at http://www.cisco.com/go/ax.
A pay-as-you-grow licensing model lets you increase the performance level for the platforms from the base level to a higher level. So you can purchase at an attractive entry-level price point and increase the performance level as your business demand grows. Table 6 describes the performance licenses.
Table 6. Cisco 4000 Series Performance Licenses
Platform | Performance-on-Demand License | Features |
ISR4451 | FL-44-PERF-K9 | Increases the performance from base performance 1 Gbps to 2 Gbps |
ISR4431 | FL-44-PERF-K9 | Increases the performance from base performance 500 Mbps to 1 Gbps |
ISR4351 | FL-4350-PERF-K9 | Increases the performance from base performance 200 Mbps to 400 Mbps |
ISR4331 | FL-4330-PERF-K9 | Increases the performance from base performance 100 Mbps to 300 Mbps |
ISR4321 | FL-4320-PERF-K9 | Increases the performance from base performance 50 Mbps to 100 Mbps |
ISR4221 | FL-4220-PERF-K9 | Increases the performance from base performance 35 Mbps to 75 Mbps |
Ordering Information
The Cisco 4000 Series ISRs are orderable and shipping. To place an order, refer to Table 7 and visit the Cisco Ordering Home Page.
Table 7. Cisco 4000 Series Ordering Information
Product Name | Product Description |
ISR4451-X/K9 | 4451 ISR with 4 onboard GE, 3 NIM slots, 1 ISC slot, 2 SM slots, 8 GB flash memory default, 2 GB DRAM default (data plane), 4 GB DRAM default (control plane) |
ISR4431/K9 | 4431 ISR with 4 onboard GE, 3 NIM slots, 1 ISC slot, 8 GB flash memory default, 2 GB DRAM default (data plane), 4 GB DRAM default (control plane) |
ISR4351/K9 | 4351 ISR with 3 onboard GE, 3 NIM slots, 1 ISC slot, 2 SM slots, 4 GB flash memory default, 4 GB DRAM default |
ISR4331/K9 | 4331 ISR with 3 onboard GE, 2 NIM slots, 1 ISC slot, 1 SM slot, 4 GB flash memory default, 4 GB DRAM default |
ISR4321/K9 | 4321 ISR with 2 onboard GE, 2 NIM slots, 1 ISC slot, 4 GB flash memory default, 4 GB DRAM default |
ISR4221/K9 | 4221 ISR with 2 onboard GE, 2 NIM slots, 1 ISC slot, 8 GB flash memory default, 4 GB DRAM default |
For additional product numbers, including the Cisco 4000 Series bundle offerings, please contact your local Cisco account representative. To place an order, visit the Cisco Ordering Home Page. To download software, visit the Cisco Software Center.
Integrated Services Router Migration Options
The Cisco 4000 Series is included in the standard Cisco Technology Migration Program (TMP). Refer to http://www.cisco.com/go/tmp and contact your local Cisco account representative for program details.
Warranty Information
The Cisco 4000 Series Integrated Services Routers have a 90-day limited liability warranty.
Cisco and Partner Services for the Branch Office
Services from Cisco and our certified partners help you transform the branch-office experience and accelerate business innovation and growth. We have the expertise to create a clear, replicable, optimized branch-office footprint across technologies. Planning and design services align technology with your business goals and can increase deployment efficiency. Technical services help you improve operational efficiency, save money, and mitigate risk. Optimization services help you continuously improve performance and succeed with new technologies. For more information, please visit http://www.cisco.com/go/services.
Cisco Smart Net Total Care™ technical support for the Cisco 4000 Series is available on a one-time or annual contract basis. Support options range from help-desk assistance to proactive, onsite consultation. All support contracts include:
● Major Cisco IOS Software updates for protocol, security, bandwidth, and feature improvements
● Full access rights to Cisco.com technical libraries for technical assistance, electronic commerce, and product information
● Access 24 hours a day to the industry’s largest dedicated technical support staff
Cisco Capital
Financing to Help You Achieve Your Objectives
Cisco Capital® can help you acquire the technology you need to achieve your objectives and stay competitive. We can help you reduce CapEx. Accelerate your growth. Optimize your investment dollars and ROI. Cisco Capital financing gives you flexibility in acquiring hardware, software, services, and complementary third-party equipment. And there’s just one predictable payment. Cisco Capital is available in more than 100 countries.Learn more.
For More Information
For more information about the Cisco 4000 Series, visit http://www.cisco.com/go/isr4k or contact your local Cisco account representative.