Cisco 4000 User Manual

© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 14

Data Sheet

Cisco 4000 Series Integrated Services Routers

Cisco® 4000 Series Integrated Services Routers (ISRs) form an intelligent WAN
platform that delivers the performance, security, and convergence capabilities that
today’s branch offices need.

Product Overview

The Cisco 4000 Series Integrated Services Routers (ISR) revolutionize WAN communications in the enterprise
branch. With new levels of built-in intelligent network capabilities and convergence, the routers specifically address
the growing need for application-aware networking in distributed enterprise sites. These locations tend to have lean
IT resources. But they often also have a growing need for direct communication with both private data centers and
public clouds across diverse links, including Multiprotocol Label Switching (MPLS) VPNs and the Internet.

The Cisco 4000 Series contains six platforms: the 4451, 4431, 4351, 4331, 4321 and 4221 ISRs (Figure 1).

Figure 1. Cisco 4000 Series Integrated Services Routers

Features and Benefits

Cisco 4000 Series ISRs provide you with Cisco Intelligent WAN (IWAN) software features and a converged branch
infrastructure. Along with superior throughput, these capabilities form the building blocks of next-generation

branch-office WAN solutions.

Cisco Intelligent WAN (IWAN)

Cisco IWAN is a set of intelligent software services that allow you to reliably and securely connect users, devices,
and branch office locations across a diverse set of WAN transport links. IWAN-enabled routers like the 4000 Series
dynamically route traffic across the “best” link based on up-to-the-minute application and network conditions for
great application experiences. You get tight control over application performance, bandwidth usage, data privacy,
and availability of your WAN links—control that you need as your branches conduct greater volumes of mission-

critical business.

Cisco Converged Branch Infrastructure

The Cisco 4000 Series ISRs consolidate many must-have IT functions, including network, compute, and storage
resources. The high-performance, integrated routers run multiple concurrent IWAN services, including encryption,
traffic management, and WAN optimization, without slowing your data throughput. And you can activate new

services on demand through a simple licensing change.
Table 1 breaks out many of the features and benefits of the Cisco 4000 Series that create an intelligent WAN and a

converged branch infrastructure.

© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 14

Business Requirement(s)

Feature/Solution

Performance

●

Throughput

●

Service reliability

●

Concurrent software services at speeds up to 2 Gbps. Backplane architecture supports high­bandwidth module-to-module communication at speeds up to 10 Gbps.

●

A distributed mult icore architecture with the industry ’s firs t internal serv ices plane.

●

Remote installation of application-aware serv ices, which run identically to their counterparts
in dedicated appliances.

Lower WAN expenditures

●

Embedded IWAN solution for creating lower-cost, business-class Internet connections.

Pay-as-you-grow

●

Performance upgrade model

●

Inv estment protection

●

CapEx budget management

●

Router capacity can be increased with a remote performance-on-demand license upgrade
(no hardware upgrade) f or exceptional sav ings.

Superior and secure user application
experiences

●

ISR-AX “Applicat ion Experience” software bundle with adv anced routing and network

monitoring serv ices.

●

Dy namic Multipoint VPN (DMVPN), zone-based f irewalls, intrusion prevention (Snort and
Umbrella Branch) and content management using Cisco Cloud Web Security and OpenDNS
protecting data, providing authentication credentials, and enabling transmissions that are not
backhauled through the data center.

●

Secure boot f eature performs hardware-based authentication of the bootloader software to
prevent malicious or unintended sof tware from booting on the sy stem.

●

Code signing v erifies digital signatures of executables prior to loading to prev ent execution
of altered or corrupted code.

●

Hardware authentication protects against hardware counterf eiting by using an on-board
tamper-proof silicon, including f ield replaceable modules. If authentication fails, the module
is not allowed to boot.

IT consolidation, space savings, and
improved total cost of ownership (TCO)

●

Single conv erged branch platform integrates routing, switching, virtual serv er, storage,
security, unified communications, WAN optimization, and perf ormance management tools.

Business continuity and increased
resiliency

●

4400 Series models (4451 and 4431 ISRs) support dual integrated power supplies
for backup. The entire 4000 Series supports optional power supply capable of
delivering additional PoE power to endpoints. Defined models provide for a DC power
supply .

●

Modular network interfaces with diverse connection options for load-balancing and network
resiliency.

●

Modular interfaces with online removal and insertion (OIR) for module upgrades without
network disruption.

●

Cisco Unified Surviv able Remote Site Telephony (SRST), which serves as a resiliency
complement to Cisco Hosted Collaboration Solution (HCS), a Cisco cloud-based UC serv ice.

●

Support for multiple, diverse access links: T1/E1, T3/E3, Serial, xDSL, Gigabit and Ten­Gigabit Ethernet.

Lower telephony costs with VoIP and rich
media experiences

●

High-perf ormance analog/digital gateway, allowing VoIP over less expensive Session
Initiation Protocol (SIP) trunks.

●

Integrated IP PBX (Cisco Unif ied Communications Express) and Session Border Controller

(Cisco Unified Border Element, or CUBE).

Easier manageability and support

●

Single, universal sof tware image for all features and perf ormance-on-demand licensing
flexibility.

●

No additional services and support needed for compute and storage.

●

Supported by Cisco and third-party management tools, with programmability and
automation.

Table 1. Cisco 4000 Series ISR General Feature Highlights

Platform Architecture

Table 2 lists the primary hardware architectural features and benefits of the Cisco 4000 Series. The routers run
modular Cisco IOS® XE Software, widely deployed in the world’s most demanding networks. The s oftware’s
comprehensive portfolio of services spans multiple technology areas, including security, WAN optimization, app
and network quality of service (QoS), and embedded management.

© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 14

Architectural Features

Benefits/Description

Multicore processors

●

High-perf ormance multicore processors support high-speed WAN connections. The data plane uses an
emulated Flow Processor (FP) that delivers application-specific integrated circuit (ASIC)-like perf ormance
that does not degrade as serv ices are added.

Embedded IP Security (IPsec)
VPN hardware acceleration

●

Increases scalability . When combined with an optional Cisco IOS XE Software Security license, enables
WAN link security and VPN services.

Integrated Gigabit Ethernet
ports

●

The Cisco 4000 Series provides up to four built-in 10/100/1000 Ethernet ports for WAN or LAN.

●

Based on the platf orm, some of the 10/100/1000 Ethernet ports can support Small Form-Factor
Pluggable (SFP)-based connectiv ity in addition to RJ-45 connections, enabling fiber or copper
connectivity.

●

Optionally , depending on the platform, up to 30W PoE+ can be enabled on two of the built-in front panel
Gigabit Ethernet interf aces to provide power to external dev ices such as fourth-generation (4G) LTE
routers.

●

An additional dedicated Gigabit Ethernet port is provided for device management.1

USB-based console access

●

A mini ty pe B USB console port1 supports management connectivity when traditional serial ports are not
available.

●

Traditional console and auxiliary ports are also available.2

Optional integrated power
supply for distribution of PoE

●

An optional upgrade to the internal power supply provides inline power (802.3af -compliant PoE or

802.3at-compliant PoE+) to optional integrated switch modules.

●

Redundant PoE conversion modules provide an additional lay er of fault tolerance.

Optional integrated redundant
power supply (RPS)

●

For the 4400 Series, power redundancy is available by installing an optional integrated RPS f or
decreasing network downtime and protecting the network f rom power failures.

●

Optional PoE boost mode increases total PoE capacity to up to 1000W.

Cisco Enhanced Services
Module (SM-X)

●

Each service-module slot off ers high data-throughput capability of up to 10 Gbps toward the sy stem and
up to 1 Gbps to other module slots.

●

Support for both single- and double-wide service modules provides flexibility in deployment options.

●

An SM-X slot can be converted into a Network Interface Module (NIM) slot using an optional carrier card.

●

Service modules support online insertion and removal (OIR), avoiding network disruption when installing
new or replacement modules.1

Cisco Network Interface
Modules (NIMs)3

●

Up to three integrated NIM slots on the Cisco 4000 Series allow f or flexible configurations.

●

Each NIM slot off ers options of up to two 2-Gbps connections, one toward the route processor and one
for direct module-to-module communication. The 4221 ISR has only one 1-Gbps connection to the route
processor.

●

NIMs support OIR.

●

Special NIMs add support for solid-state drives (SSDs) and hard disk drives (HDDs).1

Cisco Integrated Services Card
(ISC) slot on motherboard

●

Integrated Serv ices Card natively supports the new Cisco High-Density Packet Voice Digital Signal
Processor Modules (PVDM4s), providing greater-density rich-media voice.

●

Each Integrated Serv ices Card slot connects to the system architecture through an up to 2-Gbps link.

●

Future modules can be hosted on the Integrated Services Card slot, improv ing system functions.

Flash memory support

●

A single flash memory slot is available to support high-speed storage densities, upgradable to up to
32 GB. The 4221 ISR ships with a fixed 8 GB flash.

●

Two USB ty pe A 2.0 ports provide capabilities f or convenient storage.1

DRAM ● For the 4400 Series ISRs, the default control-plane memory is 4 GB, upgradable to 16 GB to provide

additional scalability for control-plane features. The default data-plane memory is 2 GB.

●

For the 4300 Series ISRs, the default memory is 4 GB, upgradable to 16 GB (only 8 GB for the 4321) to
provide additional scalability.

●

The 4200 Series comes with 4 GB fixed DRAM.

Table 2. Architectural Highlights

1

Not supported on the 4221 model.

2

The 4221 model supports shared console and auxiliary ports.

3

Unified Communications (UC) License and Unified Communications NIM’s are not supported on the ISR4221.

© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 14

Operational Phase

Application

Description

Device staging and configuration

WebUI ● A GUI-based device-management tool for Cisco IOS and Cisco IOS XE

Software-based access routers. This tool simplif ies routing, firewall, VPN,
unified communications, and WAN and LAN configuration through easy -to-use
wizards.

Network-wide deployment,
configuration, monitoring, and
troubleshooting

Cisco Prime®
Inf rastructure

●

Offers comprehensive lifecycle management of wired and wireless access,
campus, and branch-off ice networks, rich visibility into end-user connectivity,
and application perf ormance assurance.

●

Provides wired lifecycle functions such as inventory, configuration, and image
management; automated deployment; compliance reporting; integrated best
practices; and reporting.

Staging, deployment, and changes
to configuration and image files

Cisco
Conf iguration
Engine

●

A secure network management product that provides zero-touch image and
conf iguration distribution through centralized, template-based management.

Context-aware security configuration
and monitoring

Cisco Prime
Security Manager

●

Management tool f or configuring and managing context-aware security. The
application supports both single- and multi-device manager form factors.

●

Provides the ability to write and enforce the granular context-aware security
policies.

Cisco Wide Area Application Service
(WAAS) management

Cisco WAAS
Central Manager

●

The management tool for the WAAS1,4 (WAN optimization and application
acceleration) integrated serv ice. It provides a centralized mechanism for
conf iguring WAAS features, reporting, and monitoring.

Cisco IOS XE Software Embedded Management Capabilities

Feature

Description

Cisco IOS Embedded Event Manager
(EEM)

●

A distributed and customized approach to event detection and recovery.

●

Offers the ability to monitor events and take informational, corrective, or any desired EEM action
when the monitored events occur or when a threshold is reached.

Cisco IOS XE IP Service-Level
Agreements (IP SLAs)

●

Helps assure the perf ormance of new business-critical IP applications as well as IP services that
use data and voice in an IP network.

SNMP, Remote Monitoring (RMON),
syslog, NetFlow, IP Flow Information

Export (IPFix)

●

Network monitoring and accounting tools.

Technical
Specifications

Cisco 4451

Cisco 4431

Cisco 4351

Cisco 4331

Cisco 4321

Cisco 4221

Aggregate
Throughput

1 Gbps to
2 Gbps

500 Mbps to
1 Gbps

200 Mbps to
400 Mbps

100 Mbps to
300 Mbps

50 Mbps to
100 Mbps

35 Mbps to 75
Mbps

Total onboard WAN
or LAN 10/100/1000
ports

4 4 3 3 2

2

Managing Your Cisco 4000 Series ISRs

The Cisco network management applications listed at the top of Table 3 are standalone products that can be
purchased or downloaded to manage your Cisco network devices. The applications are built specifically for the
different operational phases; select those that best fit your needs. Those management capabilities listed under the

“Cis co IOS Software XE Embedded Management” heading are directly integrated into the routers ’ software

operating system.

Table 3. Network Management Solutions

Product Specifications

Table 4 lists the general product specifications for the Cisco 4000 Series routers.

Table 4. Specifications of Cisco 4000 Series Integrated Services Routers

4

It is suggested to use AppNav with an external WAAS device for the 4221 model.

© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 14

Technical
Specifications

Cisco 4451

Cisco 4431

Cisco 4351

Cisco 4331

Cisco 4321

Cisco 4221

RJ-45-based ports

4 4 3 2 2 2 SFP-based ports

4 4 3 2 1

1

Enhanced service­module slots

2 0 2 1 0

0

Doublewide
service-module
slots

1 (assumes no
singlewide SM-X
modules installed)

0

1 (assumes no
singlewide SM-X
modules installed)

0 0 0

NIM slots

3 3 3 2 2

2

OIR (all I/O
modules)

Yes

Yes

Yes

Yes

Yes

No

Onboard ISC slot

1 1 1 1 1

No

Default memory
double-data-rate 3
(DDR3) error­correction-code
(ECC) DRAM
(Combined
control/services/da
ta planes)

NA

NA

4 GB

4 GB

4 GB

4 GB

Maximum memory
DDR3 ECC DRAM
(Combined
control/services/da
ta planes)

NA

NA

16 GB

16 GB

8 GB

4 GB

Default memory
DDR3 ECC DRAM
(data plane)

2 GB

2 GB

NA

NA

NA

NA

Maximum memory
DDR3 ECC DRAM
(data plane)

2 GB

2 GB

NA

NA

NA

NA

Default memory
DDR3 ECC DRAM
(control/services
plane)

4 GB

4 GB

NA

NA

NA

NA

Maximum memory
DDR3 ECC DRAM
(control/services
plane)

16 GB

16 GB

NA

NA

NA

NA

Default flash
memory

8 GB

8 GB

4 GB

4 GB

4 GB

8 GB

Maximum flash
memory

32 GB

32 GB

16 GB

16 GB

8 GB

8 GB

External USB 2.0
slots (type A)

2 2 2 1 1

1

USB console port ­type B mini (up to

115.2 kbps)

1 1 1 1 1

0

Serial console port

- RJ45 (up to 115.2
kbps)

1 1 1 1 1

1 (combo
CON/AUX port)

Serial auxiliary port

- RJ45 (up to 115.2
kbps)

1 1 1 1 1

1 (combo
CON/AUX port)

Power-supply
options

Internal: AC, DC
(roadmap) and
PoE

Internal: AC, DC,
and PoE

Internal: AC, DC
(roadmap) and
PoE

Internal: AC and
PoE

External: AC and
PoE

External AC only

Redundant power
supply

Internal: AC, DC
(roadmap) and
PoE

Internal: AC, DC,
and PoE

N/A

N/A

N/A

NA