Data Sheet
Cisco 4000 Series Integrated Services Routers
Cisco® 4000 Series Integrated Services Routers (ISRs) form an intelligent WAN platform that delivers the performance, security, and convergence capabilities that today’s branch offices need.
Product Overview
The Cisco 4000 Series Integrated Services Routers (ISR) revolutionize WAN communications in the enterprise branch. With new levels of built-in intelligent network capabilities and convergence, the routers specificallyaddress the growing need for application-aware networking in distributed enterprise sites. These locations tend to have lean IT resources. But they often also have a growing need for direct communication with both private data centers and public clouds across diverse links, including Multiprotocol Label Switching (MPLS) VPNs and the Internet.
The Cisco 4000 Series contains sixplatforms: the 4451, 4431, 4351, 4331, 4321 and 4221 ISRs (Figure 1).
Figure 1. Cisco 4000 Series Integrated Services Routers
Features and Benefits
Cisco 4000 Series ISRs provide you with Cisco Intelligent WAN (IWAN) software features and a converged branch infrastructure. Along with superior throughput, these capabilities form the building blocks of next-generation branch-office WAN solutions.
Cisco Intelligent WAN (IWAN)
Cisco IWAN is a set of intelligent software services that allow you to reliablyand securelyconnect users, devices, and branch office locations across a diverse set of WAN transport links. IWAN -enabled routers like the 4000 Series dynamicallyroute traffic across the “best” link based on up-to-the-minute application and network conditions for great application experiences. You get tight control over application performance, bandwidth usage, data privacy, and availability of your WAN links —control that you need as your branches conduct greater volumes of missioncritical business.
Cisco Converged Branch Infrastructure
The Cisco 4000 Series ISRs consolidate manymust-have IT functions, including network, compute, and storage resources. The high-performance, integrated routers run multiple concurrent IWAN services, incl uding encryption, traffic management, and WAN optimization, without slowing your data throughput. And you can activate new services on demand through a simple licensing change.
Table 1 breaks out manyof the features and benefits of the Cisco 4000 Series that create an intelligent WAN and a converged branch infrastructure.
© 2017 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Public Inf ormation. |
Page 1 of 14 |
Table 1. |
Cisco 4000 Series ISR General Feature Highlights |
||
|
|
||
Business Requirement(s) |
Feature/Solution |
||
|
|
||
Performance |
● Concurrent sof tware serv ices at speeds up to 2 Gbps. Backplane architecture supports high- |
||
● Throughput |
bandwidth module-to-module communication at speeds up to 10 Gbps. |
||
|
|||
● Serv ice reliability |
● A distributed multicore architecture with the industry ’s f irst internal serv ices plane. |
||
|
|||
|
|
● Remote installation of application-aware serv ices, which run identically to their counterparts |
|
|
|
in dedicated appliances. |
|
|
|
||
Lower WAN expenditures |
● Embedded IWAN solution f or creating lower-cost, business-class Internet connections. |
||
|
|
||
Pay-as-you-grow |
● Router capacity can be increased with a remote perf ormance-on-demand license upgrade |
||
● Perf ormance upgrade model |
(no hardware upgrade) f or exceptional sav ings. |
||
|
|||
● Inv estment protection |
|
||
● CapEx budget management |
|
||
|
|
||
Superior and secure user application |
● ISR-AX “Application Experience” sof tware bundle with adv anced routing and network |
||
experiences |
|
monitoring serv ices. |
|
|
|
● Dy namic Multipoint VPN (DMVPN), zone-based f irewalls, intrusion prev ention (Snort and |
|
|
|
||
|
|
Umbrella Branch) and content management using Cisco Cloud Web Security and OpenDNS |
|
|
|
protecting data, prov iding authentication credentials, and enabling transmissions that are not |
|
|
|
backhauled through the data center. |
|
|
|
● Secure boot f eature perf orms hardware-based authentication of the bootloader sof tware to |
|
|
|
prev ent malicious or unintended sof tware f rom booting on the sy stem. |
|
|
|
|
|
|
|
● Code signing v erif ies digital signatures of executables prior to loading to prev ent execution |
|
|
|
of altered or corrupted code. |
|
|
|
● Hardware authentication protects against hardware counterf eiting by using an on-board |
|
|
|
tamper-proof silicon, including f ield replaceable modules. If authentication f ails, the module |
|
|
|
is not allowed to boot. |
|
|
|
||
IT consolidation, space savings, and |
● Single conv erged branch platf orm integrates routing, switching, v irtual serv er, storage, |
||
improved total cost of ownership (TCO) |
security , unif ied communications, WAN optimization, and perf ormance management tools. |
||
|
|
||
Business continuity and increased |
● 4400 Series models (4451 and 4431 ISRs) support dual integrated power supplies |
||
resiliency |
|
f or backup. The entire 4000 Series supports optional power supply capable of |
|
|
|
deliv ering additional PoE power to endpoints. Def ined models prov ide f or a DC power |
|
|
|
||
|
|
||
|
|
supply . |
|
|
|
|
|
|
|
● Modular network interf aces with div erse connection options f or load-balancing and network |
|
|
|
resiliency . |
|
|
|
● Modular interf aces with online remov al and insertion (OIR) f or module upgrades without |
|
|
|
network disruption. |
|
|
|
● Cisco Unif ied Surv iv able Remote Site Telephony (SRST), which serv es as a resiliency |
|
|
|
complement to Cisco Hosted Collaboration Solution (HCS), a Cisco cloud-based UC serv ice. |
|
|
|
● Support f or multiple, div erse access links: T1/E1, T3/E3, Serial, xDSL, Gigabit and Ten- |
|
|
|
Gigabit Ethernet. |
|
|
|
||
Lower telephony costs with VoIP and rich |
● High-perf ormance analog/digital gateway , allowing VoIP ov er less expensiv e Session |
||
media experiences |
Initiation Protocol (SIP) trunks. |
||
|
|
● Integrated IP PBX (Cisco Unif ied Communications Express) and Session Border Controller |
|
|
|
(Cisco Unif ied Border Element, or CUBE). |
|
|
|
||
Easier manageability and support |
● Single, univ ersal sof tware image f or all f eatures and perf ormance-on-demand licensing |
||
|
|
f lexibility . |
|
|
|
||
|
|
● No additional serv ices and support needed f or compute and storage. |
|
|
|
● Supported by Cisco and third-party management tools, with programmability and |
|
|
|
automation. |
|
|
|
|
Platform Architecture
Table 2 lists the primary hardware architectural features and benefits of the Cisco 4000 Series. The routers run modular Cisco IOS® XE Software, widely deployed in the world’s most demanding networks. The software’s comprehensive portfolio of services spans multiple technologyareas, including security, WAN optimization, app and network quality of service (QoS), and embedded management.
© 2017 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Public Inf ormation. |
Page 2 of 14 |
Table 2. |
Architectural Highlights |
|
|
|
|
Architectural Features |
Benefits/Description |
|
|
|
|
Multicore processors |
● High-perf ormance multicore processors support high-speed WAN connections. The data plane uses an |
|
|
|
emulated Flow Processor (FP) that deliv ers application-specif ic integrated circuit (ASIC)-like perf ormance |
|
|
that does not degrade as serv ices are added. |
|
|
|
Embedded IP Security (IPsec) |
● Increases scalability . When combined with an optional Cisco IOS XE Sof tware Security license, enables |
|
VPN hardware acceleration |
WAN link security and VPN serv ices. |
|
|
|
|
Integrated Gigabit Ethernet |
● The Cisco 4000 Series prov ides up to f our built-in 10/100/1000 Ethernet ports f or WAN or LAN. |
|
ports |
|
|
|
● Based on the platf orm, some of the 10/100/1000 Ethernet ports can support Small Form -Factor |
|
|
|
|
|
|
Pluggable (SFP)-based connectiv ity in addition to RJ-45 connections, enabling f iber or copper |
|
|
connectiv ity . |
|
|
● Optionally , depending on the platf orm, up to 30W PoE+ can be enabled on two of the built -in f ront panel |
|
|
Gigabit Ethernet interf aces to prov ide power to external dev ices such as f ourth-generation (4G) LTE |
|
|
routers. |
|
|
● An additional dedicated Gigabit Ethernet port is prov ided f or dev ice management. 1 |
USB-based console access |
● A mini ty pe B USB console port1 supports management connectiv ity when traditional serial ports are not |
|
|
|
av ailable. |
|
|
|
|
|
● Traditional console and auxiliary ports are also av ailable.2 |
Optional integrated power |
● An optional upgrade to the internal power supply prov ides inline power (802.3af -compliant PoE or |
|
supply for distribution of PoE |
802.3at-compliant PoE+) to optional integrated switch modules. |
|
|
|
● Redundant PoE conv ersion modules prov ide an additional lay er of f ault tolerance. |
|
|
|
Optional integrated redundant |
● For the 4400 Series, power redundancy is av ailable by installing an optional integrated RPS f or |
|
power supply (RPS) |
decreasing network downtime and protecting the network f rom power f ailures. |
|
|
|
● Optional PoE boost mode increases total PoE capac ity to up to 1000W. |
|
|
|
|
|
|
Cisco Enhanced Services |
● Each serv ice-module slot of f ers high data-throughput capability of up to 10 Gbps toward the sy stem and |
|
Module (SM-X) |
up to 1 Gbps to other module slots. |
|
|
|
● Support f or both singleand double-wide serv ice modules prov ides f lexibility in deploy ment options. |
|
|
● An SM-X slot can be conv erted into a Network Interf ace Module (NIM) slot using an optional carrier card. |
|
|
● Serv ice modules support online insertion and remov al (OIR), av oiding network disruption when installing |
|
|
new or replacement modules.1 |
|
|
|
Cisco Network Interface |
● Up to three integrated NIM slots on the Cisco 4000 Series allow f or f lexible conf igurations. |
|
Modules (NIMs)3 |
● Each NIM slot of f ers options of up to two 2-Gbps connections, one toward the route processor and one |
|
|
|
f or direct module-to-module communication. The 4221 ISR has only one 1-Gbps connection to the route |
|
|
|
|
|
processor. |
|
|
● NIMs support OIR. |
|
|
|
|
|
● Special NIMs add support f or solid-state driv es (SSDs) and hard disk driv es (HDDs).1 |
|
|
|
Cisco Integrated Services Card |
● Integrated Serv ices Card nativ ely supports the new Cisco High-Density Packet Voice Digital Signal |
|
(ISC) slot on motherboard |
Processor Modules (PVDM4s), prov iding greater-density rich-media v oice. |
|
|
|
● Each Integrated Serv ices Card slot connects to the sy stem architecture through an up to 2-Gbps link. |
|
|
● Future modules can be hosted on the Integrated Serv ices Card slot, improv ing sy stem f unctions. |
|
|
|
Flash memory support |
● A single f lash memory slot is av ailable to support high-speed storage densities, upgradable to up to |
|
|
|
32 GB. The 4221 ISR ships with a f ixed 8 GB f lash. |
|
|
|
|
|
● Two USB ty pe A 2.0 ports prov ide capabilities f or conv enient storage. 1 |
|
|
|
DRAM |
|
● For the 4400 Series ISRs, the def ault control-plane memory is 4 GB, upgradable to 16 GB to prov ide |
|
|
additional scalability f or control-plane f eatures. The def ault data-plane memory is 2 GB. |
|
|
● For the 4300 Series ISRs, the def ault memory is 4 GB, upgradable to 16 GB (only 8 GB f or the 4321) to |
|
|
prov ide additional scalability . |
|
|
● The 4200 Series comes with 4 GB f ixed DRAM. |
|
|
|
1Not supported on the 4221 model.
2The 4221 model supports shared console and auxiliary ports.
3Unified Communications (UC) License and Unified Communications NIM’s are not supported on the ISR4221.
© 2017 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Public Inf ormation. |
Page 3 of 14 |
Managing Your Cisco 4000 Series ISRs
The Cisco network management applications listed at the top of Table 3 are standalone products that can be purchased or downloaded to manage your Cisco network devices. The applications are built specificallyfor the different operational phases; select those that best fit your needs. Those management capabilities listed under the
“Cisco IOS Software XE Embedded Management” heading are directlyintegrated into the ro uters’ software operating system.
Table 3. |
Netw ork Management Solutions |
|
|
|
|
|
|
Operational Phase |
Application |
Description |
|
|
|
|
|
Device staging and configuration |
WebUI |
● A GUI-based dev ice-management tool f or Cisco IOS and Cisco IOS XE |
|
|
|
|
Sof tware-based access routers. This tool simplif ies routing, f irewall, VPN, |
|
|
|
unif ied communications, and WAN and LAN conf iguration through easy -to-use |
|
|
|
wizards. |
|
|
|
|
Network-wide deployment, |
Cisco Prime® |
● Of f ers comprehensiv e lif ecycle management of wired and wireless access, |
|
|
|
|
|
configuration, monitoring, and |
Inf rastructure |
campus, and branch-of f ice networks, rich v isibility into end-user connectiv ity, |
|
troubleshooting |
|
and application perf ormance assurance. |
|
|
|||
|
|
|
● Prov ides wired lif ecy cle functions such as inv entory, configuration, and image |
|
|
|
|
|
|
|
management; automated deploy ment; compliance reporting; integrated best |
|
|
|
practices; and reporting. |
|
|
|
|
Staging, deployment, and changes |
Cisco |
● A secure network management product that prov ides zero-touch image and |
|
to configuration and image files |
Conf iguration |
conf iguration distribution through centralized, template-based management. |
|
|
|
Engine |
|
|
|
|
|
Context-aware security configuration |
Cisco Prime |
● Management tool f or conf iguring and managing context -aware security . The |
|
and monitoring |
Security Manager |
application supports both singleand multi-dev ice manager f orm f actors. |
|
|
|
|
● Prov ides the ability to write and enf orce the granular context -aware security |
|
|
|
|
|
|
|
policies. |
|
|
|
|
Cisco Wide Area Application Service |
Cisco WAAS |
● The management tool f or the WAAS1,4 (WAN optimization and application |
|
(WAAS) management |
Central Manager |
acceleration) integrated serv ice. It prov ides a centralized mechanism f or |
|
|
|
|
conf iguring WAAS f eatures, reporting, and monitoring. |
|
|
|
|
Cisco IOS XE Software Embedded Management Capabilities |
|||
|
|
|
|
Feature |
|
Description |
|
|
|
||
Cisco IOS Embedded Event Manager |
● A distributed and customized approach to ev ent detection and recov ery . |
||
(EEM) |
|
● Of f ers the ability to monitor ev ents and take inf ormational, correctiv e, or any desired EEM action |
|
|
|
||
|
|
when the monitored ev ents occur or when a threshold is reached. |
|
|
|
||
Cisco IOS XE IP Service-Level |
● Helps assure the perf ormance of new business-critical IP applications as well as IP serv ices that |
||
Agreements (IP SLAs) |
use data and v oice in an IP network. |
||
|
|
||
SNMP, Remote Monitoring (RMON), |
● Network monitoring and accounting tools. |
||
syslog, NetFlow, IP Flow Information |
|
|
|
Export (IPFix) |
|
|
|
|
|
|
|
Product Specifications
Table 4 lists the general product specifications for the Cisco 4000 Series routers.
Table 4. |
Specifications of Cisco 4000 Series Integrated Services Routers |
|
|
|
||||||
|
|
|
|
|
|
|
|
|||
Technical |
|
Cisco 4451 |
Cisco 4431 |
Cisco 4351 |
Cisco 4331 |
Cisco 4321 |
Cisco 4221 |
|||
Specifications |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
Aggregate |
|
1 |
Gbps to |
500 Mbps to |
200 |
Mbps to |
100 |
Mbps to |
50 Mbps to |
35 Mbps to 75 |
Throughput |
|
2 |
Gbps |
1 Gbps |
400 |
Mbps |
300 |
Mbps |
100 Mbps |
Mbps |
|
|
|
||||||||
|
|
|
|
|
|
|
|
|
|
|
Total onboard WAN |
4 |
|
4 |
3 |
|
3 |
|
2 |
2 |
|
or LAN 10/100/1000 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||
ports |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
4 It is suggested to use AppNav w ith an external WAAS device for the 4221 model.
© 2017 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Public Inf ormation. |
Page 4 of 14 |
|
Technical |
Cisco 4451 |
|
Cisco 4431 |
Cisco 4351 |
Cisco 4331 |
Cisco 4321 |
Cisco 4221 |
|
|
|
|
|||||||
|
Specifications |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
RJ-45-based ports |
4 |
4 |
3 |
2 |
2 |
2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
SFP-based ports |
4 |
|
4 |
3 |
2 |
1 |
1 |
|
|
|
|
|
|
|
|
|
|
|
|
Enhanced service- |
2 |
0 |
2 |
1 |
0 |
0 |
|
|
|
module slots |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Doublewide |
1 (assumes no |
|
0 |
1 (assumes no |
0 |
0 |
0 |
|
|
service-module |
singlewide SM-X |
|
|
singlewide SM-X |
|
|
|
|
|
|
|
|
|
|
|
|||
|
slots |
modules installed) |
|
|
modules installed) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
NIM slots |
3 |
3 |
3 |
2 |
2 |
2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
OIR (all I/O |
Yes |
|
Yes |
Yes |
Yes |
Yes |
No |
|
|
modules) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Onboard ISC slot |
1 |
1 |
1 |
1 |
1 |
No |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default memory |
NA |
|
NA |
4 GB |
4 GB |
4 GB |
4 GB |
|
|
double-data-rate 3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(DDR3) error- |
|
|
|
|
|
|
|
|
|
correction-code |
|
|
|
|
|
|
|
|
|
(ECC) DRAM |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(Combined |
|
|
|
|
|
|
|
|
|
control/services/da |
|
|
|
|
|
|
|
|
|
ta planes) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Maximum memory |
NA |
|
NA |
16 GB |
16 GB |
8 GB |
4 GB |
|
|
DDR3 ECC DRAM |
|
|
|
|
|
|
|
|
|
(Combined |
|
|
|
|
|
|
|
|
|
control/services/da |
|
|
|
|
|
|
|
|
|
ta planes) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Default memory |
2 GB |
|
2 GB |
NA |
NA |
NA |
NA |
|
|
DDR3 ECC DRAM |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(data plane) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Maximum memory |
2 GB |
|
2 GB |
NA |
NA |
NA |
NA |
|
|
DDR3 ECC DRAM |
|
|
|
|
|
|
|
|
|
(data plane) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Default memory |
4 GB |
|
4 GB |
NA |
NA |
NA |
NA |
|
|
DDR3 ECC DRAM |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(control/services |
|
|
|
|
|
|
|
|
|
plane) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Maximum memory |
16 GB |
|
16 GB |
NA |
NA |
NA |
NA |
|
|
DDR3 ECC DRAM |
|
|
|
|
|
|
|
|
|
(control/services |
|
|
|
|
|
|
|
|
|
plane) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Default flash |
8 GB |
|
8 GB |
4 GB |
4 GB |
4 GB |
8 GB |
|
|
memory |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Maximum flash |
32 GB |
|
32 GB |
16 GB |
16 GB |
8 GB |
8 GB |
|
|
memory |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
External USB 2.0 |
2 |
|
2 |
2 |
1 |
1 |
1 |
|
|
slots (type A) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
USB console port - |
1 |
1 |
1 |
1 |
1 |
0 |
|
|
|
type B mini (up to |
|
|
|
|
|
|
|
|
|
115.2 kbps) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Serial console port |
1 |
|
1 |
1 |
1 |
1 |
1 (combo |
|
|
- RJ45 (up to 115.2 |
|
|
|
|
|
|
CON/AUX port) |
|
|
|
|
|
|
|
|
|
||
|
kbps) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Serial auxiliary port |
1 |
1 |
1 |
1 |
1 |
1 (combo |
|
|
|
- RJ45 (up to 115.2 |
|
|
|
|
|
|
CON/AUX port) |
|
|
kbps) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Power-supply |
Internal: AC, DC |
|
Internal: AC, DC, |
Internal: AC, DC |
Internal: AC and |
External: AC and |
External AC only |
|
|
options |
(roadmap) and |
|
and PoE |
(roadmap) and |
PoE |
PoE |
|
|
|
|
|
|
||||||
|
|
PoE |
|
|
PoE |
|
|
|
|
|
|
|
|
|
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
Redundant power |
Internal: AC, DC |
|
Internal: AC, DC, |
N/A |
N/A |
N/A |
NA |
|
|
supply |
(roadmap) and |
|
and PoE |
|
|
|
|
|
|
|
PoE |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
© 2017 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Public Inf ormation. |
|
|
Page 5 of 14 |