● The company doesn’t own its cloud connectivity, so it can’t extend its network setup to the cloud, potentially multicloud. As a result, you have to support different IP addresses and management tools on-premises and in the cloud.
● The company does not enjoy the same levels of privacy and security for its cloud deployment as
on-premises, so it has to handle inconsistent security and VPN policies and limited connection reliability. ● The company
cannot directly connect its distributed sites to its cloud applications, Instead, you have to redirect all network traffic through your data center, and you can’t prioritize and optimize your traffic. This situation causes a poor user experience for your IT applications deployed in the cloud.
● The
current cloud network switching (VLAN) architecture is limited in scale.
●
The cloud provider lacks all the components of an end-to-end managed connectivity service offering for its customers, including quality of service (QoS), application visibility, and service level agreements (SLAs). ● Door
Secure VPN link: CSR 1000V offers route-based IP security (IPsec) VPNs (Dynamic Multipoint VPN [DMVPN], Easy VPN, and FlexVPN), along with Cisco IOS Zone-Based Firewall (ZBFW) and access control, allowing an enterprise to securely connect distributed sites directly to its cloud deployment.
● Multiprotocol Label Switching Endpoint (MPLS): The CSR 1000V can serve as a client or vendor edge MPLS router that allows a service provider to offer a customer end-to-end managed connectivity with performance guarantees. In addition, by extending the MPLS WAN deeper into the cloud network, the service provider can increase the scale of the network, serving more tenants and more networks per tenant.
● Network Extension: CSR 1000V offers features such as Network Address Translation (NAT) and Locator/ID Separation Protocol (LISP) that help a business maintain addressing consistency across on-premises and cloud as it moves applications back and forth or exploits cloud computing capacity. The Overlay Transport Virtualization (OTV) and Virtual Private LAN Service (VPLS) features of the CSR 1000V enable an enterprise to extend VLAN segments from its data center to the cloud for server backup, disaster recovery, and compute scale.
● Network Control Point: The CSR 1000V can redirect traffic to Cisco Virtual Wide Area Application Services (vWAAS) devices deployed in the cloud. It also offers integrated network services such as Cisco IOS ZBFW, Hot Standby Router Protocol (HSRP), QoS, Application Visibility and Control (AVC), and Application Performance Monitoring. These features help a cloud tenant receive a complete networking experience.
● Virtual Extensible LAN Gateway (VXLAN): VXLAN supports millions of network identifiers and allows service providers to deploy a much larger number of tenants in their existing infrastructure. CSR 1000V can be deployed as a single-tenant VXLAN gateway, allowing tenants to enjoy their own dedicated VXLAN gateway node. It can also be deployed in a more cost-effective manner as a multi-tenant VXLAN gateway node, terminating Cisco Virtual Networking Indexes (VNI) for a large number of tenants with a single CSR 1000V instance.
● Extend SD-WAN overlay to public cloud: Hybrid cloud is now the new norm for enterprises. With hybrid cloud, certain enterprise workloads remain within the boundaries of private data centers, while others are hosted in public cloud environments, such as Amazon Web Services (AWS) and Microsoft Azure. This approach provides enterprises with maximum flexibility to consume IT infrastructure as needed.
●
VMware ESXi
6.5 Update 1 ●
Citrix XenServer 6.5
● Red Hat KVM
(Red Hat Enterprise Linux 7.4)
● KVM on
Ubuntu 14.04 LTS ● KVM
on
Suse 12-SP3 ● Microsoft Hyper-V
for Windows Server 2016
● Amazon Machine Image on
Amazon Web Services
●
Microsoft Azure D-Series
VM Types ●
Google Cloud Platform VM Types on N1
●
Intel Nehalem or AMD Barcelona CPU clocked at 2.0GHz
●
Gigabit Ethernet interfaces
● CPU: 1 to 8 vCPUs (depending on performance and feature set) ● Memory:
4 to 16 GB (depending on performance and feature set)
●
Disk space: 8 GB ●
Ethernet network interfaces: two or more virtual network interface cards (vNICs), up to the maximum allowed by the hypervisor
●
Routing: Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Policy-Based Routing, IPv6, Virtual Route Forwarding Lite (VRF-Lite), Multicast, LISP and Generic Routing Encapsulation (GRE) ●
Addressing: Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), NAT, VLAN 802.1Q, Ethernet Virtual Connection (EVC), and VXLAN
● VPN:
IPsec VPN, DMVPN, Easy VPN, and FlexVPN
●
MPLS: MPLS VPN, VRF, and Bidirectional Forwarding Detection (BFD) ●
Security: Cisco IOS ZBFW; Access Control List (ACL); Authentication, authorization and accounting (AAA); RADIO; and TACACS+
● High availability:
Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Gateway Load Balancing Protocol (GLBP) and box-to-box high availability for ZBFW and NAT
●
Traffic redirection: AppNav (to Cisco Virtual Wide Area Application Services [vWAAS]) and Web Cache Communication Protocol (WCCP)
● Application visibility, performance monitoring and control: QoS, AVC and IP Service-Level Agreement (SLA
) ●
Hybrid cloud connectivity: LISP, OTV, VPLS and Ethernet over MPLS (EoMPLS)
● Management
: CLI, Secure Shell (SSH) protocol, NetFlow, Simple Network Management Protocol (SNMP) and Integrated Event Manager (EEM), as well as NETCONF, RESTCONF and RESTful APIs ● Network
Functions Virtualization (NFV):
gateway Virtual Broadband Network (vBNG), Virtual Intelligent Services Gateway (vISG), and Virtual Path Reflector (vRR
) ● IP Base:
includes routing, addressing, basic security (ACL and AAA), high availability, and management functions
● Security: Includes
Base IP features plus advanced security features (ZBFW, IPsec, and route-based VPN)
●
AppX: Includes security features in addition to advanced networking, application experience, and hybrid cloud connectivity
features
● AX: Includes all available features
Table 1. Server Resource Requirements by License
● Cisco ASR 1000 series is primarily deployed in data centers and campuses, Cisco ISR is primarily intended for branch offices, and Cisco CSR 1000V enters VPC. The three products complement each other.
● CSR 1000V feature set supports VPC networking needs. The CSR 1000V offers only select features of Cisco IOS XE software and Cisco IOS XE SD-WAN software based on the cloud uses of the product.
● CSR 1000V’s virtual form factor makes it ideal for VPC deployments where flexibility and agility are highly desired. Cisco ASRs and ISRs are ideal for data centers and branch offices where hardware-based performance and reliability are required to support demanding data, voice, and video networking services. While ISRs and ASRs are purpose-built network devices with highly optimized performance, Cisco CSR 1000V runs on general-purpose server hardware and shares resources with other applications running on the same hardware.
