Cisco gets smarter with second-generation integrated services routers

Richard Chirgwin analyses the changes to Cisco's Integrated Services Routers and what they mean for your LAN and the kind of applications it can handle.

Those who have watched the Internet develop from its early days will know that it's built on a simple dictum: "dumb network, smart applications".

This means that the network, in the purist model, should have as little to do with the traffic as possible. All the network should need to know to function is that it is being asked to route TCP/IP traffic, and it should know how to do that routing. The packets themselves are generated by applications, and it's up to the applications to decide what it wants to put inside the packets and where it wants the network to send those packets.

The Internet's neutrality towards the contents of packets - and therefore the type of application generating those packets, whether e-mail, the Web, voice, video or Twitter - marked its competitive advantage against traditional telco networking theory, which led carriers to build distinct networks designed for the type of traffic the networks were to carry. While pre-IP carriers overlaid different networks on top of each other to serve different requirements, the Internet provided a generic network in which all traffic was identical. Only the applications generating the traffic changed. The telco networks were smart, which made them expensive; the Internet was dumb, which made it cheap.

As well as providing some of the technical foundation for the "net neutrality" debate, it also provided the basis for the growth and success of the Internet, and incidentally, the growth and success of the company whose name is inescapably synonymous with the Internet: Cisco.

Which makes Cisco's next generation of its ISR (Integrated Services Router) series look bold, even contradictory, because the ISR G2 seems to harken back to the days in which network equipment embedded smarts specific to different traffic types.

To resolve this apparent contradiction, TechTarget spoke to Marc van Hoof, product manager in Cisco Australia's Access Routing Technology Group.

Let's get the technical details down first. The high points of the system are its integration of video support and service virtualisation, along with increased performance across the range. All of these, according to van Hoof, were introduced in response to experience and customer feedback from the first generation ISR units.

Services as Software

Van Hoof said the new units deliver performance "up to five times [that] of the first generation ISRs at the same price point", and with higher performance comes the headroom needed to add capabilities and change how features are shipped in the units.

The ISR G2 products claim 150 Mbps WAN performance operating the full services set, with processing performance based on a new multicore, expandible network processor and up to 1TB of storage.

"Just doing things faster doesn't cut it - you have to do more as well," van Hoof said.

Hence the focus on "service virtualisation". This merits some examination, at least to get past the gratuitous use of the v-word.

In essence, the systems can be configured with services not yet in use, giving customers the opportunity to enable new services as a software upgrade without a hardware upgrade. This, van Hoof said, gets rid of the expense of a truck roll to enable new services in a large network. "We have had conversations with banks and financial institutions. Each site visit would cost $1,000, per site, just to open the doors, have a security guard present, and open the place up after hours.

"We wanted to focus on reducing the operational cost of doing those site visits. So we have separated the hardware and software: the hardware can be pre-positioned at the branches, and services can be rolled out by means of a software distribution."

It's a model that van Hoof said suits Australia's geography and population, with lots of small, widely-spaced branches.

"Remote configuration and management have been around for a while," van Hoof said. "What has changed here is that in the first generation ISRs, if you wanted to deploy something like WAN optimisation to a 2800 or 3800, there was a hardware as well as a software module that you would have to roll out to the site.

"So you had to purchase the module when you installed the router, or you had to retrofit the module at each site.

"Now, we have split the hardware and software components - you can buy a 'services ready engine', or SRE, and various software applications can be loaded remotely. If you bought a device and wanted to roll WAN optimisation, you would purchase the generic hardware at the time of installation and send it to the site...then in six months' time, you can purchase the software and roll it out remotely with no site visits.

"And for more flexibility, if you then decided that that WAN optimisation wasn't a priority and instead wanted wireless LAN, video security or other moduloes, you can change the modules and roll out the services on-demand to the branch network."

The features-as-software module also makes it easier to support third-party services that can be run on the router. Examples van Hoof gave include the NICE Systems VoIP recording platform and the Sagem fax-over-IP application, both of which can run in the routers rather than requiring a separate host system.

The licensing model also simplifies life for any vendor adopting it. Instead of having to maintain hardware add-on modules in the product portfolio, the vendor merely sells licenses to new features. However, in the long term there's a likely benefit to customers as well, since competition shifts to what vendors treat as the "base" feature set that ships for free. With enough competitive pressure, customers can probably expect future products to ship with more features available out of the box.

Following the Green Line

In Cisco-speak, it's called "operational excellence", but there are aspects to the ISR G2 range's management that warrant examination.

Often criticised as a laggard in the green stakes, Cisco has expanded the management capabilities of the ISR range to, as van Hoff put it, "make it easier for organisations to run the system, make it more cost effective to deploy, use less energy and reduce power bills."

The platform now includes an energy framework, he said, which makes it sensitive to energy consumption.

"Previously, we might shut down a Power-over-Ethernet switch port at a certain time - after hours, for example, when you didn't need to power the IP phone or wireless access point.

"Now, we take the concept even further, because the modules understand different levels of energy savings."

For example, the voice codecs and transcoders that handle voice calls are also unnecessary if the telephones themselves are powered down. Shutting those software modules down, along with the PoE ports running the phones, mean that not only are the phones switched off, but that the router itself is using less power in the idle hours.

"You can get it down to where you're only running the router's core module or control port in out-of-hours times."

Video and the Dumb Network

The other feature high on Cisco's publicity list is the addition of a video DSP into the ISR, which brings us back to the "dumb network" debate that opened this article.

Explaining the rationale for integrating a video DSP in the router, van Hoof said that "the network is the only element in the IT structure that touches everything - the phones, the services, the clients, the storage, the mobiles, the users.

"So giving the network an understanding of video is a key driver in integrating video in everyday life.

"The same kinds of features that the routers understand in terms of voice, they now understand in video - it might be video recording on-platform, or video quality monitoring, or ad-hoc videoconferencing."

So, is Cisco breaking the "dumb network" model?

It depends. It doesn't break the model in terms of the connections between sites, because the applications themselves remain under the user's control.

But it certainly represents the embedding of applications into the network infrastructure. It will be interesting to see whether this shift in the model is adopted by customers, or if they ultimately prefer to separate their applications from the network.

Read more on Network routing and switching