The Latest Releases: Cisco Routers, Cisco Switches, Cisco ASAs, and More
By Chris Crotteau, Cisco-Certified Engineer, Curvature
Cisco’s constant stream of new product releases can be hard to keep up with. Each quarter our Cisco engineers will highlight the most relevant new products, unravel the marketing spin to uncover the real changes, and let you know what that means to you.
The Aironet 1040 Series
Not to be confused with the obsolete Aironet 1000 series, the 1040 series is a low-cost 802.11n access point with integrated antennas, available in both AP and LAP versions. The difference between these and the 1140 series APs is in the antenna configuration. Whereas the 1140 has a 2×3 configuration (2 Tx, 3 Rx) for each of its radios, the 1040 only has a 2×2 (2x Tx, 2x Rx) configuration for its radios. This does not cause a throughput reduction, but it does affect maximum distance and the resilience of the connection in more RF-hostile areas. Practically speaking, there won’t be much, if any, difference seen in a standard office/cube farm environment. Like the 1140 series, the 1040 series can be run off of 802.3af PoE, or the AIR-PWRINJ4.
For an alternative to the Aironet 1040 series, get a quote on the following pre-owned items, available immediately:
Cisco AIRONET Series Access Points |
The ASR1001
The ASR1001 family is a 1RU, fixed interface set of routers. There are currently three options available here — a unit with 4 SFP slots only, a unit with 4 SFP slots and 2 OC3 ports, and a unit with 4 SFP slots and 4 T3 ports. Each option has a 2.5Gbps switch fabric that can be upgraded via license key to 5Gbps. Other than the physical differences, it runs the same OS and is functionally identical to the other ASR1000 units.
Catalyst 4500 Sup7-E
This new sup engine brings a few new features to the table. These are:
1) 48Gbps/slot throughput
2) NetFlow support has been reintroduced
3) IOS features are now governed via license key
4) The Sup7-E runs its own unique IOS, IOS XE.
However, there have been no major changes in the Cat4500 features – these sups really just provide more performance. All existing Cat4500 cards are still supported with the Sup7-E; no compatibility changes have occurred for older cards. Note that there is limited information on how the license key system will work with this new sup.
For a cost-effective alternative to this combo, get a quote on the following pre-owned items:
Catalyst 6500 + Sup720 + Cards + More |
WS-X47xx line cards
Along with the Sup7-E, Cisco has announced a pair of new line cards that can take advantage of the new Sup7-E. Those are:
WS-X4712-SFP+E – 12x 1G/10G SFP+ ports, 2.5:1 oversubscribed when populated with 10GbE optics.
WS-X4748-RJ45V+E – 48x 10/100/1000 PoE+ ports, line rate.
Cat4500 Chassis Updates
The current WS-C4507R-E and WS-C4510R-E chassis will support the Sup7-E, but not the 48Gbps/slot cards. For this support, Cisco has also announced the WS-C4507R+E and WS-C4510R+E chassis, which will support the full 48Gbps/slot capability. Note that the WS-C4503-E and WS-C4506-E do support 48Gbps/slot operation, and as such, have not been replaced.
ASA5585-X Firewall
This new ASA is meant to replace the disaster that’s the ASA5580. The ASA5585-X is a 2RU, 2 slot chassis with replaceable/upgradeable firewall and IPS modules. There are 4 different module types available – the SSP-10 (4Gbps), SSP-20 (10Gbps), SSP-40 (20Gbps), and SSP-60 (35Gbps), as well as corresponding IPS SSP cards. Port count on the ASA5585 depends on the SSP installed – the ports are on the SSP card itself. Either 8x 10/100/1000 and 2x 1G/10G SFP+ (SSP-10, SSP-20) or 6x 10/100/1000 and 4x 1G/10G SFP+ (SSP-40, SSP-60) are the available options.
Have a datacenter? Need 10GbE? Well, these new products are for you:
Catalyst 6513-E Chassis
Talked about for years now, the 6513-E chassis has finally been announced. The major change is that the 6513-E is now wired for full fabric connectivity on all 13 slots, allowing the use of 67xx and similar cards in all slots for maximum port density when new sup engines are announced later this year. Additional improvements include full support for the 8700W power supply (it maxes out at 6000W in the original 6513), and a rear-accessible fan tray for easier replacement. Note that with the currently available supervisors, the slots on the 6513-E behave the same as on the regular 6513, though.
Nexus 5548P
The Nexus 5548P is a 32 port 1G/10G switch with an expansion bay that can, currently, take a 16 port 1G/10G card. Feature-wise, it’s largely the same as the original Nexus 5000 switches, but there are a few enhancements. First, the 5548 provides a significant latency improvement over the older switches, bringing the latency down to 2 microseconds. Second, the 5548P has much-improved QoS capabilities, offering full DSCP-based marking and classification. Finally, the 5548P will, in the future, be upgradeable with a L3 module.
The available expansion modules are a 16 port 10GbE card, and an 8 port 10GbE card/8 port 8G FC card. Note that like the Nexus 5000 switches, use of FC ports or FCoE features requires a storage protocol license.
Nexus 7000 32 port 10GbE module, XL version
This new card shares the same architecture as the original 32 port card, the N7K-M132XP-12 (80Gbps connection, 4:1 oversubscribed), but has a forwarding engine that can take up to 1M routing table entries (vs. the 128k entries of the standard cards).
For a cost-effective alternative to the Nexus 7000, get a quote on the N7K-M132XP-12:
N7K-M132XP-12 | Catalyst 6500 + Sup720 + Cards + More |
Cisco Cius
This is Cisco’s new high-end phone/personal videoconference station/executive toy. It runs a version of Google’s Android software, giving this unit the ability to run any Android-compatible application, really making this a hybrid of a Cisco IP phone and an iPad. It will have a 3G radio in it, allowing the user to place calls or perform videoconferences over the 3G network using Cisco’s existing remote IP phone access technologies (such as the UC proxy feature for the ASA). It’ll also support remote desktop technologies, allowing the user to access their desktop PC while on the road. When the user is at their desk, a docking station is available that will allow the Cius to be used as a standard IP phone, as well.
Hardware-wise, it’s pretty beefy, with 1GB DRAM and a 1.6GHz processor. It also has dual cameras on it, one front-facing and one rear-facing.
However, there are a few caveats:
1) This isn’t shipping until next year (Cisco announced it over 6 months before the planned ship date).
2) Software licensing requirements will be communicated at a later date…Expect the license costs to be high, and also expect to have to install additional hardware for the call manager system to handle the additional features—such as an app store—that this device supports.
Nexus 7000 32 port 1G/10G high performance module
Once you’ve deployed all those Cius tablets to your end users, you may find that your current Nexus 7000 cards can’t keep up with the higher data demands. No need to fear, Cisco has you covered now, with the N7K-F132XP-15 card. This new card requires a full complement of fabric cards in the Nexus 7000 chassis (previous 80Gbps/slot cards only needed 2), and has a 236Gbps/slot forwarding engine, giving a 1.36:1 oversubscription rate. Note that this card does not use shared ASICs, so there is no blocking.
This card also supports FCoE, allowing you to use it as a SAN switch as well. However, this card does not support XL mode, and as such, is limited to 128k routing table entries.
Along with this card, Cisco has introduced a new feature called FabricPath (which needs its own license key) that aims to reduce/eliminate the need for spanning tree and VLANs in the datacenter.
ME3600X Switch
The ME3600X switch is a new MPLS-aware (with license) high-performance provider edge switch. The available models have either 24x 10/100/1000 and 2x 10GbE (activated with another license) ports, or 24x SFP and 2x 10GbE (w/ license) ports. The big advantage of these over the ME-C3750 is the gigabit port capability, and the ability to have MPLS support on all the switch’s ports. Also, compared to the ME-C6524, the big advantage is the 10GbE option and the line rate throughput.
Additional features are a BITS port and Synchronous Ethernet features to allow the switch to provide timing information to connected devices, such as routers at cell towers and other applications that depend on accurate timing. Otherwise, the features are pretty standard for a metro Ethernet switch these days, with 2 rate 3 color policing, dual power supplies with AC or DC option, and so on.
For a wireless WAN provider, this switch would be a great complement to all those Cius tablets that Cisco sells to the businesses using their service J.
ME3800X Switch
The ME3800X switch shares the same features as the ME3600X switch, but with additional hardware resources available (unlocked via license key). The ME3800X is also only available in SFP form – no 10/100/1000 available for it.
15454 M2 and M6 Chassis
Once you’ve aggregated all that cell tower traffic, it’s time to transport it back to your datacenter, usually over some variety of DWDM system. With Cisco focusing on the 15454 as their DWDM platform of choice for all functions, one of the biggest complaints was the size of the 15454 chassis – you’d need an 8RU chassis to provide DWDM services to a 1RU switch! These new 15454 chassis provide either 2 slots (M2) or 6 slots (M6) for any 15454 DWDM card, and present a much more reasonable form factor for small sites. Note, though, that these small chassis cannot accept an XC card, and as such, cannot be used for DSx/OCx transport – you’re stuck with the full size 15454 chassis for those needs. In addition, these chassis, due to their compact size, require special TCC cards unique to their respective chassis.
1841, 2800 and 3800 Successors Announced
Cisco recently announced the successors to the 1841/2800/3800 routers. (Note that the 800 and fixed function 1800 routers have yet to be replaced.) However, the 1841/2800/3800 routers have not reached end of sale yet, and Cisco currently has no plans to do so.
These new routers offer some significant changes in the way Cisco sells their small routers and modules. We’ve summarized the changes into four categories:
Router Licensing
The new routers now use license keys and a universal image to determine the available features in the same manner as a PIX or ASA. This new licensing scheme produces a clear division between the version of IOS installed and the feature set installed, so one can be changed without affecting the other.
In addition, the licensing structure has been further streamlined, now leaving just 4 feature sets, none of which overlap. Here are the contents of each available feature package:
IP Base: The default feature set; has support for common routing protocols (RIP, OSPF, EIGRP, BGP), common WAN technologies (MLPPP, MLFR), and common LAN technologies (802.1q trunking). No VPN, firewall, or voice features are present.
Data: The Data license adds support for MPLS, ATM, IS-IS, and non-IP L3 protocols.
Unified Communications (UC): The UC feature set adds support for voice interfaces, CallManager Express, and Unity Express modules.
Security: The Security feature set adds IPSec VPN capabilities, SSL VPN capabilities, and IOS firewall features.
Router Hardware
The new routers offer some significant hardware changes compared to their predecessors. First, the port type and count has improved.
1941: 2x 10/100/1000 |
2901: 2x 10/100/1000 |
2911: 3x 10/100/1000 |
2921: 2x 10/100/1000, 1x shared T/SFP |
2951: 2x 10/100/1000, 1x shared T/SFP |
3925: 1x 10/100/1000, 2x shared T/SFP |
3945: 1x 10/100/1000, 2x shared T/SFP |
For a cost-effective alternative to these new products, get a quote on the following pre-owned items:
1841: 2x 10/100 |
2801: 2x 10/100 |
2811: 2x 10/100 |
2821: 2x 10/100/1000 |
2851: 2x 10/100/1000 |
3825: 2x 10/100/1000, 1x shared SFP |
3845: 2x 10/100/1000, 1x shared SFP |
Performance also has improved substantially, and the new routers are much faster. The increase is so substantial that throughput will likely not be a deciding factor in selecting one of these routers. Slot and onboard port count, max VPN tunnels, max phones supported, and other concerns will determine the fit for a particular application, rather than performance. Below are the published throughput specs for the new routers:
ISR G2 Series | Original ISR Series |
CISCO1941 – 153Mbps | Cisco 1841 – 35 Mbps |
CISCO2901 – 167Mbps | Cisco 2801 – 45 Mbps |
CISCO2911 – 180Mbps | Cisco 2811 – 61 Mbps |
CISCO2921 – 246Mbps | Cisco 2821 – 80 Mbps |
CISCO2951 – 297Mbps | Cisco 2851 – 112 Mbps |
CISCO3925 – 426Mbps | Cisco 3825 – 176 Mbps |
CISCO3945 – 502Mbps | Cisco 3845- 256 Mbps |
Note: When looking at the throughput figures of the ISR G2 series compared to the original ISR series, it’s hard to not be impressed by the ISR-G2 stats. In some cases, the total throughput is over 5x higher for the ISR G2 (1941 vs. 1841). However, when the environments where these routers are used is examined, we see a different picture emerge, one where even the much-slower 1841 is limited by the WAN connection rather than the router’s CPU. Take for example a small branch office, in which there may be two WAN connections, a DSL or cable connection for internet use and a point to point T1 for connectivity back to the central office. At most, the total throughput needed here will be on the order of 10Mbps, still well within the capability of the 1841. Because of this, it’s important to perform a careful examination of what kind of WAN connectivity the router will be required to handle.
The 2900 and 3900 series routers do away with NM slots replacing them with the new Service Module (SM) slots. The SM slots, with an adapter card (PN SM-NM-ADPTR), will accept many current NM cards. In addition to this, the 2900 and 3900 series routers use either the new PVDM3 DSP modules or a PVDM adapter kit (PN is PVDM2-ADPTR).
In addition, the 1900/2900/3900 has improved the system architecture, with the SM slots and the HWIC slots now having a high-throughput, point-to-point connection instead of the old bus-based architecture of previous routers. The 1800/2800/3800 and earlier used the PCI bus in several incarnations including 33MHz, 66MHz, 64 bit, etc. These new routers use PCI Express — a switched architecture — giving each slot several Gbps of dedicated throughput. The SM-NM adapter is just a carrier card and a PCI-PCIe bridge.
WIC/HWIC/NM Compatibility
IMPORTANT! The following are three of the most notable changes regarding WIC/HWIC/NM compatibility:
- WIC-1DSU-T1-V2 is not supported. The HWIC-1DSU-T1 or VWIC2s must be used instead.
- Original VWICs are not supported, so only the VWIC2s are compatible.
- All NM card parts need an associated SM-NM-ADPTR card to fit into the router.
Cisco provides an interface and module compatibility chart for the new routers at this link.
New Modules
Cisco has introduced new SM cards including a services engine card and a line of newer Ethernet switch modules. In addition, high density PVDM3s are available for voice apps.
Services Ready Engine
Prior to these cards, Cisco has had a proliferation of services NM cards, each with its own separate part ID and unique software. Examples are the NM-NAM, NM-CUE, NM-WLC, and many others. While some of these NM service engines are still supported on the 2900/3900, Cisco now offers three general purpose services engine cards, the ISM-SRE-300-K9 (for internal installation), SM-SRE-700-K9, and SM-SRE-900-K9. Each one of these cards can run one of six different Cisco applications, as well as a number of third-party applications.
Enhanced Ethernet Switching modules
These cards provide similar functionality to the NME-ES cards. The Enhanced EtherSwitch Service Modules run their own IOS image which is synced to the 3560E switch software. These cards are available in L2 only w/ FE ports, L3 with FE ports, or L3 with gigabit ports. If you need the switched Ethernet ports to be directly visible from the router, the NM-16ESW is still supported in the SM-NM adapter card.
PVDM3 Modules
For high density voice applications, the 2900 and 3900 support the new PVDM3 DSP cards. Options are 16, 32, 64, 128, and 256 voice resources per PVDM3. As above, with an adapter the PVDM2 also works in these routers.
2960S Switches Join 2960 Line
The 2960S sits above the 2960G switches in the 2960 line, and does not replace any existing models. From a configuration and IOS feature perspective, there is no change (other than stacking) to the IOS features of this switch compared to any other 2960 running LAN Base IOS. To stack these switches an additional module is required. The 2960S line of switches adds 30W/port PoE, stacking capabilities and 1G/10G uplinks to the 2960 line. The uplink ports are in SFP+ form, and as they are 1G/10G, they can accept both standard SFPs (GLC-SX-MM, etc) and SFP+ (SFP-10G-SR, etc). With the 2960S, both gigabit and PoE are available in the 2960 line.
Other 10 Gig options include:
2960S |
3560E |
3750E |
3560X and 3750X Switches Add Power Redundancy
The 3560X and 3750X switches are yet another revision of the 3560/3750 series. These new switches use the same internals as the 3560E/3750E, so performance and IOS features are once again identical. These new switches, however, add dual power supplies, 30W/port PoE and the ability to use SFP+ modules natively. (No need for the CVR-X2-SFP+.) Plus, with the 3750X, power redundancy is further improved with the ability to connect the power supplies in a switch stack to each other. In the case of a severe failure, this configuration allows a switch to draw needed power from the rest of the stack.
For cost-effective alternatives to dual power try:
3750E with PWR-RPS2300 and RPS power cords |
3650E with PWR-RPS2300 and RPS power cords |
Two New Families of 802.11n
On May 1, Cisco announced two new families of 802.11n wireless access points for use with Cisco’s wireless LAN controllers. Both models will require that the WLC software be updated to version 7.0 or higher for the new LAPs to register with the controller.
Aironet 1260 Series LAPs
The 1260 series access points are the replacement for the older 1250 series access points. The 1260 series uses external antennas and supports the same features found on the 1250 series, but now with an 802.3af-compliant power draw (13W per AP). It will use the same antennas and power hardware as the 1250 series. Cisco has not yet announced end-of-sale for the 1250 series, but, with the same feature set as the 1260, expect the announcement soon.
Aironet 3500 Series LAPs
The 3500 series LAPs are a new addition to Cisco’s access point offerings and integrate RF spectrum analyzer technology, called Cisco CleanAir, into the access points themselves. The access points and WLCs can use this information to better manage the RF spectrum compared to the standard access points. In addition, when used with Cisco’s WCS software package, the onboard spectrum analyzer can identify, log, and attempt to mitigate the impact on the WLAN from interference caused by non-802.11 compliant wireless devices such as wireless keyboards, mice, and security cameras. This will allow transient sources of interference that wouldn’t be detected by a wireless site survey to be located, as well as providing a significantly more robust way to manage and troubleshoot remote office wireless deployments.
Like the 1260 series above, the 3500 series uses the same antennas and power hardware as Cisco’s other 802.11n access points, and can be powered by standard 15W/port PoE switches.
For current wireless access points, get a quote for:
AIR-LAP1242AG-A-K9 (used) |
AIR-LAP1142N-A-K9 |
For a quote from a Certified Cisco Sales Expert, click here.