Cisco ASR 1000 Series Use Cases
When your enterprises or organization are going to choose the Cisco ASR 1000 Series, you should know these Cisco ASR 1000 Series Enterprise and Service Provider Applications.
Cisco ASR 1000 Series routers sit at the edge of your enterprise data center or large office connecting to the WAN, as well as in service provider points of presence (POPs). The Cisco ASR 1000 Series will benefit the following types of customers:
- Enterprises experiencing explosive network traffic as mobility, cloud networking, and video and collaboration usage increase: Cisco ASRs consolidate these various traffic streams and apply traffic management and redundancy properties to them to maintain consistent performance among enterprise sites and cloud locations.
- Network service providers needing to deliver high-performance services, such as DCI and branch-office server aggregation, to business customers: Service providers can also use the multiservice routers to deploy hosted and managed services to business and multimedia services to residential customers.
- Existing Cisco 7200 Series Router (end-of-sale) customers looking for simple migration to a new multiservice platform that delivers greater performance with the same design.
Tables2 and Table3 describe enterprise and service provider application examples, respectively.
Table2. Cisco ASR 1000 Series Enterprise Applications
WAN edge: Guarantee high-priority applications by creating a virtual “glass ceiling” for lower-priority applications. Improve user experiences.
● Applies Modular QoS CLI (MQC) policies on VLANs or tunnels
● Limits an arbitrary collection of low‑priority traffic to a certain bandwidth
● Classifies based on differentiated services code point (DSCP), Network-Based Application Recognition (NBAR), and Cisco IOS Cisco IOS FPM (FPM) into numerous hierarchies, one for high priority and one for low priority
● Implements flexible hierarchies
● Supports 464,000 queues
● Allows all queues to have a minimum, maximum, and excess bandwidth with priority propagation
Multiservice, scalable, and secure headend:
IP Security (IPsec) VPN aggregation scales to meet the new bandwidth demands of service provider IP VPNs.
● Reduces capital expenditures (CapEx) and operating expenses (OpEx) by migrating and consolidating to fewer Cisco ASR 1000 Series Routers
● Protects investment through easy transition to much higher encryption support, offering encryption support of up to 78 Gbps with the 200-Gbps Cisco ASR 1000 Series ESP (ASR1000-ESP200)
● Offers easier management through embedded security services in the Cisco Flow Processor, with no additional service modules or blades required
● Optimized for QoS and IP Multicast applications
● Supports thousands of sites
● Supports 8,000 IPsec tunnels
● Offers up to 78-Gbps encryption performance and up to 200-Gbps noncryptographic throughput support with the Cisco ASR 1000 Series 200-Gbps Embedded Services Processor
Embedded high-speed firewall:
With the Zone-Based Policy Firewall, the Cisco ASR 1000 Series acts as an implicit and complete barrier between any interfaces not members of the same zone. An explicit zone-pair policy must be specified (using Cisco Policy Language; that is, MQC) in each direction between each zone pair. The policy establishes within the router the kind of stateful inspection (Layer 4, Layer 7, or application) and session parameters to apply to each zone pairing.
Example: An explicit policy allowing HTTP and Domain Name System (DNS) to traverse the Internet-demilitarized zone (DMZ) zone boundary would be required.
● The firewall is embedded in the Cisco Flow Processor; no additional service blades or modules are required.
● Multiple gigabits of bandwidth are routed while at the same time the router performs Zone‑Based Policy Firewall and other baseline features such as QoS, IPv4, IPv6, NetFlow, and others.
● The Cisco ASR 1000 Series provides logging of all firewall session states off to network management applications capable of accepting relatively huge amounts of flow data. Third-party applications can handle the session data.
● Provides firewall performance of 2.5 to 200 Gbps, depending on the ESP used
● Offers high-speed logging of 40,000 sessions per second with NetFlow Version 9
Managed CPE: This implementation of branch-office architecture offers powerful investment protection with services and scale.
● Managed customer premises equipment (CPE) helps branch offices route correctly over various types of Ethernet to comply with service-level agreements (SLAs).
● This application encrypts multiple gigabits of bandwidth without any additional service blades or modules.
● Managed CPE optimizes the WAN to route around brownouts in the service provider network to further guarantee mission-critical applications.
● This application offers small form factors (1 rack unit [1RU] for the Cisco ASR 1001-X and ASR 1001-HX and 2RUs for the Cisco ASR 1002-HX and ASR 1002-X Routers), including software modularity and ISSU.
● Note: ISSU is not supported on Cisco ASR 1001-X, ASR 1001-HX, ASR 1002-HX, ASR 1002-X, or ASR 1004. Managed CPE offers accessibility even when the Cisco IOS Software is down.
● Offers first-in-industry software redundancy support, without any additional hardware module, on Cisco ASR 1001-X, ASR 1001-HX, ASR 1002-HX, ASR 1002-X, and ASR 1004; hardware redundancy and ISSU are supported on the Cisco ASR 1006 and ASR 1013.
● Offers powerful firewall and NAT performance of 2.5 to 200 Gbps and 1.8- to 78-Gbps encryption support in addition to WAN optimization and voice features
Table3. Cisco ASR 1000 Series Service Provider Applications
Broadband L2TP Access Concentrator (LAC) or L2TP Network Server (LNS):
The solution offers Layer 2 Tunneling Protocol (L2TP) endpoint-to-tunnel
● The application is ideal for triple-play (data, voice, and video) wholesale deployments.
● It offers integral service delivery.
● Per-user firewall, session border controller (SBC), etc. are supported.
● Provides very high scalability of up to 64,000 subscribers and up to 16,000 tunnels
Service provider edge: Layer 3 VPN (L3VPN) provider edge:
Example: You can deploy the solution at the distributed provider edge or provider edge in global VPN networks for bandwidth demands such as asymmetric DSL (ADSL), T1/E1, STM-1, STM-4, Fast Ethernet, Gigabit Ethernet, etc.
● The application provides integral services in the Cisco Flow Processor.
● It provides encryption, FPM, NBAR, SBC, IP Multicast, etc.
● Offers excellent multicast performance
● Scales to 8,000 Virtual Route Forwarding (VRF) instances, 1 million Label Distribution Protocol (LDP) labels, and 4,000 access control lists (ACLs)
● Supports up to 4 million IPv4 routes
● Supports up to 4 million IPv6 routes
Service provider edge: High-end route reflector:
You can use the solution as a route reflector for bandwidth support of 40 Gbps.
● The application provides high scalability.
● It offers a modular design of the route processor and ESP with hardware and software redundancy.
● Scales up to 29 million IPv4 routes
● Supports 64,000 Layer 3 adjacencies
Next-generation voice and multimedia example: Cisco Unified Border Element Enterprise Edition (ENT Edition):
The SBC application (named Cisco Unified Border Element [ENT Edition]) performs the voice and video gateway functions simultaneously with regular IP data services. No appliance or additional service blade is required. The control protocols and media protocols work transparently within a complex voice architecture. For more information, refer to the CUBE data sheet at http://www.cisco.com/go/cube.
● Secure and authenticated Session Initiation Protocol (SIP) trunk connections enable service providers to offer real-time voice and video services.
● The WAN edge is simpler to manage because there is only one egress and one ingress point for access to Internet or service provider services.
● The control plane is separated from the data-forwarding plane, so the signaling and control processes are separate from media processing.
● The CUBE SBC application can be used for SIP trunk video and/or audio services provided by service providers or for Internet-accessible SIP line-side services to Cisco Unified Communications Manager.
● Facilitates SBC with security, QoS, IPv4, and IPv6 (IP Unicast and IP Multicast simultaneously)
● Supports 16,000 simultaneous voice calls and multimedia data of up to 200 Gbps with accounting, firewall, and call quality enabled
● Integrated with inbox high-availability infrastructure and Dynamic Host Configuration Protocol (DHCP) Relay