Cisco raised the networking industry's branch-office routing expectations forever last week when it announced its 1800, 2800 and 3800 series Integrated Services Routers.

The routers, successors to the Cisco 1700, 2600 and 3600 product lines, move resource-intensive encryption acceleration and voice directly into processors on the devices' motherboards. These processing improvements plus general CPU and memory enhancements and faster interfaces are said to keep traffic flowing at wire speed.

You can reportedly run as many concurrent networking services as you want - QoS, firewalling, network analysis, intrusion detection/prevention, caching and so on - without performance wavering. This represents an architectural leap over Cisco's previous products and that of its competitors.

This said, the Cisco ISRs will likely appeal most to the following types of distributed enterprises:

* Those without the staff or the budget to run several separate appliances at each of their remote locations. For example, you could collapse a firewall, encryptor/decryptor, intrusion detection/prevention system and LAN switch into an ISR - now, without a performance tradeoff. This keeps configurations simple and limits the number of possible devices that might fail. On the other hand, it also poses the "all-eggs-in-one-basket" risk.

* Those worried about the ever-growing need to contain security threats in malicious code, to which remote sites using broadband connections are particularly susceptible.

* Those who might now or eventually wish to push VoIP out to their distributed sites.

The promise is that now performance in branch and remote sites is limited by the speed of the access link, not the router. Outside tests by Miercom Communications, for example, report that the new Cisco 3845 could fill and sustain a T-3 with a mix of VoIP and data, including security overhead, which has been QoS-processed and encrypted using 128-bit Advanced Encryption Standard (AES) through an IPSec tunnel.

Similarly, Miercom verified that the Cisco 2851 could sustain aggregate throughput of about 7.3M bit/sec over five logically grouped T-1s (theoretical maximum of 7.7M bit/sec) running the same encryption algorithm, a whole bunch of Cisco voice applications and several security and network analysis features.

ISR list prices start at $1,395 for the 1800 series; $1,995 for the 2800 series; and $9,500 for the 3800 series.

Next time: More about AES and a word on what the competition is doing.

Steve Taylor is president of Distributed Networking Associates and publisher/editor-in-chief of Webtorials. Jim Metzler is vice president of Ashton, Metzler & Associates.