• United States
Senior Editor

Cisco bolsters edge networking family with expanded SD-WAN, security options

News Analysis
Jan 26, 20215 mins
Cloud ComputingNetworkingSD-WAN

Cisco adds four boxes to its Catalyst 8000 Edge family and expands the upgrade path for ISR/ASR customers.

data protection / security / risk management / data privacy / GDPR
Credit: Anya Berkut / Getty Images

Cisco this week expanded its Catalyst 8000 Edge Platform family to offer enterprise edge customers more secure SD-WAN and cloud resource access options.

The Cisco Catalyst 8000 edge router collection currently includes three models: the high-end 8500 for data-center or colocation customers, the 8300 for branch users, and the software-based 8000 for virtual environments. Feature support includes advanced routing, SD-WAN, security and secure-access service edge (SASE), depending on customer requirements, and all models run Cisco’s IOS XE operating system software.

The extended 8000 family fills out Cisco’s Catalyst offering from the branch to the campus and data center, including wireless and industrial boxes, all with a number of common features such as support for Cisco’s intent-based networking technology, analytics and security.

Among the four new models is a low-end box – the Cisco Catalyst 8500L – that’s aimed at entry-level 1G/10G aggregation use cases, Cisco stated. The 1RU form factor 8500L is powered by 12 x86 cores and features up to 64GB memory to support secure connectivity for thousands of remote sites and millions of stateful NAT and firewall sessions, wrote Archana Khetan, senior director of product management for Enterprise Routing and SD-WAN Infrastructure at Cisco, in a blog about the new boxes.  

Businesses find that establishing aggregation sites at either core locations or colocations helps them own the first mile on their branch and remote-worker connectivity to the internet and other software-defined cloud interconnects, Khetan stated.

“The Catalyst 8500L provides ultra-fast IPsec crypto performance and advanced flow-based forwarding to keep up with the demands of today’s high-speed, secure connectivity,” Khetan stated. 

Targeting the branch, Cisco added the Catalyst 8200, which supports eight CPU cores for high-performance packet forwarding and 8GB of default RAM to run the latest security services, Khetan stated. The Catalyst 8200 Series supports up to 1Gbps of aggregate forwarding throughput, which is double the performance of its ISR 4300 predecessor, according to Khetan.

The Catalyst 8200 Series Edge Platforms have a wide variety of interface options to choose from, with backward compatibility to existing WAN, LAN and voice modules. In addition, the devices support zero-touch IT capability while migrating workloads to the cloud, Khetan stated.

When Cisco introduced the 8000 family in October, the vendor said the family also serves as an upgrade path for certain Cisco Integrated Services Router/Aggregation Services Router (ISR/ASR) devotees. For example, the 8000 is an improvement to the ISR 4400/4300, and the 8500 is an upgrade path for ASR 1001-HX/1002-HX, the company said.

The 8500 and 8200 family members continue that migration effort. For example, Cisco says the Cisco Catalyst 8500L is an upgrade from the Cisco ASR1x and ASR2x, and the Cisco Catalyst 8200 is an upgrade for the Cisco ISR 4300 and ISR 2900.

Another expansion of Cisco’s branch offerings is the 1RU Catalyst 8200 Series Edge uCPE, which is aimed at what Cisco calls the small and lean virtualized branch. The device includes Cisco’s hypervisor, Network Function Virtualization Infrastructure Software (NFVIS), Routing Virtual Network Functions (VNFs), and multiple orchestration options.

With eight x86 CPU cores with hardware acceleration for IPsec crypto traffic, the Catalyst 8200 uCPE lets branches run multiple VNFs and supports up to 500Mbps IPsec SD-WAN throughput, Cisco stated.

“Along with a higher number of WAN ports, the platform includes one Network Interface Module (NIM) slot for additional WAN and LAN modules as well as a Pluggable Interface Module (PIM) slot for wireless WAN modules for LTE Advanced and LTE Advanced Pro capabilities,” Cisco stated. 

Lastly, Cisco added a 5G device that offers cellular connectivity options for the Catalyst family. The Catalyst Cellular Gateway offers sub 6Ghz 5G connectivity to businesses for wireless WAN and wireless SD-WAN links.

Catalyst Cellular Gateways are simple to setup and can be plugged into a router or edge platform via Power over Ethernet (PoE), Khetan stated.

The cellular gateway can be placed wherever cellular reception is strongest, making installation much easier and more reliable than traditional coaxial cable antenna extensions, Cisco stated. “The ability to support new applications, either cloud hosted or on-premises, and to connect more devices reliably and flexibly, can make it easier to migrate to a wireless WAN with guaranteed Quality of Service (QoS),” Cisco stated.

Software capabilities for the 8000 family come in a tiered licensing model that includes:

  • Cisco DNA Essentials: Includes core SD-WAN capabilities such as circuit load balancing, centralized management and orchestration, and traffic path steering. It blends routing capabilities (NAT, BGP, DNS, etc.) and base security capabilities (MACsec, ACLs, Snort IPS, Enterprise Firewall, etc.).
  • Cisco DNA Advantage: Subscribers receive everything in Cisco DNA Essentials plus more advanced routing capabilities (MPLS BGP Support, IGMPv3, etc.), more advanced security functionality (Advanced Malware Protection, SSL proxy, etc.), expanded SD-WAN capabilities, vAnalytics, plus access to Cisco’s Cloud OnRamp for SaaS, for IaaS, and for Colocation.
  • Cisco DNA Premier subscription offers Cisco’s complete SASE portfolio with a single license. The integration of Cisco Umbrella SIG Essentials into Cisco DNA Premier lets customers centrally manage security for all remote and branch locations and implement cloud security across the Cisco SD-WAN fabric.