In summary, there are three: 1) integration between enterprise and cloud networks, 2) enterprise-wide scale, and 3) cloud apps visibility and control. This post will go into details for each. Visit our previous posts for [i] a brief overview of the recent CSR 1000v on Microsoft Azure announcement and [ii] a list of FAQ answers.
- Seamless Integration Between Enterprise and Cloud Networks
Now that the CSR 1000v is available on Microsoft Azure, enterprises are implementing it to extend their networks into the cloud and utilize Microsoft’s cloud platform for compute. The CSR 1000v addresses the difficulties of integrating Azure cloud regions into existing enterprise networks as follows. The CSR 1000v provides the familiar innate IOS XE command line interface of the industry’s most trusted enterprise networking platforms (ASR 1000, ISR 4000, etc.). The configuration of the CSR 1000v in Azure is identical to on-premises deployments of the ISRs and ASRs. It has the same features/releases/patches as ASR 1000 routers as well as the same end-to-end support from Cisco TAC and deep integration with other Cisco cloud products. The CSR 1000v allows enterprises to avoid the steep learning curve regarding deployment and management of VPN, Firewall, etc. using public cloud services by sticking to the familiar IOS based solution. This means the same firewall rules can be loaded on to the CSR 1000v as already existed in other Cisco networking nodes.
- Enterprise-Wide Scale
On Microsoft Azure the CSR 1000v allows customers to scale up to 1,000 VPN tunnels in one license while supporting numerous VPN technologies (EZVPN, DMVPN, FlexVPN, SSLVPN, GETVPN). Current cloud networking tools support only point-to-point VPN and are billed hourly per tunnel. By overcoming the scalability limitations imposed by cloud networking services and the difficulty to meet regulatory compliance needs using native cloud tools, the CSR delivers true enterprise-wide scalability.
- Cloud Apps Visibility and Control
With the advanced application license for the CSR 1000v, enterprises also have the ability to monitor and analyze Azure security and performance even with Azure’s limited network visibility, troubleshooting, and analytics tools. Using Application Visibility and Control (AVC) functionality, over 1,000 different applications can be monitored and reported on. AVC supports the blocking and shaping of application specific traffic using defined rules too. The CSR 1000v with AVC can also export application flows and latency information to pinpoint trouble points inside and outside of the Azure cloud.
Compared to its competition, the CSR 1000v is the highest performance cloud router available today. It is more feature rich than the competition as well as offering better support. Although relatively new to Azure, the CSR 1000v is a well-proven solution in other public clouds.
The reduced burden on IT staff by virtualizing a familiar networking platform allows enterprises to easily expand into the Microsoft Azure cloud. Leveraging the highest-performance virtual router with end-to-end support from Cisco TAC enables the most flexible and powerful hybrid cloud network possible. It is all these points that provide the main business drivers for the CSR 1000v adoption.
How can this help me when Express Route is utilised via a IXP?
Hi Tony, Express Route connections to Azure are not encrypted. Technically Express Route connections are private, not shared or routed on the public internet, but that does not mean they are necessarily secure. With the CSR 1000v you can secure you Express Route connection while seamless integrating Azure with your existing VPN architecture. The CSR 1000v supports up to 1000 VPN tunnels so you can scale your VPN connections and implement different VPN technologies like DMVPN, EZVPN and GETVPN.
Matthew