The time to bring up new remote sites is dramatically reduced because Catalyst SD-WAN supports
rapidly deployed DSL and 3G/4G LTE connections as easily as MPLS.
Security is assured across these connections using a zero-touch secure VPN technology used by
governments and finance organizations worldwide.
From a platform perspective, the ISR 4000 series has
Separated control and data planes for Denial of Service (DoS) attack prevention and Intrusion Prevention
System (IPS) and firewall capability built-in.
SaaS applications can have content locally cached. The caching is automatic and peers directly with
Akamai technology to obtain intelligence.
Application performance speed is greatly increased using in-built application acceleration technology
that can locally cache at a byte-level.
Cisco Catalyst SD-WAN implementation on the ISR4000 is managed at the end device either from the
Cloud, or On-Premise, through ascending levels of Cisco DNA throughput-based subscription licenses.
Cisco DNA Essentials and Advantage subscription licenses enable all customers to seamlessly transition
between On-Premise and Cloud management as needed. The Cisco DNA subscription license tiers are
structured to support the growth in business needs and simplify the journey to intent-based networking for
the WAN.
For more information on Cisco DNA Subscriptions for SD-WAN and Routing, please refer to
https://www.cisco.com/site/us/en/products/networking/wan-software/dna-subscription-wan/index.html.
Cisco Security Solutions for the ISR4000 Series
Cisco WAN MACsec
Cisco routers support a wide-range of ever enhancing security features on the ISR4000 routers. Cisco
WAN MACsec is supported on the ISR4000 series routers using the NIM 2GE-CU-SFP module. WAN
MACsec provides a line-rate network encryption solution over Layer 2 Ethernet transport services and can
be leveraged outside campus networks, whether it be over Metro Ethernet transport or Data Center
Interconnect (DCI) links. MACsec also secures WAN connections that are leveraging Ethernet as the link-
layer media.
Cisco Secure Network Analytics
Cisco Secure Network Analytics provides enterprise-wide network visibility to detect and respond to
threats in real- time. The solution continuously analyzes network activities to create a baseline of normal
network behavior. It then uses this baseline, along with non–signature-based advanced analytics that
include behavioral modeling and machine learning algorithms, as well as global threat intelligence to
identify anomalies and detect and respond to threats in real- time. Secure Network Analytics can quickly
and with high confidence detect threats such as Command-and-Control (C&C) attacks, ransomware,
Distributed-Denial-of-Service (DDoS) attacks, illicit cryptomining, unknown malware, and insider threats.
With an agentless solution, you get comprehensive threat monitoring across the entire network traffic, even
if it’s encrypted. For more information and platform support refer to
https://www.cisco.com/c/en/us/products/collateral/security/stealthwatch/datasheet-c78-739398.html.