Google ADs
While creating Bill Of Material for a new ISR G2 or 4000 series Router platform, a single universal IOS software image and the corresponding permanent technology and feature licenses may be required to be included.
Users creating BOM often get confused while selecting SEC-K9 and HSEC-K9 technology package license.
SEC K9 Licence vs HSEC K9 Licence
Below clarifies the doubts by sharing the comparison between SEC-K9 and HSEC-K9 license –
Google ADs
| PARAMETER | SEC-K9 LICENSE | HSEC-K9 LICENSE |
|---|---|---|
| Philosophy | The SEC-K9 license enables standard encryption (VPN payload and secure voice) on the ISR G2 platforms. The SEC-K9 license is designed to comply with both local and U.S. export requirements for global distribution to all countries. This license enforces a curtailment on the maximum number of encrypted tunnels (225 tunnels) and the maximum encrypted throughput (85 Mbps) on the ISR G2 platforms. | The HSEC-K9 license removes the curtailment enforced by the U.S. government export restrictions on the encrypted tunnel count and encrypted throughput. With the HSEC-K9 license, the ISR G2 router can go over the curtailment limit of 225 tunnels maximum for IP Security (IPsec) and encrypted throughput of 85-Mbps unidirectional traffic in or out of the ISR G2 router, with a bidirectional total of 170 Mbps. |
| License | SL-19-SEC-K9, SL-29-SEC-K9, SL-39-SEC-K9, SL-44-SEC-K9, SL-4350-SEC-K9, SL-4330-SEC-K9, SL-4320-SEC-K9 | FL-29-HSEC-K9, FL-39-HSEC-K9, FL-39E-HSEC-K9, FL-44-HSEC-K9, FL-4350-HSEC-K9, FL-4330-HSEC-K9, FL-4320-HSEC-K9 |
| Scalability | SEC/K9 licenses limit all encrypted tunnel counts to 225 tunnels maximum for IP Security (IPsec), encrypted throughput of 85-Mbps unidirectional traffic in or out and 1000 tunnels for Transport Layer Security (TLS) sessions | With the HSEC-K9 license, the ISRG2 router can go over the curtailment limit of 225 tunnels maximum for IP Security (IPsec) and encrypted throughput of 85-Mbps unidirectional traffic in or out of the ISR G2 router, with a bidirectional total of 170 Mbps |
| Prerequisites to enable on Router | The SEC license requires the universalk9 or equivalent image | The HSEC license requires the universalk9 image and the SEC license pre-installed. |
| Platforms supporting license | Cisco 1941, 2901, and 2911 Cisco 2921, Cisco 2951, Cisco 3925, Cisco 3945, Cisco 3925E, and Cisco 3945E | Cisco 2921, Cisco 2951, Cisco 3925, Cisco 3945, Cisco 3925E, and Cisco 3945E |
| Evaluation License | The SECK9 feature has option for an evaluation license that converts to an RTU license after 60 days. | The HSECK9 feature does not have an evaluation license that converts to an RTU license after 60 days. |
Download the difference table here.
Note – The HSEC license and curtailment were introduced in the Cisco IOS Software Release 15.0(1)M1 and will be enforced on all images following that release.
ABOUT THE AUTHOR
Founder of AAR TECHNOSOLUTIONS, Rashmi is an evangelist for IT and technology. With more than 12 years in the IT ecosystem, she has been supporting multi domain functions across IT & consultancy services, in addition to Technical content making.
You can learn more about her on her linkedin profile – Rashmi Bhardwaj
