When Cisco and Juniper first said they were opening their router OSes, I thought that they'd be about as open as the iPhone. With Cisco's launch of IOS XE, I realize I was wrong: The iPhone is much more open.

The update to IOS runs on the ASR-1000, Cisco's new edge router aimed at both enterprises and carriers. Aside from the usual improvements in bandwidth and power consumption, its main selling point is that it can act as a platform for more than just routing, hosting multiple network services like a firewall, a session border controller, and deep packet inspection. The router is designed to be upgradeable for new services, but there's no sign of an API and Cisco has no plans to let outside developers create these services.

Still, IOS XE is open in one important sense: It's built on Linux, making the ASR Cisco's first router based on open-source code. (Or at least its first high-end enterprise router. Home Linksys APs have been running Linux since 2003.) Cisco last week preannounced its first box that runs Windows, so the move looks more like part of a general advance into server territory than a particular love of open source. But by router standards (or even Apple standards), Windows is open.

So far, Cisco plans to run Windows on top of IOS, pitching it as a way to give branch office users access to familiar print and file services without actually needing a server. With Linux, it's the other way round. IOS XE provides the high-level services that control security and routing itself, but the whole thing runs virtualized on a Linux core. The Linux part is perhaps more reliable than the IOS part, as Cisco touts failover as one of the virtualized architecture's big advantages: If one instance of IOS XE crashes, the router doesn't.

The ASR-1000 uses Linux's built-in Kernel-based Virtual Machine (KVM), which isn't as well known as Xen and VMWare (probably because no one is pumping millions of dollars into it) but seems to have gained a following in the embedded space. Last week, Cisco competitor Riverbed launched a branch office accelerator that uses KVM to virtualize software from partners like Infoblox, and the plan is that it will eventually be able to run user-created apps.

Cisco isn't going that far yet. Riverbed's accelerators are aimed at small offices (where they compete with Cisco's WAAS, the box that will run Windows), whereas the ASR is intended for much bigger corporate or carrier data centers. Right now, its virtualization just means multiple instances or versions of IOS XE. But with many of the networking startups that Cisco buys selling Linux-based appliances, KVM could make their technology much easier to assimilate.

Much of the value in high-end switches and routers comes from their custom hardware, which in the ASR's case means the QuantumFlow network processor – a new 40-core chip designed to handle 160 simultaneous threads.  Cisco doesn't usually bother to list chips' names or tout their features separately from the products they go in, so it's clearly impressed with the QuantumFlow.

The QuantumFlow itself doesn't run Linux or IOS – they're in the control plane, it's in the data plane – but it, too, is more open than the ASICs that Cisco has traditionally used in its switches and routers. It can be programmed in standard C, and it's designed to be upgradeable to support new services. But as with IOS, all that programming will be done by Cisco, not by users.