I'm currently running a 3640 at our corporate gateway, which generally works fine for our needs. Under the current configuration, the router uses about 40+% cpu peak.
Lately I've been playing with nbar, and of course this really hammers the cpu when the traffic load is high. I've read of folks recommending a 2811 as a replacement in this situation. Is the 2811 really strong enough? I would have expected the 3800 to be the recommended upgrade. I do have a 2811 on hand, but I don't want to replace the 3640 only to be in the same situation with the 2811. How do these two really compare in performance?
My personal experience has shown that when certain features are enabled (firewall, IPS, NBAR) on the 2811 it does bog it down as well.
To allow for growth, I would go with the 2821. The 2821 is a big jump from the 2811 in my opinion. I have a few 2821s running NBAR, NetFlow, QoS, Firewall & IPS and average CPU usage is 5%.