Cisco Systems 870 Secure Networking, IP Telephony, Security Features Series Features Overview

Page 21

Cisco 2800 Series

Benefits and Advantages continued

expands the potential applications of the Cisco

offers the industry’s most robust and adaptable

Cisco 2800 Series

Security Features continued

Network Foundation Protection

Security Solutions

2800 Series beyond traditional routing, while

security solution for branch-office routers..

maintaining the benefits of integration..

 

• Control Plane Policing (CPP)

• AutoSecure

• Network Admission Control (NAC)

• Voice and Video Enabled IPSec VPN (V3PN)

Secure Networking

Integrated on the motherboard of every Cisco 2800 Series router is hardware-based encryption acceleration that offloads the encryption processes to provide greater IPSec throughput with less overhead for the router CPU, when compared with software-based solutions.. With the optional integration of VPN modules (for enhanced performance and tunnel count), content engine network modules for URL filtering, or intrusion-prevention network modules, combined with the rich Cisco IOS Software security feature set that includes firewall, network admission control (NAC), voice and video-enabled VPN (V3PN), intrusion prevention, and Dynamic Multipoint VPN (DMVPN), Cisco

IP Telephony

The Cisco 2800 Series allows network managers to provide scalable analog and digital telephony without investing in a one-time solution, giving enterprises greater control of their converged telephony needs.. Using voice and fax modules, the Cisco 2800 Series can be deployed for applications ranging from voice over IP (VoIP) and voice over Frame Relay (VoFR) transport

to robust, centralized solutions using the Cisco Survivable Remote Site Telephony (SRST) solution or distributed call processing using Cisco CallManager Express (CCME).. The architecture is highly scalable with the ability to support up to 96 IP phones, 12 T1/E1s trunks,

52 foreign-exchange-station (FXS) ports, or 36 foreign-exchange-office (FXO) ports concurrent with data routing and other services..

• CPU/Memory Threshold

• Secure Shell (SSH)

• Access Control List (ACL)

• Command Line Interface (CLI)

• Committed Access Rate (CAR)

URL Filtering

Onboard with an optional content-engine network module

Local URL filtering in Cisco IOS software based on external server

Onboard USB 1.1 port

1 or 2 onboard USB 1..1 ports

Secure token and Flash memory support

Optional Security Modules

IDS/IPS Network Modules (NM-CIDS portfolio)

VPN and Encryption Advanced Integration Modules (AIM-VPN portfolio)

Content Engine Network Modules (NM-CE portfolio)

Cisco Router and Security Device Manager (SDM)

• Ships by default

Certifications

ICSA IPSec

ICSA Firewall

Common Criteria IPSec (EAL4) (in process)

Common Criteria Firewall (EAL4+) (in process)

FIPS 140-2, Level 2 (in process)

Security Features

Series Features Overview

IPSec VPN

Advanced Encryption Standard (AES) 128, 192, and 256; Triple Data Encryption Standard (3DES); and DES cryptology support

Embedded hardware-based VPN acceleration on the motherboard

Cisco Easy VPN remote; Cisco Easy VPN server

Dynamic Multipoint VPN (DMVPN)

Virtual Tunnel Interfaces (VTI)

VPN QoS— Preclassification support

Support for up to 1500 VPN tunnels with the AIM-VPN module

Multiprotocol Label Switching (MPLS) VPN Support

Specific provider edge capabilities

Virtual Routing and Forwarding (VRF) firewall and VRF IPSec

Cisco IOS IPS

Inline ability to drop packet, reset connection, locally shun, or send an alarm; dynamically load and enable selected attack signatures in the same manner as Cisco IPS Appliances

IOS WebVPN (SSL VPN)

Secure remote access for mobile users without installing PC client software

Integrated into the router— no separate appliance required

Cisco 2801 supports up to 25 users, Cisco 2811 and 2821 support up to 50 users, and Cisco 2851 supports up to 75 users..

Requires IOS WebVPN feature license FL-WEBVPN-10 or FL-WEBVPN-25 (purchase multiple quantities to add up to the desired number of users)

Requires an IOS security feature set (IOS security feature set is included in all secure router bundles)

Cisco IOS Firewall

Feature rich, stateful firewall

Per-user authentication and authorization

Real-time alerts

Transparent firewall

IPv6 firewall

VRF-Aware firewall

Advanced Application Inspection and Control

HTTP inspection engine

E-mail inspection engines (SMTP, ESMTP, IMAP, POP)

Features

Details

 

 

Multiprotocol Label Switching (MPLS)

Specific Provider Edge (PE) capabilities

VPN Support

 

 

 

Intrusion Prevention System (IPS)

More than 1600 IPS signatures supported in Cisco IOS Software,

 

with the ability to load and enable selected IPS signatures

 

Optional high-performance IPS Network Module with more than

 

2000 signatures

 

 

URL Filtering

Onboard filtering with an optional content engine network module

 

Local URL filtering in Cisco IOS Software based on external server

 

 

Cisco Router and Security Device

Comes standard on all Cisco 2800 Series routers

Manager (SDM), version 2.0 and

 

Above

 

 

 

Media Authentication and Encryption

Standards-based authentication and encryption using secure RTP

 

provides a secure environment for IP Communications

 

Advanced Encryption Standard (AES) 256-bit cryptography support

 

 

IP Telephony Features

 

 

 

IP Phone Support

Optional integrated power supply with inline power, 802..3af support

 

Up to 360W of inline power (Note: requires power supply upgrade)

 

 

Analog Voice Support

One EVM on the Cisco 2821 and Cisco 2851

 

Up to 52 FXS and 36 FXO ports

 

 

Digital Voice Support

Up to 192 calls

 

 

DSP (PVDM) Slots on

Up to three DSP slots on motherboard

Motherboard

Local Conferencing and Transcoding

 

 

 

Cisco CallManager Express (CCME)

Up to 96 phones

38

39

Page 20 Page 22
Image 21
Page 20 Page 22
Contents Cisco Router Guide Cisco Router Guide Integrated Services Routers Series Overview Cisco 7200 Series Product Transition Matrix Cisco Cisco 1801, 1802 Transition MatrixCisco 1711 Cisco 1811 CiscoEasy Setup and Deployment Integrated ServicesCisco 850 Series Remote ManagementWlan Features Security FeaturesWhen to Deploy Series DistinctionsCisco 870 Series Cisco 870 VPN Features Cisco 870 Security FeaturesDeploy the Cisco 870 Series when you need Following in a small remote office, orHigh-Availability Features Benefits and Advantages Cisco 1800 Series Fixed-ConfigurationWireless Integrated Wireless LAN CapabilitySecurity Application Example VPNHigh-Availability Features Example Wireless ExampleDram MB WANCISCO1801W-AG-E/K9 CISCO1801CISCO1802W-AG-E/K9 CISCO1803W-AG-A/K9Enhanced Architecture Cisco 1800 Series ModularMarket-leading Integrated Security Flexibility and Investment Protection Multiprotocol Label Switching Mpls VPN Support Security Solutions IPSec VPN Network Foundation ProtectionCISCO1841 Product BundlesAIM NMEIntegrated Switching Cisco 2800 SeriesInvestment Protection and Versatility Features Details Security Features Series Features OverviewIP Telephony Features Secure NetworkingDeploy the Cisco 2800 Series when you need Features Details Cisco Srst Up to 96 phonesNME EVM AIM Hwic Pvdm Pstn WANCisco 2800 Series Base Chassis Part Numbers Optional itemsSecurity Bundles Voice BundlesInvestment Protection and Versatility Cisco 3800 SeriesBroadband Bundles WAN Optimization BundlesEVM-HD Media Authentication and EncryptionIP Telephony Features Deploy the Cisco 3800 Series when you needSrst NME-X NMENMD NME-XDSecure Voice Bundles Application ExamplesCisco 7200 Series Maximum ROI Feature-RichConnectivity/Flexibility Common Port AdaptersSecurity Solutions Example Security Solutions CertificationsApplication Example 7206VXR/VSA+VPNK9 CISCO7201CPE MPLS/IPV6Key features of the Cisco 7301 Router are Next-Generation Policy and Subscriber SolutionCisco 7301 Series Benefits & Advantages Security Features Low Power ConsumptionCompact Form Factor VPN Support Benefits & AdvantagesInternet VPN Tunnels Cisco Router Enabled Key Application Service Providers When To DeployKey Applications for Enterprise deployments Power SuppliesCisco 7301 Bundles and Other Part Numbers BroadbandCisco 7301 Feature Licenses Cisco 7301 AccessoriesProduct Number Product Description Memory options FR-ISG73=High-performance IP/MPLS Services Cisco 7304 SeriesHighly Scalable and Available CISCO7304 Deploy the Cisco 7304 when you needCISCO7304-CH CISCO7304CH-NSE150PA-A3-8T1IMA= PA-A3-8E1IMA=PA-A6-OC3MM= PA-A6-OC3SMI=HALFSLOTBLNK= Product Number Product Description Cisco 7304 Accessories7300-4RU/RCKBRKT= CNTR-SPTUM=Cisco 7600 Series Service ProtectionDevice Protection Network ProtectionCisco 7613 Systems Cisco 7609 Systems Cisco 7606 SystemsCisco 7604 Systems CISCO7603-S Cisco 7603 Flexwan ModulesSPA-24CHT1-CE-ATM SPA-1CHOC3-CE-ATM= SPA-24CHT1-CE-ATM=WS-SUP720-3BXL WS-SUP32-GE-3BWS-F6700-DFC3BXL WS-F6K-DFC3BPA-H OSM-1CHOC12/T1-SI OSM-1CHOC12/T1-SI=PA-H= PA-2H PA-E3Cisco 7600/CATALYST 6500 Ethernet Modules Cisco 7600 Services Modules SFP-GE-Z CWDM-OADM4-1= CWDM-OADM4-2=SFP-GE-Z= SFP-OC3-IR1Maximum Network Uptime Cisco Catalyst SeriesValidated Solutions Services Integration and FlexibilityIntegrated Security Scalable PerformanceCisco 6513 Systems Feature Cisco 6503-E Cisco 6504-E Cisco 6506-E Cisco 6509-ECisco 6506-E Systems Cisco 6509-E SystemsCisco 6504-E Systems Cisco 6503-E SystemsCisco 7600 and Catalyst 6500 SIP Modules and SPA Modules WS-SVC-IPSEC-1= ACE10-6500-K9WS-SVC-AON-1-K9 WS-X6066-SLB-APC=Cisco Security Services Modules Network Analysis Module LAN and Mixed Media Network Modules CiscoModularNetworkAccessModulesRoutersNM-16ESW NM-16ESW-1GIGNME-16ES-1G-P 1GIGPPWR-DCARD- 16ESW NME-X-23ES-1G-PLAN and WIC Combo Network Modules LAN Network ModulesNM-1FE1R2W Circuit Emulation Over IP Network ModulesNM-CEM-4TE1 NM-2WSerial T3/E3 Network Modules Cisco Serial Connectivity Network ModulesHigh-Speed Serial Network Modules-Up to 52 Mbps NM-1T3/E3Asynchronous Serial Network Modules-Up to 128 Kbps Synchronous Serial Network Modules-Up to 8 MbpsNM-4T NM-4A/SCisco Channelized T1/E1 and Isdn Network Modules NM-1CE1T1-PRINM-2CE1T1-PRI Isdn Basic Rate Interface Network Module Cisco ATM Network ModulesATM OC3 Network Modules ATM T3/E3 Network ModulesCisco Satellite Network Modules Way Satellite WAN Connectivity Network ModuleNM-1VSAT-GILAT Digital Modem Network Modules Cisco Dial-up/Remote Access Network ModulesNM-6DM NM-12DMNM-24DM Analog Modem Network ModulesNM-8AM-V2 NM-30DMAnalog and Isdn Basic Rate Voice Network Modules Cisco Voice Network ModulesNM-HD-1V NM-HD-2VEVM-HD-8FXS/DID NM-HD-2VENM-HDA-4FXS EM-4BRI-NT/TET1/E1 Digital Voice Network Modules NM-HDV2 PVDM2-8Voice Mail Network Modules Cisco Services Network Modules Wireless LAN Controller ModuleNetwork Analysis And Monitoring Content Engine Network Modules Serial WICs Cisco Interface CardsWIC-1T WIC-2THWIC-4T WIC-1DSU-T1-V2WIC-1DSU-56K4 HWIC-4A/SDSL WICs and HWICs Isdn BRI WICsHWIC-4SHDSL WIC-1ADSL-DGWIC-1ADSL-I-DG HWIC-1ADSLEthernet and High-speed Switching WICs Cable DOCSIS-based HWICsAnalog Modem WICs HWIC-D-9ESW-POE HWIC-1FEILPM-8= Wireless LAN Antennas Hwic Wireless LAN Interface Cards and AccessoriesHWIC-2FE HWIC-AP-G and HWIC-AP-AGCisco Voice Interface/WICs Wireless LAN AntennaCables VWIC2-1MFT-T1/E1VWIC-2MFT-T1 VWIC2-2MFT-T1/E1VWIC-2MFT-T1-DI VWIC-1MFT-T1VWIC-2MFT-E1-DI VWIC-1MFT-E1VWIC-2MFT-E1 VWIC2-1MFT-G703VWIC2-2MFT-G703 VWIC-2MFT-G703VWIC-1MFT-G703 Analog Voice Interface Cards Cisco Voice Interface CardsVIC-2DID VIC2-2FXSIsdn BRI Voice Interface Cards Compression Advanced Integration Modules Cisco Advanced Integration Modules Security ModulesAIM-COMPR4 AIM-COMPR2-V2Voice Mail Advanced Integration Modules Security ModulesATM Advanced Integration Modules Universal Serial Bus USB Ports Cisco Universal Serial Bus USB CardsMEMUSB-64FT MEMUSB-128FTCisco Network Module Compatibility Quick Look Ethernet Switching Network Modules AccessoriesLAN Network Modules LAN and WIC Combo Network ModulesCisco Network Module Compatibility Quick Look Voice Digital Signal Processors DSPs High-density Digital Voice Network Modules and AccessoriesModem Digital Signal Processors DSPs Services Network ModulesCisco Interface Card Compatibility Quick Look Serial WICsIsdn BRI WICs Cisco Interface Card Compatibility Quick Look Isdn BRI Voice Interface Cards Analog Voice Interface CardsCompression Advanced Integration Modules Cisco Advanced Integration Module Compatibility Quick LookVPN and Encryption Advanced Integration Modules Voice-mail Advanced Integration ModulesCisco Advanced Integration Module Compatibility Quick Look Cisco Port Adapter Compatibility Quick LookATM Advanced Integration Modules ATM Port AdaptersCisco Port Adapter Compatibility Quick Look Cisco Shared Port Adapter Compatibility Quick Look VPN Service AdaptersSonet PAs Other Port Adapters and SAsCisco USB Flash Memory Compatibility Quick Look Cisco Series Port Adapter Compatibility Quick LookUSB Flash Memory 210 211 USA
Top Page Image Contents