Cisco 1800 Modular Series

Benefits and Advantages continued

Admission Control (NAC) support for anti-virus

great modular density and high performance,

 

defense, the Cisco 1841 offers a robust and

the Cisco 1841 router provides security,

 

adaptable security solution for branch-office

versatility, scalability, and flexibility for multiple

 

routers.. Every Cisco 1800 Series router comes

applications to the small- to-medium-sized

 

with the factory-installed Cisco Router and

business, small enterprise branch office, and

 

Security Device Manager (SDM).. Cisco SDM is

the service provider customer edge.. The Cisco

 

an intuitive, Web-based device manager that

1841 router easily accommodates several

 

offers easy router configuration and monitoring,

network applications, such as secure branch-

 

startup wizards for quick deployment and lock-

office data access (including NAC for antivirus

 

down, smart wizards to help enable security

defense), VPN access and firewall protection,

 

and routing features, Cisco Technical Assistance

business-class DSL, IPS support, inter-VLAN

 

Center (TAC)-approved router configurations,

routing, and serial device concentration.. The

 

and subject-related educational content..

Cisco 1841 router provides customers with the

 

 

industry’s most flexible, secure, and adaptable

 

Integrated Services

infrastructure to meet both today’s and

 

By providing integrated services, as well as

tomorrow’s business requirements for maximum

 

investment protection..

 

 

 

 

 

 

Security Features

 

 

 

 

 

IPSec VPN

 

 

Advanced Encryption Standard (AES) 128, 192, and 256; Triple Data Encryption Standard (3DES); and DES cryptology support

Embedded hardware-based VPN acceleration on the motherboard

Cisco Easy VPN remote

Cisco Easy VPN server

Dynamic Multipoint VPN (DMVPN)

Virtual Tunnel Interfaces (VTI)

802..1x

VPN QoS —Preclassification support

Support for up to 800 IPSec tunnels using the AIM-VPN/BPII-PLUS

Cisco 1800 Modular Series

Security Features continued

Network Foundation Protection

 

 

• Control Plane Policing (CPP)

• Access Control List (ACL)

• AutoSecure

Command Line Interface (CLI)

• Secure Shell (SSH)

Committed Access Rate (CAR)

URL Filtering

• Local URL filtering in Cisco IOS software based on external server

Onboard USB 1.1 Port

Single onboard USB 1..1 port

Secure token and Flash memory support

Security Solutions

• Network Admission Control (NAC)

Optional Security Modules

• VPN and Encryption Advanced Integration Modules (AIM-VPN/BPII-PLUS)

Cisco Router and Security Device Manager (SDM)

• Ships by default

Certifications

 

• ICSA IPSec

• Common Criteria IPSec (EAL4) (in process)

• ICSA Firewall

• Common Criteria Firewall (EAL4+) (in process)

 

• FIPS 140-2, Level 2 (in process)

Security Example

Multiprotocol Label Switching (MPLS) VPN Support

• Support for VRF-lite and VRF aware IPSec

Cisco IOS IPS

Inline ability to drop packet, reset connection, locally shun, or send an alarm

Dynamically load and enable selected attack signatures in the same manner as Cisco IPS Appliances

Cisco IOS Firewall

Corporate

Headquarters

PSTN

 

 

 

Cisco 7200

V

SS7

(VoIP-enabled)

 

IMT

Large

Branch

Office

 

 

 

 

V

Cisco 3800

PRI

 

(VoIP-enabled)

Feature rich, stateful firewall

Per-user authentication and authorization

Real-time alerts

Transparent firewall

IPv6 firewall

IOS WebVPN (SSL VPN)

VRF-Aware firewall

Advanced Application Inspection and Control

HTTP inspection engine

E-mail inspection engines (SMTP, ESMTP, IMAP, POP)

SP IP VPN Core

Small

Branch

Branch

Office

Office

 

Secure remote access for mobile users without installing PC client software

Integrated into the router—no separate appliance required

Cisco 1841 supports up to 25 users

Requires IOS WebVPN feature license FL-WEBVPN-10 or FL-WEBVPN-25

Requires an IOS security feature set (IOS security feature set is included in all secure router bundles)

Cisco 1841

Cisco 2800

Branch office Network Admission Control (NAC) helps ensure that every endpoint complies with network security policies before being granted access, protecting the network from viruses and worms..

32

33

Page 18
Image 18
Cisco Systems 850, 870 IPSec VPN, Network Foundation Protection, Onboard USB 1.1 Port, Security Solutions, Certifications