Cisco Systems 850, 870 IP Telephony, Secure Networking

Dynamic Multipoint VPN (DMVPN), Cisco offers

the industry’s most robust and adaptable security

solution for branch office routers

IP Telephony

The Cisco 3800 Series allows network managers

to provide scalable analog and digital telephony

without investing in a one-time solution, giving

enterprises greater control of their converged

telephony needs Using voice and fax modules,

the Cisco 3800 Series can be deployed for

applications ranging from VoIP and Voice-

over-Frame Relay (VoFR) transport to robust,

centralized solutions using the Cisco Survivable

Remote Site Telephony (SRST) solution

or distributed call processing using Cisco

CallManager Express (CCME) The architecture

is highly scalable with the ability to support up

to 168 IP phones with the 3825 router and 240

IP phones with the 3845 router, 24 T1/E1s trunks,

88 foreign-exchange-station (FXS) ports, or 56

foreign-exchange-office (FXO) ports concurrent

with data routing and other services

Benets and Advantages continued

Cisco 3800 Series

Security Features

IPSec VPN

• Advanced Encryption Standard (AES) 128,

192, and 256 bit keys; Triple Data Encryption

Standard (3DES); and DES cryptology support

• Embedded hardware-based VPN acceleration

on the motherboard

• Cisco Easy VPN remote

• Cisco Easy VPN server

• Dynamic Multipoint VPN (DMVPN)

• Virtual Tunnel Interfaces (VTI)

• 8021x

• VPN QoS—Preclassication support

• Support for up to 2500 tunnels with AIM-VPN

Multiprotocol Label Switching (MPLS) VPN

Support

• Specic provider edge capabilities

• Virtual routing and forwarding (VRF) rewall

and VRF IPSec

Cisco IOS IPS

• Inline ability to drop packet, reset connection,

locally shun, or send an alarm

• Dynamically load and enable selected attack

signatures in the same manner as Cisco IPS

Appliances

Network Foundation Protection

• Control Plane Policing (CPP)

• AutoSecure

• CPU/Memory Threshold

• Secure Shell (SSH)

• Access Control List (ACL)

• Command Line Interface (CLI)

• Committed Access Rate (CAR)

IOS WebVPN (SSL VPN)

• Secure remote access for mobile users

without installing PC client software

• Integrated into the router—no separate

appliance required

• Cisco 3825 and 3845 support up to 100 users

• Requires IOS WebVPN feature license

FL-WEBVPN-10, FL-WEBVPN-25 or

FL-WEBVPN-100 (purchase multiple quantities

to add up to the desired number of users)

• Requires an IOS security feature set (IOS

security feature set is included in all secure

router bundles)

Media Authentication and Encryption

• Standards-based authentication and

encryption using secure RTP provides a

secure environment for IP Communications

• Advanced Encryption Standard (AES) 128-bit

cryptography support

Cisco IOS Firewall

• Feature rich, stateful rewall

• Per-user authentication and authorization

• Real-time alerts

• Transparent rewall

• IPv6 rewall

• VRF-Aware rewall

• Advanced Application Inspection and Control

– HTTP inspection engine

– E-mail inspection engines (SMTP, ESMTP,

IMAP, POP)

Benets and Advantages continued

Cisco 3800 Series

offering up to three times the performance, new

embedded service options, and dramatically

increased slot performance and density while

maintaining support for most of the more

than 90 existing modules that are available

today for the Cisco 3700 Series This helps

to ensure continuing investment protection to

accommodate network expansion or changes in

technology as new services and applications are

deployed By integrating the functions of multiple

separate devices into a single, compact unit,

Cisco 3800 Series Integrated Services Routers

dramatically reduce the cost and complexity

of managing remote networks The Cisco 3800

Series delivers multiple concurrent services

at wire-speed performance of up to T3/E3

speeds The Cisco 3845 features a removable

motherboard, fan assembly, and supports high-

availability features such as online insertion

and removal (OIR) of like network modules, and

redundant integrated system and inline power

supplies

Integrated Services

With the optional integration of numerous

services modules, the Cisco 3800 Series offers

the ability to easily integrate the functions of

standalone network appliances and components

into the Cisco 3800 Series chassis itself Many

of these modules, such as the Cisco Network

Analysis Module, Cisco Unity Express™ Voice

Mail Module, Cisco Intrusion Prevention Module,

and Cisco Content Engine Module, have

embedded processors and hard drives that

allow them to run largely independently of the

router while allowing management from a single

management interface This flexibility greatly

expands the potential applications of the Cisco

3800 Series beyond traditional routing, while

maintaining the benefits of integration The Cisco

3845 Integrated Services Router is optimized for

the concurrent delivery of voice, video, and data

at T3 wire-rate performance The architecture

provides high-performance embedded security

and voice processing for reliable delivery of

mission-critical traffic such as VoIP, business

video, and collaborative communications

The Cisco 3845 is engineered to help customers

effectively scale deployment of services, offering

the following hardware features:

• Two built-in autosensing 10/100/1000

Ethernet ports

• One small form-factor pluggable (SFP) slot

gigabit Ethernet

• Two built-in USB ports

• Four network module slots for single-wide or

extended network modules, two double-wide

or extended double-wide network modules

(NME-XD), or two extension voice/fax modules

(EVM-HD)

• Four single-wide or two double-wide HWICs

• Two advanced integration modules (AIMs)

• Four Packet Voice DSP Modules (PVDM) slots

for voice processing

• Onboard IP Security (IPsec) acceleration

• 8023af-compliant inline power for IP phones

or wireless access points

The Cisco 3825 is engineered to help customers

effectively scale deployment of services, offering

the following hardware features:

• Two built-in autosensing 10/100/1000

Ethernet ports

• One SFP slot gigabit Ethernet

• Two built-in USB ports

• Two network module slots for single-wide or

extended network modules, one double-wide

or extended double-wide network module

(NME-XD), or one extension voice/fax module

(EVM-HD)

• Four single-wide or two double-wide HWICs

• Two AIMs

• Four PVDM slots for voice processing

• Onboard IPSec encryption acceleration

• 8023af-compliant inline power for IP phones

or wireless access points

• External Redundant Power Supply (RPS) for

system power and external redundant inline

power for IP phones

Secure Networking

Integrated on the motherboard of every Cisco

3800 Series router is hardware-based encryption

acceleration that offloads the encryption

processes to provide greater IPSec throughput

with less overhead for the router CPU when

compared with software-based solutions

The integration of optional VPN modules (for

enhanced performance and tunnel count),

content-engine network modules for URL

filtering, or intrusion prevention network modules,

combined with the rich Cisco IOS Software

security feature set that includes firewall,

Network Access Control (NAC), voice- and video-

enabled VPN (V3PN), intrusion prevention, and