Cisco 7301 Series

Security Features continued

Security Solutions

Cisco Router and Security Device Manager (SDM)

• Network Admission Control (NAC)

• Ships by default with Cisco 7301

• Voice and Video Enabled IPSec VPN (V3PN)

security bundles

• Group Encrypted Transport VPN (GET VPN)

Certifications

tunnel-less VPN offering higher scalability

Optional Security Modules

• ICSA IPSec

• ICSA Firewall

 

• IDS/IPS Network Modules (NM-CIDS portfolio)

• Common Criteria IPSec (EAL4)

• VPN and Encryption Service Adapters

• Common Criteria Firewall (EAL4+)

(SA-VAM2+)

• FIPS 140-2, Level 2

 

 

Security Solutions Example

 

 

 

Easy VPN Server Application

 

 

Branch

 

Teleworker

 

 

Office

Cisco IOS Router Enabled with

 

 

 

 

 

 

Firewall and Easy VPN Remote

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Internet

VPN Tunnels

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cisco Router Enabled

 

 

 

 

 

 

 

with Firewall and

 

 

 

 

 

 

 

 

Easy VPN Server

Mobile Worker with Cisco

 

 

 

 

 

 

VPN Client Enabled on Laptop

Cisco 7301 Series

Application Example

RADIUS/AAA

CISCO

SUBSCRIBERATM 10000IP NETWORK

SERIES

DSLAM

IP

 

IP

 

 

 

PPPoA or PPPoEoA

ATM

RADIUS/AAA

 

 

RADIUS/AAA

 

 

 

 

CISCO

SUBSCRIBERATM 10000IP NETWORK

SERIES

DSLAM

LIIS

IP/PPP

IP

PPP oA or PPPoEoA

L2TP

 

ATM

Key Application Service Providers

When To Deploy

With its combination of scalable performance, compact architecture, high density, and low price per port, the Cisco 7301 is ideally suited for a variety of key applications within both the service provider and enterprise markets..

Broadband aggregation: PTA/LAC or LNS/TS (Tunnel Switching) aggregation router capable of handling up to 8000 subscribers with per sessions features enabled and up to 16,000 simultaneous sessions with basic non-CPU intensive features and allowing for a pay-as-you- grow “rack and stack” architecture..

Managed services: High-end customer premises equipment (CPE) or Multiprotocol Label Switching-customer edge (MPLS-CE) devices in managed L2 and L3 VPN solutions due to its high-performance, feature-rich support with both Gigabit Ethernet LAN connectivity and WAN port adapter connectivity

Mesh Wireless and Public Wireless LAN Solutions: With Intelligent Service Gateway the Cisco 7301 is ideal platform for these wireless solutions.. ISG offers dynamic subscriber awareness, authentication, authorization, accounting, billing, and a customized portal

High-availability design: 100 percent redundancy via 2 CPEs configured for Hot Standby Router Protocol (HSRP) or Layer 3 load balancing

Cost-effective BGP Route Reflector: Ideally suited as a low cost route reflector with its ability to hold one million routes with its

1 GB of memory

70

71

Page 37
Image 37
Cisco Systems 870, 850 manual Key Application Service Providers When To Deploy, Internet VPN Tunnels Cisco Router Enabled