Configuring Subscriber-End Broadband Access Router Features

Subscriber-End Broadband Access Router Data Operations

This feature set allows the Cisco uBR900 series cable access router great flexibility in administering IP addresses for the PCs and other CPE devices it is connecting to the cable network. The DHCP functionality allows intelligent use of the IP addresses that allow customer premises computers and other equipment to connect to the Internet. The NAT/PAT functionality allows you to use private IP addresses on the local network, while still maintaining connectivity to the Internet.

Small Office Feature Set

In addition to full DOCSIS 1.0 support and all of the functionality of the Easy IP feature set, the Small Office feature set supports the Cisco IOS firewall feature set which provides a wide range of security features for Cisco uBR900 series cable access routers. Using the firewall feature set, Cisco uBR900 series cable access routers act as buffers between private enterprise networks and the Internet and other connected public networks.

In firewall mode, the Cisco uBR900 series cable access router provides a high-speed Internet connection for an office local network while protecting the computers on the office network from common attacks such as denial of service attacks and destructive Java applets. Real-time alerts of attempted attacks are also given.

The Small Office feature set can be extended with support for IPSec encryption to ensure that the traffic passed over the Internet cannot be intercepted. You can select either standard 56-bit IPSec Network Security encryption or high-security 168-bit Triple Data Encryption Standard (DES) encryption.

Telecommuter Feature Set

In addition to full DOCSIS 1.0 support and all of the functionality of the Easy IP feature set, the Telecommuter feature set supports IPSec encryption and the Layer 2 Tunneling Protocol (L2TP), which can establish secure high-speed Internet connections between employee homes and the office local network.

IPSec is an IP security feature that provides robust authentications and encryption of IP packets for the secure transmission of sensitive information over unprotected networks such as the Internet. You can select either standard 56-bit IPSec Network Security encryption or high-security 168-bit Triple DES encryption.

L2TP is an extension of PPP that allows computers on different physical networks to interoperate as if they were on the same LAN. These features are important components for VPNs.

Note The Telecommuter feature set does not require the firewall feature set because the individual telecommuter has a secure connection to the office network. The office network, however, should implement a firewall for its own connection to the Internet.

Subscriber-End Broadband Access Router Data Operations

Figure 110 illustrates a typical broadband data cable system. Data transmitted to a Cisco uBR900 series cable access router from the service provider CMTS shares a 27 or 26 Mbps, 6 MHz data channel in the 88 to 860 MHz range. The Cisco uBR900 series cable access router shares an upstream data rate of up to 10 Mbps on a 200 kHz-wide to 3.2 MHz-wide channel in the 5 to 42 MHz range.

Cisco IOS Multiservice Applications Configuration Guide

MC-610

Page 3 Page 5
Page 4
Image 4
Cisco Systems MC-607 manual Small Office Feature Set, Telecommuter Feature Set, MC-610
Page 3 Page 5
Top Page Image Contents