Cisco Systems UBR924 DOCSIS-Compliant Bridging, DOCSIS Baseline Privacy Interface, Dynamic Host Configuration Protocol Server

1-6

CiscouBR924 Software Configuration Guide

OL-0337-05 (8/2002)

Chapter1 Overview

CiscoIOS Software Release Feature Sets

•Dynamic port mapping to allow network applications with well-known port assignments to use

customized port numbers. This can be done on a host-by-host basis or for an entire subnet, providin g

a large degree of control over which users can access different applications.

•Intrusion Detection System (IDS) that recognizes the signatures of 59 common attack profiles.

When an intrusion is detected, IDS can perform a number of actions: send an alarm to a syslog server

or to NetRanger Director, drop the packet, or reset the TCP connec tion.

•Java blocking to protect against destructive Java applets. Applets can be allowed from only known

and trusted sources or blocked completely.

•Real time and configurable alerts and audit trail capabilities to record and timestamp source and

destination hosts.

•Support for a broad range of commonly used protocols, including H.323 and NetMeeting, FTP,

HTTP, MS Netshow, RPC, SMTP, SQL*Net, and TFTP.

•User-configurable audit rules, real-time alerts, and audit-trail logs.

This feature is introduced in CiscoIOS Release 12.0(5)T and is enhanced with additional capabilities in

12.0(7)T.

Note For general information about these features, see the description of the CiscoIOS Firewall Feature Set

in the Cisco Product Catalog. For detailed information, see the Cisco IOS Firewall Feature Set

documentation set, as well as the sections on Traffic Filtering and Firewalls in the Security Configuration

Guide and Security Command Reference (available on the Documentation CD-ROM and CCO).

DOCSIS-Compliant Bridging

DOCSIS-compliant bridging allows the Cisco uBR924 cable access router to operate as a DOCSIS 1.0

cable modem, so that it can interoperate with any DOCSIS-qualified CMTS. This is the default mode of

operation for the Cisco uBR924 router.

This feature is introduced in Cisco IOS Software Release 12.0(4)X I1.

DOCSIS Baseline Privacy Interface

The DOCSIS Baseline Privacy Interface (BPI) feature is based on the DOCSIS BPI Specification

(SP-BPI-I02-990319 or later revision). It provides data privacy across the Hybrid Fiber-Coaxial (HFC)

network by encrypting traffic flows between the Cisco uBR924 router and the cable operator’s CMTS.

This feature is introduced in Cisco IOS Software Release 12.0(5)T.

Dynamic Host Configuration Protocol Server

The DHCP server on the CiscouBR924 router includes both Intelligent DHCP Relay and DHCP Client

functionality. A DHCP Relay Agent is any host that forwards DHCP packets between clients and

servers—this enables the client and server to reside on separate subnets. If the Cisco IOS DHCP server

cannot satisfy a DHCP request from its own database, it can forward the DHCP request to one or more

secondary DHCP servers defined by the network administrator.

This feature is introduced in CiscoIOS Release 12.0(4)XI.