System Description
1-8 Overview
Bandwidth optimization (BoD) & Dial on Demand (DoD)
Bandwidth Allocation Protocol (BAP)
Security: PAP/CHAP
Call monitoring
Multilink PPP (MLPPP)
Per call activation for NTT switches
Frame Relay over ISDN
Quality of Service (QoS)
Traffic classification using IP Precedence and DiffServ Code Point (DSCP) bits, and multiple-
field (L3, L4 and other headers) inspection. Match-any and match-all options also define a class-
map.
Priority Queuing or Class-based Weight Fair Queueing (CBWFQ) to specify the policy-map
Random and Weighted Early Detection (RED/WRED) and Tail Drop congestion avoidance
QoS over VPN
QoS on Input
Virtual Private Network (VPN)
Site-to-Site application
• 200 tunnels with standard 64-Mbyte DIMM
• IPSec/IKE with pre-shared secrets
• IPSec/IKE with Certificates (PKI)
• EZ-IPsec with PKI or pre-shared secrets:
• Network Extension Mode (NEM)
• Client mode
Remote Access application
• 200 tunnels with standard 64-Mbyte DIMM installed
• L2TP/IPSec protocols
Certificate and PKI environment
MS-ChapV2, EAP user authentication:
Username/Password (local database & RADIUS)
SecurID (third-party plug-in)
Certificates (embedded/smart cards) – Microsoft only
PPTP protocol
MS-ChapV2, EAP user authentication
Local Database & RADIUS
SecurID (third-party plug-in)