Cisco 850 Series Manual page 27

Cisco 2800 Series
Benefits and Advantages
continued
processes to provide greater IPsec throughput
with less overhead for the router CPU, when
compared with software-based solutions . With
the optional integration of VPN modules (for
enhanced performance and tunnel count), intrusion
prevention modules or NAC network modules for
network admission control, combined with the
rich Cisco IOS Software security feature set that
includes firewall, intrusion prevention, voice and
video-enabled VPN (V3PN), Group Encrypted
Transport (GET) VPN and Dynamic Multipoint VPN
(DMVPN), Cisco offers the industry's most robust
and adaptable security solution for branch-office
routers .
IP Telephony
The Cisco 2800 Series allows network managers
to provide scalable analog and digital telephony
without investing in a one-time solution, giving
enterprises greater control of their converged
telephony needs . Using voice and fax modules,
the Cisco 2800 Series can be deployed for
applications ranging from voice over IP (VoIP)
and voice over Frame Relay (VoFR) transport
Security Features
IPsec VPN
• Advanced Encryption Standard (AES) 128, 192,
and 256; Triple Data Encryption Standard (3DES);
and DES cryptology support
• Embedded hardware-based VPN acceleration on
the motherboard
• Cisco Easy VPN remote; Cisco Easy VPN server
• Dynamic Multipoint VPN (DMVPN)
• Group Encrypted Transport (GETVPN)
• Virtual Tunnel Interfaces (VTI)
• VPN QoS—Preclassification support
Multiprotocol Label Switching (MPLS) VPN Support
• Limited provider edge capabilities
• Virtual Routing and Forwarding (VRF) firewall
and VRF IPsec
Cisco IOS IPS
• Inline ability to drop packet, reset connection,
locally shun, or send an alarm; dynamically
load and enable selected attack signatures in
the same manner as Cisco IPS Appliances .
For broader signature support and higher
performance, look at optional IPS AIM module
for ISR .
48
to robust, centralized solutions using the Cisco
Survivable Remote Site Telephony (SRST) solution
or distributed call processing using Cisco
CallManager Express (CCME) . The architecture is
highly scalable with the ability to support up to 96
IP phones, 12 T1/E1s trunks, 52 foreign-exchange-
station (FXS) ports, or 36 foreign-exchange-office
(FXO) ports concurrent with data routing and other
services .
Video Surveillance
The Cisco ® Integrated Video Surveillance solution
enables you to rapidly deploy highly distributed,
IP-enabled video surveillance at your offices while
migrating traditional analog surveillance equipment
to IP . The solution based on Cisco 2800 and 3800
Series ISR offers the lowest total cost of ownership
(TCO) for the branch office, ease of integration
through network transparency, reliable data
interoperability, and maximized overall security .
It allows you to consolidate costly branch-office
servers and deploy new applications centrally while
still offering real-time access to physical security
video and data .
IOS WebVPN (SSL VPN)
• Secure remote access for mobile users
without installing PC client software
• Integrated into the router— no separate
appliance required
• Cisco 2801 supports up to 75 users, Cisco
2811 and 2821 support up to 100 users, and
Cisco 2851 supports up to 150 users with AIM-
VPN/SSL-2
• Requires IOS WebVPN feature license
FL-WEBVPN-10 or FL-WEBVPN-25 (purchase
multiple quantities to add up to the desired
number of users)
• Requires an IOS security feature set (IOS
security feature set is included in all secure
router bundles)
Cisco IOS Firewall
• Feature rich, stateful firewall
• Per-user authentication and authorization
• Real-time alerts
• Transparent firewall
• IPv6 firewall
• VRF-aware firewall
Security Features
continued
• Advanced Application Inspection and Control
– HTTP inspection engine
– E-mail inspection engines (SMTP, ESMTP,
IMAP, POP)
Network Foundation Protection
• Control Plane Policing (CPP)
• AutoSecure
• CPU/Memory Threshold
• Secure Shell (SSH)
• Access Control List (ACL)
• Command-Line Interface (CLI)
• Committed Access Rate (CAR)
URL Filtering
• Onboard with an optional content-engine
network module
• Local URL filtering in Cisco IOS software based
on external server
Onboard USB 1.1 port
• 1 or 2 onboard USB 1 . 1 ports
• Secure token and Flash memory support
Series Features Overview
Features Details
Multiprotocol Label Switching (MPLS) Specific Provider Edge (PE) capabilities
VPN Support
Intrusion Prevention System (IPS) More than 1600 IPS signatures supported in Cisco IOS Software,
with the ability to load and enable selected IPS signatures
Optional high-performance IPS Network Module with more than
2000 signatures
URL Filtering Onboard filtering with an optional content engine network module
Local URL filtering in Cisco IOS Software based on external server
Cisco Router and Security Device Comes standard on all Cisco 2800 Series routers
Manager (SDM), version 2.0 and Above
Media Authentication and Encryption Standards-based authentication and encryption using secure RTP
provides a secure environment for IP Communications
Advanced Encryption Standard (AES) 256-bit cryptography support
IP Telephony Features
Optional integrated power supply with inline power, 802 . 3 af support
IP Phone Support
Up to 360W of inline power (Note: requires power supply upgrade)
Analog Voice Support One EVM on the Cisco 2821 and Cisco 2851
Up to 52 FXS and 36 FXO ports
Cisco 2800 Series
Security Solutions
• Network Admission Control (NAC)
• Voice and Video Enabled IPsec VPN (V3PN)
Optional Security Modules
• Intrusion Prevention System (AIM-VPN-K9)
• VPN and Encryption Advanced Integration
Modules (AIM-VPN/SSL-2)
• Network Admission Control Network Module
(NME-NAC-K9)
Cisco Router and Security Device Manager (SDM)
• Ships by default
Certifications
• ICSA IPsec
• ICSA Firewall
• Common Criteria IPsec (EAL4) (in process)
• Common Criteria Firewall (EAL4+) (in process)
• FIPS 140-2, Level 2 (in process)
49