Cisco 2811 Router Guide - Page 29

Cisco 1800 Series (Cisco 1841 Router Modular) Benefits and Advantages continued intuitive, Web-based device manager that offers easy router configuration and monitoring, startup wizards for quick deployment and lock-down, smart wizards to help enable security and routing features, Cisco Technical Assistance Center (TAC)-approved router configurations, and subjectrelated educational content. Integrated Services By providing integrated services, as well as great modular density and high performance, the Cisco 1841 router provides security, versatility, scalability, and flexibility for multiple applications to the small- to-medium-sized business, small enterprise branch office, and the service provider customer edge. The Cisco 1841 router easily accommodates several network applications, such as secure branch-office data access (including NAC for antivirus defense), VPN access and firewall protection, business-class DSL, IPS support, inter-VLAN routing, and serial device concentration. The Cisco 1841 router provides customers with the industry's most flexible, secure, and adaptable infrastructure to meet both today's and tomorrow's business requirements for maximum investment protection. Security Features IPsec VPN • Advanced Encryption Standard (AES) 128, 192, and 256; Triple Data Encryption Standard (3DES); and DES cryptology support • Embedded hardware-based VPN acceleration on the motherboard • Cisco Easy VPN remote • Cisco Easy VPN server • Dynamic Multipoint VPN (DMVPN) • Virtual Tunnel Interfaces (VTI) • 802.1x • VPN QoS-Preclassification support • Support for up to 800 IPsec tunnels using the AIM-VPN/SSL-1 Multiprotocol Label Switching (MPLS) VPN Support • Support for VRF-lite and VRF aware IPsec Cisco IOS IPS • Inline ability to drop packet, reset connection, locally shun, or send an alarm • Dynamically load and enable selected attack signatures in the same manner as Cisco IPS Appliances Cisco IOS Firewall • Feature rich, stateful firewall • Per-user authentication and authorization • Real-time alerts • Transparent firewall • IPv6 firewall • VRF-aware firewall • Advanced Application Inspection and Control - HTTP inspection engine - E-mail inspection engines (SMTP, ESMTP, IMAP, POP) IOS WebVPN (SSL VPN) • Secure remote access for mobile users without installing PC client software • Integrated into the router-no separate appliance required • Cisco 1841 supports up to 25 users 54 Cisco 1800 Series (Cisco 1841 Router Modular) Security Features continued • Requires IOS WebVPN feature license FL-WEBVPN-10 or FL-WEBVPN-25 • Requires an IOS security feature set (IOS security feature set is included in all secure router bundles) Network Foundation Protection • Control Plane Policing (CPP) • AutoSecure • Secure Shell (SSH) • Access Control List (ACL) • Command-Line Interface (CLI) • Committed Access Rate (CAR) URL Filtering • Local URL filtering in Cisco IOS software based on external server Onboard USB 1.1 Port • Single onboard USB 1.1 port • Secure token and Flash memory support Security Solutions • Network Admission Control (NAC) Optional Security Modules • VPN and Encryption Advanced Integration Modules (AIM-VPN/SSL-1) Cisco Router and Security Device Manager (SDM) • Ships by default Certifications • ICSA IPsec • ICSA Firewall • Common Criteria IPsec (EAL4) (in process) • Common Criteria Firewall (EAL4+) (in process) • FIPS 140-2, Level 2 (in process) Security Example Corporate Headquarters Cisco 7200 V (VoIP-enabled) PSTN SS7 IMT PRI Large Branch Office V Cisco 3800 (VoIP-enabled) Small Branch Office SP IP VPN Core Branch Office Cisco 1841 Cisco 2800 Branch office Network Admission Control (NAC) helps ensure that every endpoint complies with network security policies before being granted access, protecting the network from viruses and worms. 55