Free Essay

Yeszcxzxxvzxcvxzc

In: English and Literature

Submitted By Stunnedd
Words 32978
Pages 132
Cisco Router Guide
For teleworkers, small offices, small to medium-sized businesses, and enterprise branch and head offices

Cisco Integrated Services Routers: Cisco 860, 880, 890, 1800 (fixed), 1800 (modular), 1900, 2800, 2900, 3800, 3900 Series; Cisco Aggregation Routers: Cisco 7200, 7301, 7304, ASR 1000, 7600, Catalyst 6500 Series
Summer 2010 V.6

Cisco Router Guide
For Medium-sized Businesses, Enterprise Branches, Head Offices, and the Service Provider Edge
This is your guide to Cisco® Services Aggregation Routers and Cisco Integrated Services Routers, the broadest and most versatile portfolio of products for enabling the deployment of multiple advanced services. Cisco is the worldwide leader in networking systems for organizations of all sizes, offering solutions that fully support enterprise-wide deployment of networked business applications. A foundation of the Intelligent Information Network, Cisco routers provide high availability, comprehensive security, integrated wireless, ease of management, and advanced Quality of Service (QoS) for today’s most demanding network services, including IP communications, video, customer relationship management, financial transactions, and other real-time applications. This guide shows how Cisco Services Aggregation Routers and Cisco Integrated Services Routers enable you to meet your current and future needs with modular designs, allowing incremental migration as your business and network requirements change. In this guide, you can see for yourself how Cisco delivers benefits beyond basic data access, providing services such as voice, security, and wireless as part of an integrated routing system that maximizes productivity and investment protection.

Cisco Router Guide
Series Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Product Transition Matrix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Compatibility Quick Looks
Cisco Interface Card Compatibility Quick Look . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Cisco Advanced Integration Module Compatibility Quick Look . . . . . . . . . . . 205

Integrated Services Routers
Cisco 860 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Cisco 880 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Cisco 890 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Cisco 1800 Series (Fixed-Configuration) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 Cisco 1800 Series (Cisco 1841 Router Modular). . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Cisco 1800 Series (Cisco 1861 Router Modular). . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 Cisco 1900 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Cisco 2800 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 Cisco 2900 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Cisco 3800 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 Cisco 3900 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Cisco Port Adapter Compatibility Quick Look . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 Cisco Shared Port Adapter Compatibility Quick Look . . . . . . . . . . . . . . . . . . . . . 213 Cisco USB Flash Memory Compatibility Quick Look. . . . . . . . . . . . . . . . . . . . . . . 217

Aggregation Routers
Cisco 7200 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Cisco 7301 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 Cisco 7304 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 Cisco ASR 1000 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 Cisco 7600 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 Cisco Catalyst 6500 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Series Overview
For Small- to Medium-sized Businesses, Enterprise Branches, Head Offices, and the Service Provider Edge

Cisco offers the industry’s broadest and most versatile portfolio of secure, high-performance Integrated Services Routers, enabling the deployment of a wide array of services to the farthest reaches of an organization, from the home office to the small office to the large enterprise branch and head office.

Cisco 860 Series
Small Offices • Concurrent broadband services for small offices, and remote sites • Secure connectivity with Stateful Inspection Firewall and IP Security (IPsec) VPN support for small offices • Security features including: - Stateful Inspection Firewall - IP Security (IPsec) VPNs (Triple Data Encryption Standard [3DES] or Advanced Encryption Standard [AES]) • 4-port 10/100 Fast Ethernet managed switch with VLAN support • CON/AUX Port for console or external modem • Secure 802.11g/n access point option based on IEEE802.11n draft 2.0 standard • Easy setup, deployment, and remote management capabilities through Web-based tools and Cisco IOS® Software

Cisco 880 Series
Small Offices and Teleworker Deployments • High performance for broadband access in small offices and small branch-office and teleworker sites • Collaborative services with secure analog, digital voice, and data communication • Business continuity and WAN diversity with redundant WAN links: Fast Ethernet, G.SHDSL, ADSL2/2+, VDSL2, 3G, and ISDN • Four-port 10/100 Fast Ethernet managed switch with VLAN support; two ports support Power over Ethernet (PoE) for powering IP phones or external access points • Secure 802.11g/n access-point option based on draft 802.11n standard with support for autonomous or Cisco Unified WLAN architectures

Cisco 890 Series
Enterprise Small Branch • High performance for secure broadband and Metro Ethernet access with concurrent services for enterprise small branch offices • Business continuity and WAN diversity with redundant WAN links: Fast Ethernet, V.92, and ISDN Basic Rate Interface (BRI) • Integrated secure 802.11a/g/n access point (optional) based on the draft 802.11n standard; dual-band radios for mobility and support for autonomous or Cisco Unified WLAN architectures • Enhanced security including: - Firewall with advance application and control for email, instant messaging (IM), and HTTP traffic - Site-to-site remote-access and dynamic VPN services: IP Security (IPsec) VPNs (Triple Data Encryption Standard [3DES] or Advanced Encryption Standard [AES]), Dynamic Multipoint VPN [DMVPN], Group Encrypted Transport VPN [GET VPN] with onboard acceleration, and Secure Sockets Layer [SSL] VPN - Intrusion prevention system (IPS): An inline, deep-packet-inspection feature that mitigates a wide range of network attacks - Content filtering: A subscriptionbased integrated security solution that offers categorybased reputation rating, keyword blocking, and protection against adware, malware, spyware, and URL blocking • An 8-port 10/100 Fast Ethernet managed switch with VLAN support and 4-port support for Power over Ethernet (PoE) (optional) to power IP phones or external access points • Metro Ethernet features include: - One 1000 BASE-T Gigabit Ethernet WAN port - One 10/100 BASE-T Fast Ethernet WAN port - Intelligent hierarchical quality of service (HQoS): Supports hierarchical queuing and shaping - Connectivity Fault Management (CFM), based on 802.1ag - 802.3ah standard based Link operational administration and maintenance (OAM) - Ethernet Local Management Interface (E-LMI) for the Customer Edge - CFM Interworking and backwards compatibility - Performance Management based on IP service-level agreement (SLA) for Ethernet • Dedicated console and auxiliary ports for configuration and management • Two USB 2.0 ports for security eToken credentials, booting, and loading configuration from USB • Easy setup, deployment, and centralized and remotemanagement capabilities through web-based tools and Cisco IOS® Software

• CON/AUX port for console or • Survivable Remote Site Telephony (SRST) voice continuity for enterprise external modem small branch-office and teleworker • One USB 1.1 port for security sites eToken credentials, booting from USB, and loading configuration • Enhanced security, including: - Firewall with advance application and control for email, Instant Messaging (IM), and HTTP traffic - Site-to-site remote-access and dynamic VPN services: IP Security (IPsec) VPNs (Triple Data Encryption Standard [3DES] or Advanced Encryption Standard [AES]), Dynamic Multipoint VPN (DMVPN), Group Encrypted Transport VPN with onboard acceleration, and Secure Sockets Layer (SSL) VPN - Intrusion prevention system (IPS): An inline, deep-packet inspection feature that effectively mitigates a wide range of network attacks - Content filtering: A subscriptionbased integrated security solution that offers categorybased reputation rating; keyword blocking; and protection against adware, malware, spyware, and URL blocking • Easy setup, deployment, and remote-management capabilities through web-based tools and Cisco IOS® Software

4

5

Series Overview (continued)

Extend services from the WAN to the campus edge with the industry’s most extensive WAN and MAN aggregation platform portfolio, which includes the Cisco 7200, 7301, 7304, and 7600 Series Routers and the Cisco Catalyst 6500 Series Switches, each providing a comprehensive set of highly secure, concurrent, and integrated services for enterprise customers.

Cisco 1800 Series (Fixed-configuration)
Small Offices and Small Enterprise Branch Offices • Secure, concurrent services for broadband access with WAN high availability • Manageability and reliability of Cisco IOS Software Business-class Security • Stateful firewall with URL filtering • VPN 3DES encryption and Advanced Encryption Standard (AES) encryption • Dynamic Multipoint VPN (DMVPN) • Intrusion Prevention System (IPS) Fixed Configuration • Secure broadband access at broadband performance • Integrated ISDN Basic Rate S/T Interface (BRI), analog modem, or Ethernet backup port for redundant WAN links and load balancing • Secure wireless LAN option for simultaneous 802.11a and 802.11b/g with use of multiple antennas • 8-port 10/100 managed switch with 802.1q VLAN support and optional Power over Ethernet (PoE)

Cisco 1800 Series (Modular)
Small- to Medium-sized Businesses and Small Enterprise Branch Offices • Wire-speed performance with secure data services enabled at up to T1/E1/xDSL rates • Increased services density for secure data services • Support for next-generation High-speed WAN Interface Cards • Increased flexibility through support of internal AIM slot for high-speed VPN and future applications • Built-in dual Fast Ethernet ports • Support for over 30 existing and new modules Secure Networking • Hardware-based VPN acceleration on motherboard • Antivirus defense • Intrusion Prevention System (IPS) Support

Cisco 1900 Series Integrated Services Routers
Small Offices and Small Enterprise Branch Offices • Embedded hardware-accelerated VPN encryption • Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy VPN • Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management that uses authentication, authorization, and accounting (AAA), and public key infrastructure • 2 Integrated 10/100/1000 Ethernet ports • 2 enhanced High-Speed WAN Interface Card slots that can host 2 single wide or 1 double wide and 1 single wide (e)HWIC • Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE

Cisco 2800 Series
Small-to Medium-sized Businesses and Enterprise Branch Offices • Wire-speed performance up to multiple T1/E1/xDSL rates • Increased services density for security, voice, caching, video, network analysis, and L2 switching • Support for enhanced interfaces (NME, HWIC, EVM, and PVDM2) • Built-in dual Fast Ethernet or Gigabit Ethernet ports • Support for over 90 existing and new modules • Optional support for integrated Power over Ethernet (PoE) • 2 integrated 10/100/1000 Ethernet ports • 2 enhanced High-Speed WAN Interface Card slots that can host 2 single wide or 1 double wide and 1 single wide (e)HWIC • 1 Internal Services Module slot • Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE

Cisco 2900 Series Integrated Services Router
Small- to Medium-sized and Enterprise Branch Offices • Circuit-speed WAN performance up to 75 Mbps with services • 1-2 RU modular form factor • 3 onboard digital signal processor (DSP) slots • 1 internal service module slot for application services • Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE

Cisco 3800 Series
Medium-sized to Large Businesses and Enterprise Branch Offices • Wire-speed performance with services enabled at up to T3/E3 rates • Increased services density for security, voice, caching, video, network analysis, and L2 switching • Support for enhanced interfaces (NME, HWIC, EVM, and PVDM2) • Built-in dual Gigabit Ethernet ports • Support for over 90 existing and new modules • Single small form pluggable Gigabit Ethernet port • High availability and resiliency through online insertion and removal support, as well as redundant systems and optional inline power

Secure Networking
• Onboard hardware acceleration for VPN encryption • Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy VPN • Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management using authentication, authorization, and accounting (AAA), and public key infrastructure

Secure Networking
• Hardware-based VPN acceleration on motherboard • Antivirus defense through Network Admission Control Intrusion Prevention System (IPS) IP

Secure Networking
• Hardware-based VPN acceleration on motherboard • Antivirus Defense • Intrusion Prevention System (IPS)

Communications and IP Telephony Support
• IP Communications Express (CCME/SRST/CUE) • Enhanced Modularity (EVM and PVDM2 support) Integrated Switching • Up to 112 powered 10/100 switch ports • 802.3af Power over Ethernet compliance

Voice
• High-density packet voice DSP module, optimized for voice and video support • Standards-certified VoiceXML browser services • Voicemail support • Cisco Communications Manager Express and Survivable Remote Site Telephony

IP Communications and IP Telephony Support
• IP Communications Express (CCME/SRST/CUE) • Enhanced Modularity (EVM and PVDM2 support) Integrated Switching • Up to 64 powered 10/100 switch ports • 802.3af Power over Ethernet compliance

6

7

Series Overview (continued)

Extend services from the WAN to the campus edge with the industry’s most extensive WAN and MAN aggregation platform portfolio, which includes the Cisco 7200, 7301, 7304, and 7600 Series Routers and the Cisco Catalyst 6500 Series Switches, each providing a comprehensive set of highly secure, concurrent, and integrated services for enterprise customers.

Cisco 3900 Series Integrated Services Routers
Medium-sized to Large Businesses and Enterprise Branch Offices • Field-upgradeable motherboard, circuit-speed WAN performance up to 350 Mbps with services • 3 RU modular form factor • 4 Enhanced High-Speed WAN Interface Card slots • Fully integrated power distribution to modules supporting 802.3af Power over Ethernet

Cisco 7200 Series
Enterprise Head Offices and Service Provider Edge

Cisco 7301 Series
Enterprise Head Office and Service Provider Environments.

Cisco 7304 Series
Enterprise Head Office Environments • High-performance connectivity up to OC-48 speeds • Built-in GbE for high-performance LAN connectivity • Hardware-accelerated services with Parallel Express Forwarding • Optional redundant processor and power supplies for high availability in a single box solution • Multiprotocol support

Cisco 7600 Series
Enterprise Head Offices High-end CPE Small Service Provider POP Environments • Ideal for Enterprise WAN aggregation or service provider environments Business-class Security VPN • Supports Services modules such as IPsec, firewall, SSL VPN • Intrusion Prevention System (IPS) Modularity • Chassis supports up to 4-, 6-, 9-, and 13-slot chassis for redundant supervisors and line cards • Supervisor engines supporting up to 15 Mpps with broad range of edge services • Support for Shared Port Adapter (SPA) and SPA Interface Processors (SIP), which offers intelligent services. Supports up to 12 SPA bays • Support for the Enhanced FlexWAN module, which offers Port Adapter investment protection

Application Versatility
• Managed Network Services, WAN Aggregation, MPLS, VPN, broadband aggregation, QoS, and multiservice Business-class MPLS VPN and encrypted VPN • Stateful inspection firewall • VPNs: software and hardware encryption, Cisco Easy VPN, Dynamic Multipoint VPN (DMVPN and Group Encrypted Transport VPN (GETVPN) • Service-level validation features • Intrusion Prevention System (IPS)

• Increased slot capacity utilizing I/O slot for modules with port adapter jacket card • Cisco 7201 offers a very compact form factor (1 RU) with up to 2 Mpps routing performance and 4 built-in Gigabit Ethernet ports

Application Versatility
• Application Versatility Managed Network Services, MPLS VPN, broadband aggregation, IP-to-IP Gateway, Mesh Wireless and Public Wireless LAN Solutions, BGP Route Reflector, Large-branch-office router, Enterprise High Speed Internet Gateway, and Secure Internet gateway

Secure Networking
• Embedded hardware-accelerated VPN encryption for secure connectivity • Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management using authentication, authorization, and accounting (AAA) and public key infrastructure

Business-class Security VPN
• Stateful inspection firewall • VPNs: software and hardware encryption, Cisco Easy VPN • Group Encrypted Transport VPN (GETVPN) • Service-level validation features • Intrusion Prevention System (IPS) Multiservice data/voice • Analog and digital voice • Survivable Remote Site Telephony (SRST)

Business-class Security VPN
• Hardware-accelerated Access Control Lists • Stateful inspection firewall

Multiservice Data/Voice
• Analog and digital voice • Survivable Remote Site Telephony (SRST) • Multiservice interchange (MIX)-enabled backplane for service integration Modularity • Supports over 70 interfaces, providing a comprehensive range of connectivity options from FE to GbE, and DS0 through OC-3/STM-1 • Shared Interfaces with Cisco 7201, 7301, 7304, 7500, and 7600 routers provides ease of management and investment protection • Built-in FE/GbE ports on the NPE-G1 and NPE-G2 processors for high-performance LAN connectivity • Upgradable processors, including NPE-G2 with up to 2 Mpps routing performance • High-performing, hardware-based encryption support of up to 600 Mbps with the C7200-VSA security module • Comprehensive management services through Cisco Element Manager Framework (CEMF)

Modularity
• More than 20 network line cards • Chassis supports up to 4 line cards or port adapters • Built in GbE ports on processor • Support for Cisco port adapters • Manageability and reliability of Cisco IOS Software

Unified Communications
• High-density-packet voice DSP module, optimized for voice and video support • Standards-certified VoiceXML browser services • Cisco Unified Border Element capabilities for up to 1000 sessions • Cisco Unity Express voicemail support • Support for Cisco Communications Manager Express and Survivable Remote Site Telephony

Modularity
• Compact, power-efficient 1 RU form factor with single port adapter slot • Supports over 70 interfaces, providing a comprehensive range of connectivity options from FE to GbE, and DS0 through OC-3/STM-1 • Shared Interfaces with Cisco 7304, 7500, and 7600 series routers providing ease of management and investment protection • Three onboard Gigabit Ethernet (copper or optical) or Fast Ethernet ports with Pluggable Gigabit Ethernet optics (Small Form-Factor Pluggable [SFP] optics) support • Front-to-back airflow and singlesided management • High-performing, hardware based encryption support with new SA-VAM2+ security module • Comprehensive management services through Cisco Element Manager Framework (CEMF)

8

9

Series Overview (continued)

Notes

Cisco ASR 1000 Series
Cisco ASR 1000 Series Routers transform and future-proof the network edge for service providers and enterprises by offering industry-leading performance, service capabilities, reliability, and efficiencies in a compact form factor. • For service providers, the Cisco ASR 1000 Series Routers enable more flexible, efficient, and cost-effective delivery of complex “any play” consumer and business services. • For enterprises, the Cisco ASR 1000 Series Router transforms the WAN edge into a primary gateway for businesses where information, communication, collaboration, and commerce converge. The Cisco ASR 1000 Series consists of four different versions, all powered by the Cisco QuantumFlow Processor (QFP): • ASR 1002 Fixed Router • ASR 1002 Router • ASR 1004 Router • ASR 1006 Router The Cisco QFP provides a leap in performance and resiliency for route processors. The architecture and performance levels achieved by the Cisco QFP allows applications such as IPsec processing firewall, Cisco Unified Border Element (CUBE) (formerly referred to as Session Border Controller (SB/C)), and others to run natively on the ASR 1000 Series without the need for additional service blades or appliances. The Cisco QFP also provides highly advanced QoS architecture. The Cisco ASR 1000 Series provides carrier-class reliability and high-availability through a distributed architecture that separates the data plan from control plane functions. The ASR 1006 Router can be configured with redundant Route Processors (RP) and Embedded Services Processors (ESP) to provide hardware redundancy within the system. Systems with a single RP and ESP (ASR 1002-F, ASR 1002 and ASR 1004 Routers) can run dual instances of IOS within the Linux-based IOS XE operating system for software based redundancy. Network interfaces on the Cisco ASR 1000 Series are provided by Cisco Shared Port Adaptors (SPAs). These are the same SPAs that are used on all other Cisco platforms. The use of SPAs on the platform gives the customer great flexibility with interface choices and reduced OPEX by not having to spare different components to support the platform. The WebEx Node SPA, a doubleheight SPA, supported currently only on the ASR1002, ASR1004, and ASR1006 chassis, maximizes bandwidth efficiency and user experience for WebEx users in the Enterprise.

Cisco Catalyst ® 6500 Series
Optimized for secure, converged voice, video, and data networks, the Catalyst 6500 offers industry-leading scalability (32 Gbps to 720 Gbps), operational control, and investment protection to meet the needs of head-end enterprises service aggregation, Internet access, data center interconnectivity, and service providers’ POP.

Integrated Security
• Support of integrated multi-gigabit security Services Modules offering intrusion detection and prevention, firewall, scalable IPsec VPN solutions, and Secure Sockets Layer (SSL)

Modularity and Flexibility
• Modular 3-, 4-, 6-, 9-, and 13-slot chassis with support of redundant supervisors and LAN/WAN line cards • Application intelligence support with PISA technology ensures application performance (NBAR) and security (FPM) in the LAN/WAN network

• Supports WAN interfaces from DS0 to OC-192, 10/100/1000/10GbE with the flexibility of the Shared Port Adapter (SPA) and SPA Interface Processor (SIP) • Support of the Enhanced FlexWAN module for investment protection

Manageability
• Subsystem ISSUs with IOS modularity; integrated TDR; Encapsulated Remote Span (ERSPAN); Embedded Event Manager (EEM); Network Analysis Module (NAM); CiscoWorks; CNA

Scalable Performance
• Up to 400 Mpps with a distributed forwarding architecture

Operational Consistency
• Addresses WAN applications and LAN/Core/Distribution/Data Center needs, reducing spares expense and enabling operational efficiencies

Validated Solutions
• LAN/ Distribution/Core/WAN/ DC applications are tested in Safe Harbor for end-to-end proven solutions

10

11

Notes

Product Transition Matrix
Cisco 850 and 860 Product Comparison
Cisco 851, 857 Form Factor DRAM (default) DRAM (maximum) Flash (default) Flash (maximum) Integrated LAN Switch Integrated Hardware-based Encryption Out of Band Management Wireless LAN Option Fast Ethernet WAN ADSL2/2+ Desktop 64 MB 64 MB 20 MB 20 MB 4-port Switch Yes External Modem Integrated 802.11b/g 1 Port (851) Cisco 861, 867 Desktop 256 MB 256 MB 128 MB 128 MB 4-port Switch Yes External Modem Integrated 802.11b/g/n 1 Port (861) 1 Port (867)

Cisco 870 and 880 Product Comparison
Cisco 871, 876, 877, 878 Form Factor DRAM (default) DRAM (maximum) Flash (default) Flash (maximum) Integrated LAN Switch Integrated Hardware-based Encryption Backup Interface Desktop 128 MB 256 MB 24 MB 52 MB 4-port Switch Yes External Modem (871, 877) ISDN S/T BRI (876, 878) (Out of Band Management only on 878) Integrated 802.11b/g 1 Port (871) 877 877 Cisco 881, 886, 887, 887V, 888, 888E Desktop 256 MB or 512 MB (SRST Models) 768 MB 128 MB or 256 MB (SRST Models) 128 MB or 256 MB (SRST Models) 4-port Managed Switch Yes ISDN S/T BRI (886, 887, 887V 888, 888E) 3G (all 3G Models) Integrated 802.11b/g/n 1 Port (881) 887 886

Wireless LAN Option Fast Ethernet WAN ADSL/ADSL2+ over POTS ADSL/ADSL2+ over ISDN

12

13

Product Transition Matrix

Product Transition Matrix

Transition Matrix continued
Cisco 870 and 880 Product Comparison (continued)
Cisco 871, 876, 877, 878 G.SHDSL (ATM Mode) G.SHDSL (EFM Mode) VDSL2 FXS FXO Voice BRI USB Ports for Security Tokens Power over Ethernet Support 878 No No No No No 2 Ports (871) Optional Cisco 881, 886, 887, 887V, 888, 888E 888 888E 887V 4 Port (SRST Models) 1 Port (881SRST) 1 Port (888SRST) 1 Port Optional

Transition Matrix continued
Cisco 1721/1841 Product Comparison
Cisco 1721 Form Factor Chassis Type DRAM (default) DRAM (maximum) Flash (default) Flash (maximum) AC Power Supply Onboard AIM Slot Support for High Speed WICs (HWICs) LAN Ports Desktop Plastic 64 MB 128 MB 32 MB 32 MB External 0 No 1 10/100 Optional No 1 1 Cisco 1841 Desktop (1 RU) Metal 128 MB 384 MB 32 MB Up to 128 MB Internal 1 Yes 2 10/100 Yes 1 1 1

Cisco Fixed FE WAN 1800/890 Product Comparison
Cisco 1811, 1812 Form Factor Rack/Wall Mountable DRAM (default) DRAM (maximum) Flash (default) Flash (maximum) Integrated LAN Switch Fast Ethernet WAN Gigabit Ethernet WAN Back-up WAN Wireless Option USB Ports (v 2.0) Integrated Power over Ethernet Support Real Time Clock Desktop Yes 128 MB 384 MB 32 MB 128 MB 8-port Switch 2 Ports No v.92 Modem (1811)/ ISDN S/T BRI (1812 Integrated 802.11a/b/g 2 Ports Optional Yes Cisco 891, 892 Desktop Yes 512 MB 512 MB 256 MB 256 MB 8-port Switch 1 Port 1 Port v.92 Modem (891)/ ISDN S/T BRI (892) Integrated 802.11a/b/g/n 2 Ports Optional Yes

Integrated Hardware-based Encryption USB Ports (v1.1) Console Port (Up to 115.2 Kbps) Auxiliary Port (Up to 115.2 Kbps)

Cisco 1751/1760, 2600, and 2800 Product Comparison
Cisco 1751, 1760 Form Factor DRAM (default) DRAM (maximum) Flash (default) Flash (maximum) Onboard DSP Slot Onboard AIM Slot Support for High Speed WICs (HWICs) LAN Ports Integrated Hardware-based Encryption Integrated Inline Power/ PoE Support USB Ports Console Port (Up to 115.2 Kbps) Auxiliary Port (Up to 115.2 Kbps) Desktop and 19” Rack-mount 128 MB 128 MB (1751) 160 MB (1760) 32 MB 64 MB (1760) 2 0 No 1 10/100 Optional No No 1 1 Cisco 2600 19” Rack-mount (Up to 2 RU) 256 MB 256 MB Up to 32 MB Up to 128 MB 0 1 No Up to 2 10/100 Optional No No 1 1 Cisco 2800 19” and 23” Rack-mount Options 256 MB 1 GB 64 MB Up to 256 MB Up to 3 2 Yes 2 10/100 or 10/100/1000 Yes Yes Yes, up to 2 1 1

14

15

Product Transition Matrix

Transition Matrix continued

Notes

Cisco 3700/3800 Product Comparison
Cisco 3700 Form Factor DRAM (default) DRAM (maximum) Flash (default) Flash (maximum) Onboard DSP Slot Onboard AIM Slot Support for High Speed WICs (HWICs) or Enhanced Network Modules LAN Ports Integrated Hardware-based Encryption Integrated Inline Power/PoE Support USB Ports (v1.1) Console Port (Up to 115.2 Kbps) Auxiliary Port (Up to 115.2 Kbps) 19” and 23” Rack-mount (2 and 4 RU) 256 MB Up to 512 MB (3745) 32 MB 128 MB 0 2 No 2 10/100 Optional Yes (No PoE) No 1 1 Cisco 3800 19” and 23” Rack-mount (2 and 4 RU) 256 MB Up to 1 GB 64 MB Up to 256 MB Up to 4 2 Yes 2 10/100/1000 Yes Yes Yes, 2 1 1

16

17

Notes

Cisco 860 Series

The Cisco® 860 Series Integrated Services Routers combine Internet access, security, and wireless services onto a single, secure device that is simple to use and manage for small businesses. Cisco 860 Series delivers features, including firewall, IPsec VPNs, and WLANs, at broadband speeds to small offices. Easy deployment and centralized management features enable the Cisco 860 Series to be deployed by service providers in small businesses. Benefits and Advantages

Integrated Services
Cisco 860 Series Integrated Services Routers are fixed-configuration routers that provide business solutions for secure voice and data communication to small businesses. The Cisco 860 Series offer secure broadband services over Fast Ethernet and ADSL2/2+ WAN links. 802.11n offers LAN mobility and increased productivity. Cisco 860 Series provide the performance required for concurrent services, including firewall, and encryption for VPNs; optional 802.11g/n for mobility; and quality of service (QoS) features for multiple applications. In addition, the Cisco Configuration Professional (CCP) is a Web-based configuration tool that simplifies setup and deployment. Centralized management capabilities give network managers visibility and control of the network configurations at the remote site.

Remote Management
Cisco 860 Series routers are ideally suited for small office and remote office deployments. Out-of-band management with an external modem through the auxiliary port allows IT managers to remotely manage routers at small office sites to quickly troubleshoot any network issues. Optional integrated secure WLAN connectivity simplifies the number of devices that need to be managed at the remote site. Cisco CCP helps resellers and customers to quickly and easily deploy, configure, and monitor a Cisco access router without knowledge of the Cisco IOS Software CommandLine Interface (CLI).

Easy Setup and Deployment
The Cisco Configuration Professional (CCP) Web-based configuration tool simplifies setup and deployment, and centralized management capabilities give network managers visibility and control of router configurations at the remote site. Cisco Configuration Express Service supports factory-loaded configurations in high-volume deployments. Support for the Cisco Configuration Engine enables plug-and-play installations with centralized configuration management. 18 19

Cisco 860 Series

Cisco 860 Series

Security Features
Cisco 860 Security Features • Secure Connectivity IPsec VPN • Hardware-accelerated DES, 3DES, AES128, AES192, AES256 • Public Key Infrastructure (PKI) support • 5 IPsec Tunnels • Cisco Easy VPN Client and Server • NAT transparency Zone-based Policy Firewall • Stateful Inspection Routing Firewall • Stateful Inspection Transparent Firewall • Advanced Application Inspection and Control • Secure HTTP (HTTPS), FTP, and Telnet Authentication Proxy

Network Example

WLAN Features
WLAN Hardware • IEEE 802.11n draft 2.0 standard based access point with 802.11 b/g compatibility • Automatic rate selection for 802.11g/n • Captive omnidirectional 2dBi gain omni dipole antennas • 2x3 MIMO radio operation • WiFi 802.11n Draft v2.0 certified WLAN Software Features • Autonomous Access Point • WCS support for autonomous configurations • Maximize throughput or maximize range option • Software-configurable transmit power • Radio roles include access point, root bridge, non-root bridge, and workgroup bridge • Wireless Multi Media Certification (WMM) • TSPEC Call Admission Control to ensure voice quality is maintained • Unscheduled Automatic Power Save Delivery (UPSD) to reduce latency WLAN Security Features • 802.11i • WiFi Protected Access (WPA) & AES (WPA2) • EAP Authentication: Cisco LEAP, PEAP, EAP-TLS, EAP-FAST, EAP-SIM, EAP-MD5, EAP-TTLS • Static and dynamic Wired Equivalent Privacy (WEP) • Temporal Key Integrity Protocol (TKIP)/SSN [Temporal Key Integrity Protocol/Simple Security Network encryption • MAC authentication/filter • User database for survivable local authentication using LEAP & EAP-FAST • Configurable limit to the number of wireless clients • Configurable RADIUS accounting for wireless clients • PSK (Pre Shared Keys) (WPA-SOHO)

When to Deploy
Deploy the Cisco 860 Series when you need: • Secure connectivity with stateful inspection firewall and IP Security (IPsec) VPN support for small offices • 4-port 10/100 switch • Secure WLAN 802.11b/g/n option with fixed captive omnidirectional 2dBi gain omni dipole antennas • Easy setup, deployment, and remote management capabilities through Web-based tools and Cisco IOS Software

Series Distinctions
Cisco 860 Series
WAN Technologies LAN Switch Security WLAN Option • Cisco 861 – 100 MB Ethernet • Cisco 867 – ADSL over analog telephone lines 4-port 10/100Base-T switch with autosensing MDI/MDX (Media Device In/Media Device Crossover) for auto-crossover Stateful firewall, IPsec, and VPNs 802.11b/g with fixed captive omnidirectional 2dBi gain dipole antennas

20

21

Cisco 860 Series

Cisco 860 Series

Platform Overview
Models Cisco 861 Cisco 861W Cisco 867 Cisco 867W WAN Interface 10/100 Mbps Fast Ethernet 10/100 Mbps Fast Ethernet ADSL ADSL LAN Interface 4-port 10/100 Mbps Managed Switch 4-port 10/100 Mbps Managed Switch 4-port 10/100 Mbps Managed Switch 4-port 10/100 Mbps Managed Switch 802.11b/g No Yes No Yes

Series Specifications
Flash Memory System DRAM Memory External Power Supply Console Port 802.11b/g WLANs LEDs Auxiliary Port Nonwireless Models: 12.8 x 9.8 x 1.9 in. (325 x 249 x 48 mm) (includes rubber feet) 12.8 x 9.8 x 1.75 in. (325 x 249 x 44 mm) (without rubber feet) Wireless Models: 12.8 x 10.4 x 1.9 in. (325 x 264 x 48 mm) (includes rubber feet) 12.8 x 10.4 x 1.75 in. (325 x 264 x 44 mm) (without rubber feet; excluding antennas) 128 MB 256 MB Universal 100–240 VAC RJ-45 Optional on both models PPP, VPN, ADSL, WLAN, LAN Virtual AUX port

Physical Specifications
Dimensions (H x W x D)

Ordering Information
Product Name Cisco 861 Product Number CISCO861-K9 CISCO861W-GN-A-K9 CISCO861W-GN-E-K9 CISCO861W-GN-P-K9 Cisco 867 CISCO867-K9 CISCO867W-GN-A-K9 Product Description Cisco 861 Ethernet Security Router Cisco 861 Ethernet Security Router with 802.11n FCC Compliant Cisco 861 Ethernet Security Router with 802.11n ETSI Compliant Cisco 861 Ethernet Security Router with 802.11n Japan Compliant Cisco 867 ADSL2/2+ Annex A Router Cisco 867 ADSL2/2+ Annex A Router with 802.11n FCC Compliant Cisco 867 ADSL2/2+ Annex A Router with 802.11n ETSI Compliant

Weight

5.5 lb (2.5 kg) maximum

Power Dissipations
AC Input Voltage Frequency Maximum Output Power Output Voltages 100–240 VAC 50–60 Hz 60W 12V DC

Environmental Specifications
Operating Temperature Non-operating Temperature Relative Humidity (non-condensing) Operating Altitude 32 to 104°F (0 to 40°C) -4 to 149°F (-20 to 65°C) 5 to 95% 0 to 10,000 ft. (0 to 3000m)

CISCO867W-GN-E-K9

Note: For Cisco 860 Series wireless router part numbers, the following letters are associated with specifications meeting wireless regulations in the respective regions: A = FCC Compliant, E = ETSI Compliant, P = Japan Compliant.

Regulatory Compliance
Approvals and Compliance • IEC 60950-1:2005, Second Edition, with all country deviations • AS/NZS 60950-1:2003, First Edition • CAN/CSA 22.2 No. 60950-1-05, Second Edition • UL 60950-1, Second Edition, 2005 • EN55024 • Industry Canada CS-03’ • TIA-968-A, Addendum 1, 2, 3, 4, 5 • EMI • VCCI Class II • IEC 1000-3-2 • California Energy Commission (CEC) Compliant • Australia and New Zealand: • Australia AS/ACIF S031: 2001 • Australia AS/ACIF S043.1: 2003 • Australia AS/ACIF S043.2: 2006 • New Zealand PTC220: 2003

22

23

Notes

Cisco 880 Series
Cisco 880 Series Integrated Services Routers are fixed-configuration routers that provide collaborative business solutions for secure voice and data communication to small businesses and enterprise teleworkers. They offer concurrent broadband services over third-generation (3G), Metro Ethernet, and multiple DSL technologies to provide business continuity. Wireless 802.11n and 3G offer LAN and WAN mobility. The routers provide the performance required for concurrent services, including firewall, intrusion prevention, content filtering, and encryption for VPNs; optional 802.11g/n for mobility; and quality-of-service (QoS) features for optimizing voice and video applications. In addition, the web-based Cisco Configuration Professional configuration tool simplifies setup and deployment. Centralized management capabilities give network managers visibility and control of the network configurations at the remote site. Benefits and Advantages

Increased Performance to Run Concurrent Services
Cisco 880 Series Router performance allows customers to take advantage of broadband network speeds while running secure, concurrent data, voice, video, and wireless services.

4-port 10/100 Mbps Managed Switch
• The Cisco 880 Series allows for connection of multiple devices in a small office, with the ability to designate a port as the network edge. • An optional external PoE adapter powers IP phones and external access points to avoid individual power supplies or power injectors. • VLANs allow for secure segmentation of network resources.

Advanced Security
• An integrated stateful and application inspection firewall provides network perimeter security. • High-speed IPsec 3DES and AES encryption offers data privacy over the Internet. • Intrusion prevention enforces security policy in a larger enterprise or service provider network. • Content filtering offers category-based URL classification and blocking, thus providing increased productivity and better use of company resources.

Optional 802.11g/n Access Point
• This broadband router offers a secure integrated access point in a single device. • This integrated WiFi access point offers IEEE 802.11n draft 2.0 standard support for mobile access to high-bandwidth data, voice, and video applications through the use of multiple-input, multiple-output (MIMO) technology that provides increased throughput, reliability, and predictability. • The Cisco 880 Series supports both autonomous and unified modes.

Redundant WAN Links
Redundant WAN links provide business continuity and WAN diversity with multiple WAN links: Fast Ethernet, ADSL2/2+, VDSL2, G.SHDSL, 3G, and ISDN. 24

25

Cisco 880 Series

Cisco 880 Series

Benefits and Advantages continued

Security Features continued

Cisco SDM and Cisco IOS Software for Remote Management
Using smart wizards and task-based tutorials, Cisco Security Device Manager (SDM) helps resellers and customers quickly and easily deploy, configure, and monitor a Cisco access router without requiring knowledge of the Cisco IOS Software Command-Line Interface (CLI). Dial backup and out-of-band management allow IT managers to remotely manage the router at small office and teleworker sites. Cisco Configuration Express Service supports factory-loaded configurations in high-volume deployments. Support for the Cisco Configuration Engine enables plug-and-play installations with centralized configuration management.

Cisco Configuration Professional
Cisco Configuration Professional uses smart wizards and task-based tutorials, which resellers and customers can use to quickly and easily deploy, configure, and monitor a Cisco access router without requiring knowledge of the Cisco IOS Software command-line interface (CLI).

Content Filtering • Subscription-based content filtering with Trend Micro • Support for Websense and Smartfilter • Cisco IOS Software black and white lists

Integrated Threat Control • IPS • Control Plane Policing • Flexible Packet Matching •Network foundation protection

Unified Wireless Management
• Configuration and management of access points is automated and simplified without manual intervention. • A unified hybrid remote-edge access point (HREAP) provides the following: - WLAN services to remote and branch offices without deploying a wireless LAN controller at each location. - Central configuration and control of unified WLAN services for remote offices through a WAN link. - Flexibility in setting up wireless access at remote locations by specifying how traffic is to be bridged or tunneled.

WLAN Features
WLAN Hardware • IEEE 802.11n draft 2.0 standards-based access point with 802.11 b/g compatibility • Automatic rate selection for 802.11g/n • Captive omnidirectional 2-dBi gain dipole antennas • 2 x 3 MIMO radio operation • Removable antennas on Cisco 881W models • WiFi 802.11n Draft v2.0 certified WLAN Software Features • Autonomous or unified access point • Cisco WCS support for monitoring of autonomous-mode access points • Option to maximize throughput or maximize range • Software-configurable transmit power • Radio roles, including access point, root bridge, nonroot bridge, and workgroup bridge • WiFi Multimedia (WMM) certification • Traffic specifications (TSPEC) Call Admission Control (CAC) to ensure voice quality is maintained • Unscheduled Automatic Power Save Delivery (UPSD) to reduce latency WLAN Security Features • Standard 802.11i • WPA and AES (WPA2) • EAP authentication: Cisco LEAP, PEAP, Extensible Authentication Protocol Transport Layer Security (EAP TLS), Extensible Authentication ProtocolFlexible Authentication via Secure Tunneling (EAP-FAST), Extensible Authentication ProtocolSubscriber Information Module (EAP-SIM), Extensible Authentication Protocol-Message Digest Algorithm 5 (EAP-MD5), and Extensible Authentication Protocol-Tunneled TLS (EAP-TTLS) • Static and dynamic Wired Equivalent Privacy (WEP) • Temporal Key Integrity Protocol/Simple Security Network (TKIP/SSN) encryption • MAC authentication and filter • User database for survivable local authentication using LEAP and EAP-FAST • Configurable limit to the number of wireless clients • Configurable RADIUS accounting for wireless clients • Pre-Shared Keys (PSKs) (WPA-small office or home office [WPA-SOHO]) Features on Cisco 880 SRST Series • SRST 7.0 and later • Up to 4 voice channels • H.323 Versions 1, 2, 3, and 4, Media Gateway Control Protocol (MGCP) 0.1 and 1.0, Skinny Client Control Protocol (SCCP), and SIP call-control protocols • G.711, G.729, G.729a/b, G.723.1, G.726, and G.728 • Cisco Unified Communications Manager support for analog and digital ports with Releases 6.1(3), 7.0(2), and 7.1(3) • FXS loop-start and ground-start signaling • FXO • Inbound signaling (such as dual-tone multifrequency [DTMF] and multifrequency support) • BRI QSIG • Echo cancellation • Silence suppression and voice activity detection (VAD) • Comfort-noise generation • Caller ID support • Dial-plan mapping • Fax and modem pass-through • Fax Relay • T.37 and T.38 fax protocols

SRST (supported on SRST models)
SRST provides business continuity for voice when the WAN link fails by switching calls to the PSTN.

Security Features
Cisco 880 Security Connectivity • Secure Sockets Layer (SSL) VPN for secure remote access • Hardware-accelerated DES, 3DES, AES 128, AES 192, and AES 256 • Public-key-infrastructure (PKI) support • 20 IPsec tunnels • Cisco Easy VPN Client and Server • NAT transparency • DMVPN • Tunnel-less Group Encrypted Transport VPN (GETVPN) • IPsec stateful failover • VRF-aware IPsec • IPsec over IPv6 • Adaptive control technology • Session Initiation Protocol (SIP) application layer gateway Zone-based Policy Firewall • Stateful inspection transparent firewall • Advanced application inspection and control • HTTPS, FTP, and Telnet authentication proxy • Dynamic and static port security • Firewall stateful failover • VRF-aware firewall • Cisco Easy VPN Client and Server • IPsec 3DES termination/initiation • IPsec pass-through • Point-to-Point Tunneling Protocol (PPTP) pass-through • L2TP pass-through • 802.1X • Secure HTTP (HTTPS), FTP, and Telnet authentication proxies • Dynamic Multipoint VPN (DMVPN), SSL VPN, and Group Encrypted Transport (GET VPN)

26

27

Cisco 880 Series

Cisco 880 Series

Network Example

Series Distinctions
Cisco 880 Series WAN Technologies • Cisco 881 – 100 MB Ethernet • Cisco 886 – ADSL over ISDN (ADSL2/ADSL2+) • Cisco 887 – ADSL over analog telephone lines (ADSL2/ADSL2+) • Cisco 887V – VDSL2 over analog telephone lines • Cisco 888 – G.SHDSL (2- and 4-wire support) Managed 4-port 10/100Base-T switch with autosensing MDI/MDX (Media Device In/Media Device Crossover) for auto-crossover Cisco 881G, 886G, 887G, 887VG, 888G – 3G Wireless WAN Cisco 886, 887, 887V, 888 – ISDN BRI Cisco 881SRST, 888SRST Cisco 881W, 886W, 887W, 887VW, 888W

LAN Switch Backup Interfaces Unified Communications 802.11g/n

Platform Overview
Models Cisco 881 Cisco 886 WAN Interface 10/100-Mbps Fast Ethernet ADSL2/2+ over ISDN (Annex B) ADSL2/2+ over POTS (Annex A) VDSL2 over POTS G.SHDSL (ATM) G.SHDSL (EFM) LAN Interfaces 4-port 10/100-Mbps managed switch 4-port 10/100-Mbps managed switch 4-port 10/100-Mbps managed switch 4-port 10/100-Mbps managed switch 4-port 10/100-Mbps managed switch 4-port 10/100-Mbps managed switch 802.11b/g Option Yes (Cisco 881W) Yes (Cisco 886W) Yes (Cisco 887W) Yes (Cisco 887V) Yes (Cisco 888W) Yes (Cisco 888W) Integrated 3G Yes (Cisco 881G) Yes (Cisco 886G) Yes (Cisco 887G) Yes (Cisco 887VG) Yes (Cisco 888G) No Yes Yes Yes Yes Yes Integrated ISDN Dial Backup

When to Deploy
Deploy the Cisco 880 Series when you need the following in a small remote office, or teleworker and small business sites: • Secure, concurrent services for broadband connection • High-speed VPN solution • Advanced security with firewall, VPNs, IPS, DMVPNs, Easy VPNs, GETVPNs • Integrated 802.11b/g/n WLAN, in autonomous or Unified Wireless modes • Four-port 10/100 managed switch • WAN diversity with ADSL2/2+, G.SHDSL, VDSL2, FE WAN • WAN redundancy with 3G, or ISDN interfaces • Unified communications

Cisco 887 Cisco 887V Cisco 888 Cisco 888E

Models Cisco 881 SRST

WAN Interface 10/100-Mbps Fast Ethernet

LAN Interfaces 4-port 10/100 Mbps managed switch

Voice Ports 4 foreign-exchangestation (FXS) ports and 1 foreign-exchangeoffice (FXO) port for public-switchedtelephone-network (PSTN) fallback 4 FXS ports and 1 Basic Rate Interface (BRI) port for PSTN fallback

802.11g/n Option Yes (Cisco 881 SRSTW)

Cisco 888 SRST

G.SHDSL

4-port 10/100-Mbps managed switch

Yes (Cisco 888 SRSTW)

28

29

Cisco 880 Series

Cisco 880 Series

Platform Overview continued
Physical Specifications
Dimensions (H x W x D) Nonwireless Models: 1.9 x 12.8 x 9.8 in. (48 x 325 x 249 mm) (includes rubber feet) 1.75 x 12.8 x 9.8 in. (44 x 325 x 249 mm) (without rubber feet) Wireless Models: 1.9 x 12.8 x 10.4 in. (48 x 325 x 264 mm) (includes rubber feet) 1.75 x 12.8 x 10.4 in. (44 x 325 x 264 mm) (without rubber feet; excludes antennas) Weight 5.5 lbs. (2.5 kg) maximum

Series Specifications
Flash Memory System DRAM Memory 128 MB on Cisco 880 Series data models 256 MB on Cisco 880 Series SRST models 256 MB on Cisco 880 Series data models 512 MB on Cisco 880 Series SRST models Expandable to 768 MB Universal 100 to 240 VAC input; 60W, 12 VDC output RJ-45 Optional on all models • HSPA, UMTS, and GSM (CISCO881G-G-K9 and CISCO881G-A-K9) • 850, 1900, and 2100 MHz UMTS bands • 850 MHz GSM, GPRS, and EDGE band • 900 MHz GSM, GPRS, and EDGE band • 1800 MHz GSM, GPRS, and EDGE band • 1900 MHz GSM, GPRS, and EDGE band • EVDO Rev A/ EVDO/1xRTT (CDMA) (CISCO881G-S-K9 and CISCO8801G-V-K9) • 800 MHz: North American cellular band • 1900 MHz: North American PCS band PPP, VPN, DSL, WLAN, LAN 1 USB 1.1 port cannot be used for connecting external devices than specified for the Cisco 880 series Optional Two-port 802.3af and Cisco compliant PoE

External Power Supply Console Port 802.11b/g WLANs 3G Specifications

Power Dissipations
AC Input Voltage Frequency Maximum Output Power Output Voltages 100–240 VAC 50–60 Hz 60W 12V DC

Environmental Specifications
Operating Temperature Non-operating Temperature Relative Humidity (non-condensing) Operating Altitude 32 to 104°F (0 to 40°C) -4 to 149°F (-20 to 65°C) 5 to 95% 0 to 10,000 ft. (0 to 3000 m) LEDs USB 1.1Ports for Advanced Security Features Such as Security Tokens Power over Ethernet

Regulatory Compliance
Approvals and Compliance Emissions: • 47 CFR Part 15: 2006 • CISPR22: 2005 • EN300386: V1.3.3: 2005 • EN55022: 2006 • EN61000-3-2: 2000 [Inc amd 1 and 2] • EN61000-3-3: 1995 [+ amd 1: 2001] • ICES-003 Issue 4: 2004 • KN 22: 2005 • VCCI: V-3/2006.04 Immunity: • CISPR24: 1997 [+ amd 1 and 2] • EN300386: V1.3.3 : 2005 • EN50082-1: 1992 • EN50082-1: 1997 • EN55024: 1998 [+ amd 1 and 2] • EN61000-6-1: 2001 The following are supported on teleworker models: • AS/NRZ 3548: 1992 Class B • CFR 47 Part 15 Class B • EN60555-2 Class B • EN55022 Class B • ICES-003, Issue 2, Class B, April 1997S

High-Availability Features
• Virtual Router Redundancy Protocol (VRRP) (RFC 2338) • Hot Standby Router Protocol (HSRP) • Multigroup HSRP (MHSRP) • Dial backup with external modem through virtual auxiliary port • Dial backup with ISDN S/T port (DSL models only) • 3G backup (3G models only)

30

31

Cisco 880 Series

880 Series

Ordering Information
Product Name Cisco 881 Product Number CISCO881-K9 CISCO881-SEC-K9 CISCO881W-GN-A-K9 CISCO881W-GN-E-K9 CISCO881W-GN-P-K9 CISCO881G-K9 CISCO881GW-GN-A-K9 CISCO881GW-GN-E-K9 C881SRST-K9 C881SRSTW-GN-A-K9 Product Description Cisco 881 Ethernet Security Router Cisco 881 Ethernet Security Router with Advanced IP Services Cisco 881 Ethernet Security Router with 802.11n FCC Compliant Cisco 881 Ethernet Security Router with 802.11n ETSI Compliant Cisco 881 Ethernet Security Router with 802.11n Japan Compliant Cisco 881 Ethernet Security Router with 3G Cisco 881 Ethernet Security Router with 3G, 802.11n FCC Compliant Cisco 881 Ethernet Security Router with 3G, 802.11n ETSI Compliant Cisco 881 SRST Ethernet Security Router with FXS, FXO CCisco 881 SRST Ethernet Security Router with FXS, FXO; 802.11n FCC Compliant Cisco 881 SRST Ethernet Security Router with FXS, FXO; 802.11n ETSI Compliant Cisco 881G Ethernet Security Router with 3G Sprint Cisco 881G Ethernet Security Router with 3G Verizon Cisco 881G Ethernet Security Router with 3G GSM North America Cisco 886 ADSL2/2+ Annex B Router Cisco 886 ADSL2/2+ Annex B Security Router with Advanced IP Services Cisco 886 ADSL2/2+ Annex B Router with 802.11n ETSI Compliant Cisco 886 ADSL2/2+ Annex B Router with 3G Cisco 886 ADSL2/2+ Annex B Router with 3G, 802.11n ETSI Compliant Cisco 887 ADSL2/2+ Annex A Router Cisco 887 ADSL2/2+ Annex A Security Router with Advanced IP Services Cisco 887 ADSL2/2+ Annex A Router with 802.11n FCC Compliant

Ordering Information continued Series Features Overview
Product Name Cisco 887 Product Number CISCO887W-GN-E-K9 CISCO887M-K9 CISCO887MW-GN-E-K9 CISCO887G-K9 CISCO881G-K9 CISCO881GW-GN-A-K9 CISCO881GW-GN-E-K9 C881SRST-K9 C881SRSTW-GN-A-K9 CISCO887GW-GN-E-K9 CISCO887V-K9 CISCO887V-SEC-K9 Product Description Cisco 887 ADSL2/2+ Annex A Router with 802.11n ETSI Compliant Cisco 887 ADSL2/2+ Annex M Router Cisco 887 ADSL2/2+ Annex M Router with 802.11n ETSI Compliant Cisco 887 ADSL2/2+ Annex A Router with 3G Cisco 881 Ethernet Security Router with 3G Cisco 881 Ethernet Security Router with 3G, 802.11n FCC Compliant Cisco 881 Ethernet Security Router with 3G, 802.11n ETSI Compliant Cisco 881 SRST Ethernet Security Router with FXS, FXO Cisco 887 ADSL2/2+ Annex A Router with 3G, 802.11n FCC Compliant Cisco 887 ADSL2/2+ Annex A Router with 3G, 802.11n ETSI Compliant Cisco 887 VDSL2 over POTS Router Cisco 887 VDSL2 over POTS Security Router with Advanced IP Services Cisco 887V VDSL2 Router with 802.11n FCC Compliant Cisco 887V VDSL2 Router with 802.11n ETSI Compliant Cisco 887V VDSL2 Router with 3G Cisco 887V VDSL2 Router with 3G, 802.11n FCC Compliant Cisco 887V VDSL2 Router with 3G, 802.11n ETSI Compliant Cisco 888 G.SHDSL Router Cisco 888 G.SHDSL Security Router with Adv IP Services Cisco 888 G.SHDSL Router with 802.11n FCC Compliant Cisco 888 G.SHDSL Router with 802.11n ETSI Compliant Cisco 888 SRST Ethernet Security Router with FXS, FXO; 802.11n ETSI Compliant Cisco 888 SRST G.SHDSL Router with FXS, BRI Cisco 888 SRST G.SHDSL Router with FXS, BRI; 802.11n FCC Compliant Cisco 888 SRST G.SHDSL Router with FXS, BRI; 802.11n ETSI Compliant

C881SRSTW-GN-E-K9

Cisco 881G

CISCO881G-S-K9 CISCO881G-V-K9 CISCO881G-A-K9

Cisco 887V

CISCO887VW-GNA-K9 CISCO887VW-GNE-K9 CISCO887VG-K9 CISCO887VGW-GNA-K9 CISCO887VGW-GNE-K9

Cisco 886

CISCO886-K9 CISCO886-SEC-K9 CISCO886W-GN-E-K9 CISCO886G-K9 CISCO886GW-GN-E-K9

Cisco 888

CISCO888-K9 CISCO888-SEC-K9 CISCO888W-GN-A-K9 CISCO888W-GN-E-K9 C888SRST-K9 C888SRST-K9 C888SRSTW-GN-A-K9 C888SRSTW-GN-E-K9

Cisco 887

CISCO887-K9 CISCO887-SEC-K9 CISCO887W-GN-A-K9

32

33

Cisco 880 Series

Cisco 880 Series

Ordering Information continued
Product Name Cisco 888E Product Number CISCO888E-K9 CISCO888E-SEC-K9 Product Description Cisco 888E G.SHDSL Router with 802.3ah EFM Support Cisco 888E G.SHDSL Security Router with Advanced IP Services and 802.3ah EFM Support Cisco 888E G.SHDSL Router with 802.11n FCC Compliant and 802.3ah EFM Support Cisco 888E G.SHDSL Router with 802.11n ETSI Compliant and 802.3ah EFM Support Cisco 888E G.SHDSL Router with 3G Cisco 888E G.SHDSL Router with 3G, 802.11n FCC Compliant Cisco 888E G.SHDSL Router with 3G, 802.11n ETSI Compliant

Ordering Information continued
Part Number 800-IL-PM=2 MEM8XX-256U512D MEM8XX-256U768D MEM8XX-512U768D PCEX-3G-CDMA-V PCEX-3G-CDMA-S PCEX-3G-CDMA PCEX-3G-HSPA-A PCEX-3G-HSPA S880DUDK9* S880VUDK9* SL-880-ADSEC (default) SL-880-AIS (upgrade option) Software License for Cisco 880 SRST SL-SRST880-AIS (included by default) SL-CNFIL-88x-1Y SL-CNFIL-8xx-TRI FL-WEBVPN-10-K9 C880data-universalk9-mz C880voice-universalk9-mz ap801-k9w7-tar ap801-rcvk9w8-tar Cisco 880 Advanced IP Services Image Feature License One year subscription to Content Filtering for Cisco 881/888-URL/Phishing 30 day free trial license for 88x series Feature License SSL VPN for Up to 10 Users (incremental) Universal Image for Cisco 880 ISR Data Router Series Universal Image for Cisco 880 SRST Router Series Autonomous Software Image for ap801 LWAPP Recovery Image for ap801 Product Description 2 port 802.3af Capable Inline Power Module for 880 Routers 256-MB DRAM upgrade to 512 MB for Cisco 880 Series Routers MEM8XX256U768D 512-MB DRAM Upgrade to 768 MB for Cisco 880 Series Routers 512-MB DRAM Upgrade to 768 MB for Cisco 880 Series Routers Cisco 3G EVDO Modem-Verizon Network Cisco 3G EVDO Modem-Sprint Network Cisco 3G EVDO Modem Cisco HSPA Modem-North America Cisco 3G HSPA Modem Cisco 880 Series IOS Universal Data Cisco 880 Series IOS Universal Voice Cisco 880 Advanced Security Image Feature License Cisco 880 Advanced IP Services Image Feature License

CISCO888EW-GN-A-

CISCO888EW-GN-E-K9

CISCO888G-K9 CISCO888GW-G-NA-K9 CISCO888GW-G-NE-K9

34

35

Notes

Cisco 890 Series

Cisco 890 Series Integrated Services Routers are fixed-configuration routers that provide collaborative business solutions for secure voice and data communications to enterprise small branch offices. They are designed to deliver secure broadband, Metro Ethernet, wireless LAN (WLAN) connectivity, and business continuity. The routers also come with powerful management tools, such as the web-based Cisco Configuration Professional configuration management tool, which simplifies setup and deployment. Centralized management capabilities give network managers visibility and control of the network configurations at the remote site. Benefits and Advantages

Increased Performance for Concurrent Services
Router performance allows customers to take advantage of broadband network speeds while running secure, concurrent data, voice, video, and wireless services.

Optional Dual-radio/Dual-band IEEE 802.11n Access Point
• The Cisco 890 Series offers a secure, integrated access point in a single device. It supports both autonomous and unified modes. It is backwardcompatible with 802.11a/b/g. • The router supports IEEE 802.11n draft 2.0 and uses multiple-input, multiple-output (MIMO) technology that provides increased throughput, reliability, and predictability.

Integrated Gigabit and Fast Ethernet WAN Ports
Integrated ports offer flexibility in Ethernet WAN access, and the additional capability to deploy redundant WAN connections for failover protections and load balancing.

Enhanced Security
• An integrated stateful and application inspection firewall provides network perimeter security. • High-speed IPsec 3DES and AES encryption offers data privacy over the Internet. • Intrusion prevention enforces security policy in a larger enterprise or service provider network. • Content filtering offers category-based URL classification and blocking, thus providing increased productivity and better use of company resources.

Integrated 8-port 10/100 BASE-T Managed Switch
Fully managed LAN switch ports connect multiple LAN devices and reduce the need for an additional LAN switch.

Integrated WAN Backup
ISDN BRI S/T (Cisco 892) or analog modem (Cisco 891) port provides high availability by establishing a backup WAN connection if the primary connection fails. 36

37

Cisco 890 Series

Cisco 890 Series

Benefits and Advantages continued

WLAN Features

Unified Wireless Management
• Configuration and management of access points is automated and simplified without manual intervention. • A unified hybrid remote-edge access point (HREAP) provides the following: - WLAN services to remote and branch offices without deploying a wireless LAN controller at each location - Central configuration and control of unified WLAN services for remote offices through a WAN link - Flexibility in setting up wireless access at remote locations by specifying how traffic is to be bridged or tunneled

Cisco Configuration Professional
Cisco Configuration Professional uses smart wizards and task-based tutorials, which reseller and customers can use to quickly and easily deploy, configure, and monitor a Cisco access router without requiring knowledge of the Cisco IOS Software CLI.

WLAN Hardware • IEEE 802.11n draft v2.0 standards-based access point with 802.11 a/g compatibility • Automatic rate selection for 802.11a/g/n • Noncaptive RPTNC omnidirectional dipole antennae; 2 dBi gain @ 2.4 GHz, 5 dBi gain @ 5GHz • 2x3 MIMO radio operation • WiFi 802.11n Draft v2.0 certified WLAN Software Features • Autonomous or unified access point • Cisco WCS support for monitoring of autonomous-mode access points • Option to maximize throughput or maximize range • Software-configurable transmit power • Radio roles, including access point, root bridge, nonroot bridge, and workgroup bridge

Metro Ethernet Features • One 1000 BASE-T Gigabit Ethernet WAN port • One 10/100 BASE-T Fast Ethernet WAN port • Intelligent hierarchical quality of service (HQoS): Supports hierarchical queuing and shaping • Connectivity Fault Management (CFM), based on 802.1ag • 802.3ah standard based Link operational administration and maintenance (OAM) • Ethernet Local Management Interface (E-LMI) for the Customer Edge • CFM Interworking and backwards compatibility • Performance Management based on IP servicelevel agreement (SLA) for Ethernet

Security Features
Cisco 890 Security Connectivity • Secure Sockets Layer (SSL) VPN for secure remote access • Hardware-accelerated DES, 3DES, AES 128, AES 192, and AES 256 • Public-key-infrastructure (PKI) support • 20 IPsec tunnels • Cisco Easy VPN Client and Server • NAT transparency • DMVPN • Tunnel-less Group Encrypted Transport VPN (GETVPN) • IPsec stateful failover • VRF-aware IPsec • IPsec over IPv6 • Adaptive control technology • Session Initiation Protocol (SIP) application layer gateway Zone-based Policy Firewall • Stateful inspection transparent firewall • Advanced application inspection and control • HTTPS, FTP, and Telnet authentication proxy • Dynamic and static port security • Firewall stateful failover • VRF-aware firewall Content Filtering • Subscription-based content filtering with Trend Micro • Support for Websense and Smartfilter • Cisco IOS Software black and white lists Integrated Threat Control • IPS • Control Plane Policing • Flexible Packet Matching • Network foundation protection

• WiFi Multimedia (WMM) certification • Traffic specifications (TSPEC) Call Admission Control (CAC) to ensure voice quality is maintained • Unscheduled Automatic Power Save Delivery (UPSD) to reduce latency WLAN Security Features • Standard 802.11i • WPA and AES (WPA2) • EAP authentication: Cisco LEAP, PEAP, Extensible Authentication Protocol Transport Layer Security (EAP TLS), Extensible Authentication ProtocolFlexible Authentication via Secure Tunneling (EAP-FAST), Extensible Authentication ProtocolSubscriber Information Module (EAP-SIM), Extensible Authentication Protocol-Message Digest Algorithm 5 (EAP-MD5), and Extensible Authentication Protocol-Tunneled TLS (EAP-TTLS) • Static and dynamic Wired Equivalent Privacy (WEP) • Temporal Key Integrity Protocol/Simple Security Network (TKIP/SSN) encryption • MAC authentication and filter • User database for survivable local authentication using LEAP and EAP-FAST • Configurable limit to the number of wireless clients • Configurable RADIUS accounting for wireless clients • Preshared keys (PSKs) (WPA-small office or home office [WPA-SOHO])

38

39

Cisco 890 Series

Cisco 890 Series

Network Example

Platform Overview continued
Physical Specifications
Dimensions (H x W x D) Nonwireless Models: 1.9 x 12.8 x 9.8 in. (48 x 325 x 249 mm) (includes rubber feet) 1.75 x 12.8 x 9.8 in. (44 x 325 x 249 mm) (without rubber feet) Wireless Models: 1.9 x 12.8 x 10.4 in. (48 x 325 x 264 mm) (includes rubber feet) 1.75 x 12.8 x 10.4 in. (44 x 325 x 264 mm) (without rubber feet; excludes antennas) Weight 5.5 lbs. (2.5 kg) maximum

Power Dissipations
AC Input Voltage Frequency Maximum Output Power Output Voltages 100–240 VAC 50–60 Hz 60W 12V DC

Environmental Specifications
Operating Temperature 32 to 104°F (0 to 40°C) -4 to 149°F (-20 to 65°C) 5 to 95% 0 to 10,000 ft.. (0 to 3000 m) Non-operating Temperature Relative Humidity (non-condensing) Operating Altitude

When to Deploy
Deploy the Cisco 890 Series when you need the following in a small branch office, or small business sites: • Secure, concurrent services for broadband connection • High-speed VPN solution • Advanced security with firewall, VPNs, IPS, DMVPNs, Easy VPNs, GETVPNs • Metro Ethernet service • Integrated 802.11a/b/g/n WLAN, in autonomous or Unified Wireless modes • Eight-port 10/100 managed switch

Regulatory Compliance
Approvals and Compliance Emissions: • 47 CFR Part 15: 2006 • CISPR22: 2005 • EN300386: V1.3.3: 2005 • EN55022: 2006 • EN61000-3-2: 2000 [Inc amd 1 & 2] • EN61000-3-3: 1995 [+ amd 1: 2001] • ICES-003 Issue 4: 2004 • KN 22: 2005 • VCCI: V-3/2006.04 Immunity: • CISPR24: 1997 [+ amd 1 & 2] • EN300386: V1.3.3: 2005 • EN50082-1: 1992 • EN50082-1: 1997 • EN55024: 1998 [+ amd 1 & 2] • EN61000-6-1: 2001

Platform Overview
Integrated USB 2.0/ AUX/ Console Yes/Yes/Yes Yes/Yes/Yes

Models

WAN Interface

LAN Interfaces

802.11a/g/n Option Yes Yes

Integrated Dial Backup V.92 Analog Modem ISDN BRI

Cisco 891 Cisco 892

1-port GE 1-port FE 1-port GE 1-port FE

4-port 10/100-Mbps Managed Switch 4-port 10/100-Mbps Managed Switch

40

41

Cisco 890 Series

Series Specifications
Flash Memory System DRAM Memory External Power Supply Console Port 802.11b/g WLANs USB 2.0 256 MB 512 MB (Expandable to 768 MB) Universal 100 to 240 VAC input; 60W, 12 VDC output RJ-45 Optional on all models • Two USB 2.0 ports USB devices supported: • USB eTokens • USB Flash Power over Ethernet Optional internal adapter for inline PoE on 4 switch ports for IP phones or external wireless access points; 802.3af compliant and Cisco PoE compliant

Notes

High-Availability Features
• Virtual Router Redundancy Protocol (VRRP) (RFC 2338) • HSRP • MHSRP • Dial backup with external modem through virtual auxiliary port • Dial backup with ISDN S/T or V.92 Analog modem port

Ordering Information
Part Number Product Description

Integrated Services Routers
CISCO891-K9 CISCO891W-AGN-A-K9 CISCO891W-AGN-N-K9 CISCO892-K9 CISCO892W-AGN-E-K9 MEM8XX-512U768D C890-universalk9-mz ap801-k9w7-tar ap801-rcvk9w8-tar 800-IL-PM-4 SL-CNFIL-890-1Y SL-CNFIL-8xx-TRI FL-WEBVPN-25-K9 Cisco 891 Gigabit Ethernet Security Router Cisco 891W Gigabit Ethernet Security Router w/ 802.11n FCC Compliant Cisco 891W Gigabit Ethernet Security Router w/ 802.11n Australia Compliant Cisco 892 Gigabit Ethernet Security Router Cisco 892W Gigabit Ethernet Security Router w/ 802.11n ETSI Comp 512 MB DRAM upgrade to 768 MB for Cisco 890 Series routers Universal image for Cisco 890 Series routers Autonomous software image for ap801 Lightweight Access Point Protocol (LWAPP) recovery image for ap801 4-port 802.3af capable internal power module for Cisco 890 Series routers One year subscription to Content Filtering for Cisco 890 Series routers 30-day free trial license for Cisco 890 Series routers Feature license SSL VPN for up to 25 users (incremental)

42

43

Notes

Cisco 1800 Series (Fixed-Configuration)

Cisco is redefining best-in-class enterprise and small- to medium-sized business routing with a new line of Integrated Services Routers that are optimized for the secure delivery of data services. Founded on 20 years of leadership and innovation, the Cisco 1800 Series Integrated Services Routers intelligently embed data, security, and wireless technology into a single, resilient system for fast, secure, scalable delivery of mission-critical business applications. The Cisco 1800 Series architecture has been specifically designed to meet requirements of small- to medium-sized businesses (SMBs), small enterprise branch offices, and service provider-managed services applications for delivery of concurrent services for broadband access. The integrated secure systems architecture of the Cisco 1800 Series delivers maximum business agility and investment protection.

Benefits and Advantages
Cisco 1800 Series Integrated Services Routers are the next evolution of the award-winning Cisco 1700 Series modular and fixed-configuration routers. The Cisco 1801, 1802, 1803, 1811, and 1812 Integrated Services Routers are fixed-configuration, while the Cisco 1841 Integrated Services Router is modular. The routers are designed for secure broadband, Metro Ethernet, and wireless connectivity, and provide significant performance improvements, feature capability, versatility, and additional value compared to prior generations of Cisco 1700 Series. The Cisco 1800 Series fixed-configuration routers provide: • Secure broadband access with concurrent services for branch and small offices • Integrated ISDN Basic Rate S/T Interface (BRI), analog modem, or Ethernet backup port for redundant WAN links and load balancing • Secure wireless LAN option for simultaneous 802.11a and 802.11b/g with use of two dual-mode antennas • Advanced security including: Stateful Inspection Firewall, IP Security (IPsec) VPNs (Triple Data Encryption Standard [3DES] or Advanced Encryption Standard [AES]), Intrusion Prevention System (IPS), Antivirus support through Network Admission Control (NAC) and enforcement of secure access policies • 8-port 10/100 managed switch with 802.1q VLAN support and optional Power over Ethernet (PoE) • Easy deployment and remote-management capabilities through Web-based tools and Cisco IOS Software Cisco 1801, 1802, and 1803 routers provide highspeed DSL broadband access through asymmetric DSL (ADSL) over basic telephone service (Cisco 1801), ADSL over ISDN (Cisco 1802), or Symmetrical High-Data-Rate DSL (G.SHDSL) (Cisco 1803) while helping to ensure reliable networking with integrated ISDN S/T BRI backup. The Cisco 1811 and 1812 provide high-speed broadband or Ethernet access through two 10/100BASE-T Fast Ethernet WAN ports and also provide integrated WAN backup through a V.92 analog modem (Cisco 1811) or ISDN S/T BRI interface (Cisco 1812).

44

45

Cisco 1800 Series (Fixed-Configuration)

Cisco 1800 Series (Fixed-Configuration)

Benefits and Advantages continued
The Cisco 1800 Series fixed-configuration routers help enable a network infrastructure for SMBs and enterprise small branch offices, providing access to the Internet, corporate headquarters, or other remote offices, while securing and protecting critical data with integrated Cisco IOS Software security features and capabilities. They also help businesses reduce costs by enabling deployment of a single device to provide multiple services (integrated router with redundant link, LAN switch, firewall, VPN, IPS, wireless technology, and Quality of Service [QoS]) typically performed by separate devices. Cisco IOS Software allows this flexibility, providing the industry’s most robust, scalable, and feature-rich internetworking support, using the accepted standard networking software for the Internet and private WANs.

Security Application Example
Headquarters Office

Branch Office

VPN Tunnel
Cisco 1811/1812 Router with IOS Firewall, NAC, IPsec VPN, and IPS Enabled

Internet

Security Features
Cisco IOS Firewall • Stateful firewall with URL filtering • Per-user authentication and authorization • Real-time alerts • Transparent firewall • IPv6 firewall VPN • Advanced Encryption Standard (AES) 128, 192, and 256 • Triple Data Encryption Standard (3DES), and DES encryption • Embedded hardware-based VPN acceleration on the motherboard • Cisco Easy VPN remote and server support • Dynamic Multipoint VPN (DMVPN) • Group Encrypted Transport VPN (GET VPN) Onboard USB Port • USB 2.0 ports (2) (Cisco 1811 and 1812 models only) IPS • More than 700 IPS signatures supported in Cisco IOS Software, with the ability to load and enable selected IPS signatures URL Filtering • Local URL filtering in Cisco IOS Software based on external server (Websense and N2H2) • Stateful firewall contains URL filtering Cisco SDM • Cisco Router and Security Device Manager (SDM) IOS WebVPN (SSL VPN) • Secure remote access for mobile users without installing PC client software • Integrated into the router—no separate appliance required • Cisco 1801 and 1812 supports up to 10 users • Requires IOS WebVPN feature license FL-WEBVPN-10 • Requires an IOS security feature set (IOS security feature set is included in all secure router bundles) 46

Wireless

Integrated Wireless LAN Capability
Cisco 1800 Series of fixed-configuration routers includes models with an integrated wireless access point, providing secure router and secure wireless LAN services in one device, helping businesses reduce total cost of ownership with simplified WLAN deployment and management capabilities. The integrated wireless access point supports IEEE 802.11a/b/g simultaneously to provide highspeed wireless capability and flexibility to support 2.4 GHz and 5 GHz dual-band simultaneous operation, making them ideal choices for hotspot deployments and wireless office solutions. WiFi Certified client devices including Cisco Aironet, WiFi Certified and Cisco Compatible client devices are fully supported. The Cisco 1800 Series routers with integrated wireless access points are WiFi certified and support WPA and WPA2 providing secure mutual authentication and encryption via Cisco IOS Software features to meet the strict demands of

today’s businesses. These products also provide support for multiple BSSIDS (8) and multiple wireless VLANs (16 with 8 encrypted) that can be configured to provide additional security, segmentation, and separation of user groups. When using the routers in conjunction with the Cisco Service Selection Gateway (SSG) and Subscriber Edge Services Manager (SESM), managed service providers can incorporate service-based authorization and accounting, and service and subscriber management for customizable, on-demand wireless services such as hotspots. Additional features such as Universal Client mode allow the router to wirelessly connect to an AP (such as an outdoor wireless Mesh network) and local authentication allow users to maintain wireless connectivity to the router in the event that a remote authentication server goes down. Quality of Service (QoS) via WiFi Multimedia (WMM) is also supported.

47

Cisco 1800 Series (Fixed-Configuration)

Cisco 1800 Series (Fixed-Configuration)

Wireless Example

High-Availability Features Example
Headquarters Office

PDA

Branch Office
Internet
Cisco 1800 FixedConfiguration Router with integrated 802.11a/b/g access point

Printer

Platform Overview
FE WAN Ports 1 1 1 2 2 2 Switch Ports 8 8 8 4 8 8 Wireless Option Yes Yes Yes Yes Yes Yes DRAM (MB) Default Max 256 256 256 256 256 256 384 384 384 384 384 384 Compact Flash (MB) Default Max 64 64 64 64 64 64 128 128 128 128 128 128 Power Supply AC AC AC AC AC AC

PCs

Models Cisco 1801 Cisco 1802 Cisco 1803

WAN ADSL ADSLoISDN G.SHDSL DOCSIS 2.0 10/100 Ethernet 10/100 Ethernet

File Server Laptops

Cisco 1805 Cisco 1811 Cisco 1812

When to Deploy
Deploy the Cisco 1800 Series fixed-configuration routers when you need: • An application-specific configured router • Fully integrated DSL/Security/Wireless router • To support high performance Internet access • High availability Internet connections and load balancing • Easy to order products • Ability to connect several LAN devices

Series Specifications
Dimensions (H x W x D) Console Port Auxiliary Port USB Port Wireless LAN 12.5 x 9.5 in. (34.3 x 27.4 cm) 1 (up to 115.2 Kbps) 1 (up to 115.2 Kbps) 2 (USB 2.0) on Cisco 1811 and 1812 only. The Cisco 1801, 1802, and 1803 do not offer USB support IEEE 802.11a,b,g (W models) One analog modem port on Cisco 1805 and 1811 No, see Cisco 1841 Only data support Hardware support on motherboard (3DES and AES) 8 10/100BASE-T fully managed switch ports with 802.3af PoE support 4 10/100BASE-T fully managed switch ports with 802.3af PoE support (Cisco 1805 Model only) 1 (Cisco 1805 and 1811 models only) V.92 1 (Cisco 1801, 1802, 1803, and 1812 models), 2 (Cisco 1805, 1811 and 1812 models) 1 (Cisco 1801, 1802, 1803, and 1812 models only)

High-Availability Features
The Cisco IOS Software Advanced IP Services feature set offers basic and advanced routing capabilities to deliver failover protection and load balancing. These capabilities include Border Gateway Protocol (BGP), Open Shortest Path First (OSPF) Protocol, Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP) routing protocols along with dial-on-demand routing (DDR) Reliable Static Routing Using Object Tracking. Each of the Cisco 1800 Series fixed-configuration routers is equipped with either an ISDN BRI, V.92 analog modem, or Ethernet port for secondary WAN backup connection. If the primary DSL, cable, or Ethernet-access WAN experiences a link failure or loss of connectivity, the router will detect this failure and will fail over to the secondary backup WAN. The Cisco 1800 Series fixed-configuration routers help enable customers to deliver high-performance and high-availability, mission-critical business applications.

V.92 Analog Modem Port Integrated Channel Service Unit/Data Service Unit (CSU/DSU) Voice/Data Support Encryption 10/100 Switch Ports

Integrated Modems Default 10/100 WAN Ports ISDN Basic Rate Interface (BRI) Ports S/T

48

49

Cisco 1800 Series (Fixed-Configuration)

Ordering Information
Product Number CISCO1801 CISCO1801-M CISCO1805-D CISCO 1805-D/K9 CISCO1801/K9 CISCO1801-M/K9 CISCO1802 CISCO1802/K9 CISCO1803/K9 CISCO1811/K9 Product Description ADSL over POTS router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS IP broadband, 32 MB Flash, and 128 MB DRAM ADSL over POTS Annex M router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS IP broadband, 32 MB Flash, and 128 MB DRAM DOCSIS 2.0 with 4 Port FE switch, 64 MB Flash, 128 MB DRAM DOCSIS 2.0 with 4 Port FE switch, 64 MB Flash, 192 MB DRAM and Advanced IP Services IOS ADSL over POTS router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM ADSL over POTS Annex M router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM ADSL over POTS router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS IP broadband, 32 MB Flash, and 128 MB DRAM ADSL over ISDN router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM G.SHDSL router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM Security router with dual 10/100 WAN ports, 8-port 10/100BASE-T switch, V.92 analog modem backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM Security router with dual 10/100 WAN ports, 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM ADSL over POTS router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM, and integrated FCC-compliant 802.11a,b,g wireless capability ADSL over POTS router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM, and integrated China-compliant 802.11a,b,g wireless capability ADSL over POTS router with 8-port 10/100BASE-T switch, ISDN S/T backup, Cisco IOS Advanced IP Services, 32 MB Flash, and 128 MB DRAM, and integrated Australia/NZ compliant 802.11a,b,g wireless capability

Notes

CISCO1812/K9

CISCO1801W-AG-B/K9

CISCO1801W-AG-C/K9

CISCO1801W-AG-N/K9

50

51

Notes

Cisco 1800 Series (Cisco 1841 Router Modular)
Cisco is redefining best-in-class enterprise and small- to medium-sized business (SMB) routing with a line of Integrated Services Routers that are optimized for the secure, wire-speed delivery of data services. Founded on 20 years of leadership and innovation, Cisco 1800 Series Integrated Services Routers intelligently embed data and security into a single, resilient system for fast, scalable delivery of missioncritical business applications. The Cisco 1800 Series architecture has been specifically designed to meet requirements of SMBs, small enterprise branch offices, and service-provider-managed services applications for delivery of concurrent secure data services at wire-speed performance. The integrated, secure systems architecture of the Cisco 1800 Series delivers maximum business agility and investment protection. Benefits and Advantages

Enhanced Architecture
The Cisco 1841 Integrated Services Router provides secure data connectivity at up to one T1/E1/xDSL WAN connectivity rates. It provides significant additional value compared to prior generations of Cisco 1700 Series routers by offering more than a five-fold performance increase, integrated onboard hardware-based encryption enabled by an optional Cisco IOS Software security image, and a dramatic increase in interface card slot performance and density. Support for one internal Advanced Integration Module (AIM) slot is provided for additional hardware-accelerated encryption and scalability. The modular architecture on the Cisco 1841 router also supports two high-speed WAN interface card (HWIC) slots which significantly increase data-throughput capability (up to 800 Mbps aggregate). The Cisco 1841 also offers integrated dual high-speed Ethernet LAN ports to allow LAN segmentation and to help enable connectivity speeds up to 100BASE-T Ethernet technology. Ample default memory (Flash, SDRAM) is provided to support deployment of concurrent services.

1841 delivers investment protection with support for more than 30 modules and interface cards, including existing WICs and voice WAN interface cards (VWICs—on the Cisco 1841 router for data support only) as well as Advanced Integration Modules (AIM). This Integrated Services Router provides 2 slots that are WIC/HWIC/VWIC (data) capable and enables multiple services on an integrate-as-you-grow basis.

Market-leading Integrated Security
A primary component of the Cisco Selfdefending Network, the Cisco 1841 Integrated Services Router ships with the industry’s most comprehensive security services embedded within the router that can be enabled with a Cisco IOS Security Image. This provides customers with a single, resilient platform to rapidly deploy secure networks and applications. The Cisco 1800 Series was designed with integrated security to provide a tight coupling among security, routing, and other integrated services throughout the network. With a Cisco IOS Software-based VPN, firewall, and intrusion prevention system (IPS), as well as optional enhanced VPN acceleration, and Network Admission Control (NAC) support for anti-virus defense, the Cisco 1841 offers a robust and adaptable security solution for branchoffice routers. Every Cisco 1800 Series router comes with the factory-installed Cisco Router and Security Device Manager (SDM). Cisco SDM is an 53

Flexibility and Investment Protection
The modular architecture of the Cisco 1841 router offers a wide variety of LAN and WAN options; interface cards and modules are field-upgradable to accommodate future technologies. The Cisco 52

Cisco 1800 Series (Cisco 1841 Router Modular)

Cisco 1800 Series (Cisco 1841 Router Modular)

Benefits and Advantages continued intuitive, Web-based device manager that offers easy router configuration and monitoring, startup wizards for quick deployment and lock-down, smart wizards to help enable security and routing features, Cisco Technical Assistance Center (TAC)-approved router configurations, and subjectrelated educational content. enterprise branch office, and the service provider customer edge. The Cisco 1841 router easily accommodates several network applications, such as secure branch-office data access (including NAC for antivirus defense), VPN access and firewall protection, business-class DSL, IPS support, inter-VLAN routing, and serial device concentration. The Cisco 1841 router provides customers with the industry’s most flexible, secure, and adaptable infrastructure to meet both today’s and tomorrow’s business requirements for maximum investment protection.

Security Features continued
• Requires IOS WebVPN feature license FL-WEBVPN-10 or FL-WEBVPN-25 • Requires an IOS security feature set (IOS security feature set is included in all secure router bundles) Network Foundation Protection • Control Plane Policing (CPP) • AutoSecure • Secure Shell (SSH) URL Filtering • Local URL filtering in Cisco IOS software based on external server Onboard USB 1.1 Port • Single onboard USB 1.1 port • Secure token and Flash memory support • Access Control List (ACL) • Command-Line Interface (CLI) • Committed Access Rate (CAR)

Integrated Services
By providing integrated services, as well as great modular density and high performance, the Cisco 1841 router provides security, versatility, scalability, and flexibility for multiple applications to the small- to-medium-sized business, small

Security Features
IPsec VPN • Advanced Encryption Standard (AES) 128, 192, and 256; Triple Data Encryption Standard (3DES); and DES cryptology support • Embedded hardware-based VPN acceleration on the motherboard • Cisco Easy VPN remote • Cisco Easy VPN server • Dynamic Multipoint VPN (DMVPN) • Virtual Tunnel Interfaces (VTI) • 802.1x • VPN QoS—Preclassification support • Support for up to 800 IPsec tunnels using the AIM-VPN/SSL-1 Multiprotocol Label Switching (MPLS) VPN Support • Support for VRF-lite and VRF aware IPsec Cisco IOS IPS • Inline ability to drop packet, reset connection, locally shun, or send an alarm • Dynamically load and enable selected attack signatures in the same manner as Cisco IPS Appliances Cisco IOS Firewall • Feature rich, stateful firewall • Per-user authentication and authorization • Real-time alerts • Transparent firewall • IPv6 firewall IOS WebVPN (SSL VPN) • Secure remote access for mobile users without installing PC client software • Integrated into the router—no separate appliance required • Cisco 1841 supports up to 25 users 54 • VRF-aware firewall • Advanced Application Inspection and Control – HTTP inspection engine – E-mail inspection engines (SMTP, ESMTP, IMAP, POP)

Security Solutions • Network Admission Control (NAC) Optional Security Modules • VPN and Encryption Advanced Integration Modules (AIM-VPN/SSL-1) Cisco Router and Security Device Manager (SDM) • Ships by default Certifications • ICSA IPsec • ICSA Firewall • Common Criteria IPsec (EAL4) (in process) • Common Criteria Firewall (EAL4+) (in process) • FIPS 140-2, Level 2 (in process)

Security Example
Corporate Headquarters Large Branch Office
PSTN
Cisco 7200 (VoIP-enabled)

V

SS7 IMT

PRI

V

Cisco 3800 (VoIP-enabled)

SP IP VPN Core

Small Branch Office

Branch Office

Cisco 1841

Cisco 2800

Branch office Network Admission Control (NAC) helps ensure that every endpoint complies with network security policies before being granted access, protecting the network from viruses and worms.

55

Cisco 1800 Series (Cisco 1841 Router Modular)

Cisco 1800 Series (Cisco 1841 Router Modular)

When to Deploy
Deploy the Cisco 1841 Router when you need: • Performance and densities for concurrent data and security services up to one T1/E1/xDSL WAN connectivity rates • The flexibility to add or change WAN services to support changing needs and applications, including serial T1, E1, ISDN and broadband DSL, etc. • VPN connections, or plan to migrate to them over time • Low density (up to four ports) of integrated 10/100 switching • Integrated security services as part of the Cisco Self-Defending Network, which enable network device protection, threat defense, secure connectivity, and endpoint protection and control • Advanced management for security, routing, Quality of Service (QoS), and switching services with Cisco SDM Version 2.0

Ordering Information
Product Number Product Description

Cisco 1800 Series Base Chassis Part Numbers
CISCO1841 Cisco 1800 Series Modular Router with two integrated Fast Ethernet slots, two WAN slots, IP BASE, 32 MB of Flash memory and 128 MB of DRAM

Product Bundles
Product Number Product Description

HSEC Bundles
CISCO1841-HSEC/K9 Cisco 1841 Security Bundle with IOS Advanced IP Services Image, AIM-VPN/ SSL-1, 64 MB Flash/256 MB DRAM, 10 User SSL License

Platform Overview
Fixed LAN Ports Cisco 1841 2 HWIC Slots 2 AIM Slots 1 PVDM* Slots 0 NME* Slots 0 EVM* Slots 0 DRAM (MB) Default Max 128 384 Flash (MB) Default Max 32 128 Power Supply AC

Security
CISCO1841-SEC/K9 CISCO1841-HSEC/K9 CISCO1841-T1SEC/K9 Cisco 1841 security bundle with advanced security, 64 MB Compact Flash/256 MB DRAM Cisco 1841 security bundle with AIM-VPN/SSL-1 Advanced IP Services, 64 MB Compact Flash/256 MB DRAM Cisco 1841 security bundle with WIC-1DSU-T1-V2, Advanced Security, 64 MB Compact Flash/256 MB DRAM

* NME = Enhanced Network Module; EVM = Extension Voice Module; PVDM = Packet Voice/Digital Signal Processor Module

Broadband Bundles
CISCO1841-ADSL Cisco 1841 asymmetric DSL (ADSL) over POTS (ADLSoPOTS) bundle, IP broadband, 32 MB Compact Flash/128 MB DRAM Cisco 1841 bundle, HWIC-1ADSL, IOS IP Broadband, 32 MB Flash/ 128 MB DRAM Cisco 1841 bundle, HWIC-ADSL-B/ST, IOS IP Broadband, 32 MB Flash/ 128 MB DRAM Cisco 1841 ADSLoISDN bundle, IP broadband, 32 MB Compact Flash/ 128 MB DRAM Cisco 1841 ADSLoPOTS bundle with Dying Gasp, IP broadband, 32 MB Compact Flash/128 MB DRAM Cisco 1841 bundle, WIC-1SHDSL-V3, IOS IP Broadband, 32 MB Flash/ 128 MB DRAM Cisco 1841 2-pair G.SHDSL bundle, HWIC-2SHDSL, IP Base, 64 MB Flash/ 128 MB DRAM Cisco 1841 4-pair G.SHDSL bundle, HWIC-2SHDSL, IP Base, 64 MB Flash/ 128 MB DRAM

Series Specifications
Dimensions (H x W x D) Console Port Auxiliary Port USB Port Integrated Channel Service Unit/Data Service Unit (CSU/DSU) Voice/Data Support Compression Encryption Maximum 10/100 Switch Ports Maximum Integrated Modems Maximum ISDN Basic Rate Interface (BRI) Ports 1.73 x 13.5 x 10.8 in. (43.9 x 343 x 274 mm) 1 (up to 115.2 Kbps) 1 (up to 115.2 Kbps) 1 Yes, with optional T1/E1, Fractional T1/E1, 56k/64k support Unit/Data Service Unit (CSU/DSU) Only data support Software and hardware Hardware support on motherboard; optional AIM for enhanced performance 4 (without onboard Fast Ethernet ports) 4 2

CISCO1841-ADSL2 CISCO1841-ADSL2-B CISCO1841-ADSLI CISCO1841-ADSL-DG CISCO1841-SHDSL-V3 CISCO1841-2SHDSL CISCO1841-4SHDSL

T1 Bundles
CISCO1841-T1 Cisco 1841 T1 bundle, advanced security, 32 MB Compact Flash/128 MB DRAM

3G Bundles
C1841-3G-G C1841-3G-V C1841-3G-S C1841-3G-G-SEC/K9 C1841-3G-V-SEC/K9 C1841-3G-S-SEC/K9 1841 bundle w/HWIC-3G-GSM, IP Base, 64FL/128DR 1841 bundle w/HWIC-3G-CDMA-V, IP Base, 64FL/128DR 1841 bundle w/HWIC-3G-CDMA-S, IP Base, 64FL/128DR Cisco 1841, HWIC-3G-GSM, 64MB Flash /256MB DRAM, Adv Security Cisco 1841, HWIC-3G-CDMA-V, 64MB Flash /256MB DRAM, Adv Security Cisco 1841, HWIC-3G-CDMA-S, 64MB Flash /256MB DRAM, Adv Security

56

57

Notes

Cisco 1800 Series (Cisco 1861 Router Modular)
Cisco 1861 is a new platform focused on unified communications to the Cisco 1800 Series Integrated Services Routers portfolio. This new, affordable unified communications system makes anytime, anywhere secure access to information possible, thereby facilitating more effective and efficient ways of communicating with customers and employees. The award-winning Cisco integrated services router is the ideal platform for delivering IP communications in enterprise branch offices, commercial offices, and small- and medium-sized business (SMB) offices. Through the integration of voice gateway, call processing, voicemail, Automated-Attendant, conferencing, transcoding, and security capabilities, Cisco integrated services router platforms deliver a complete office unified communications solution. Benefits and Advantages

Product Overview
The Cisco 1861 Integrated Services Router, which is part of the Cisco 1800 Series Integrated Services Router portfolio, is a unified communications solution for SMBs and enterprise small branch offices that provides voice, data, voicemail, Automated-Attendant, video, and security capabilities while integrating with existing desktop applications such as calendar, e-mail, and customer relationship management (CRM) programs. This easy-to-manage platform takes full advantage of business-class, proven unified communications technologies and supports flexible deployment models based on your needs-a wide array of IP phones, public switched telephone network (PSTN) interfaces, and Internet connectivity. Core components include the following: • Integrated Cisco Unified Communications Manager Express or Cisco Unified Survivable Remote Site Telephony (SRST) for call processing • Optional Cisco Unity® Express for voice messaging and Automated Attendant

• Integrated LAN switching with Power over Ethernet (PoE)-expandable through Cisco Catalyst® Switches • Optional support for range of High-Speed WAN interface cards (HWICs) • Optional security with firewall, VPN, Secure Sockets Layer (SSL), and intrusion prevention system (IPS) capabilities

Converged IP Communications
The Cisco 1861 Integrated Services Router can meet the IP communications needs of SMB and enterprise small branch offices while concurrently delivering an industry-leading level of security within a single communications system. The Cisco 1861 offers the Cisco Unified Communications Manager Express (CME) integrated as default through Cisco IOS® Software that provides call processing for Cisco IP phones. This solution is targeted at customers interested in deploying a converged IP telephony solution for up to 8 IP phones, and need an integrated WAN for data connectivity. Figure 2 illustrates the CME application for a standalone business using the

58

59

Cisco 1800 Series (Cisco 1861 Router Modular)

Cisco 1800 Series (Cisco 1861 Router Modular)

Benefits and Advantages continued
Cisco 1861 Integrated Services Router. With the Cisco 1861, you can securely deploy data, voice, and IP telephony on a single platform for your small to medium-sized branch offices, helping them streamline their operations and lower their network costs. As the enterprise extends its IP telephony deployments from central sites to remote offices, one of the critical factors in achieving a successful deployment is the ability to support backup call control at the remote branch office. Cisco Unified SRST provides a cost-effective solution for supporting redundant call control in the remote branch office.. delivery of converged services and applications. With the optional Cisco IOS Software Advanced IP Services feature set, the Cisco 1861 provides a robust array of common security features such as a Cisco IOS Software Firewall, intrusion prevention, IPsec VPN, SSL VPN, advanced application inspection and control, Secure Shell (SSH) Protocol Version 2.0, and Simple Network Management Protocol Version 3 (SNMPv3) in one secure solution set. Additionally, by integrating security functions directly into the router itself, Cisco can provide unique intelligent security solutions other security devices cannot, such as Network Admissions Control (NAC) for antivirus defense; Voice and Video Enabled VPN (V3PN) for quality of service (QoS) enforcement when combining voice, video, and VPN; and Dynamic Multipoint VPN (DMVPN), Group Encrypted Transport (GET) VPN, and Easy VPN for enabling more scalable and manageable VPN networks. As Figure 4 demonstrates, a Cisco 1861 uniquely helps customers deliver concurrent, mission-critical data, voice, and video applications with integrated, end-to-end security at wire-speed performance.

Platform Overview
Features Solution Packaging Details • Both foreign exchange office (FXO) and Basic Rate Interface (BRI) fixed configurations are offered for both Cisco Unified CME + Cisco Unity Express and Cisco Unified SRST applications. • Each configuration is equipped with the appropriate number of feature licenses for call processing and voicemail, simplifying the product structure. • The appropriate number of fixed digital signal processors (DSPs) is packaged with each configuration. Modularity • A high-speed WIC (HWIC) slot is available for data WAN integration through a select list of HWICs. • The default Cisco IOS Software image SP Services K9 can be upgraded to optional advanced images. Ethernet Connectivity with QoS • Ethernet connectivity is provided for IP phones or wireless access points by PoE ports that provide connectivity speeds for up to 100BASE-T Ethernet technology without the need for additional power modules. Most Cisco Unified IP phones include a 10/100 switch with QoS to provide PC desktop connectivity to the network. • Optimized QoS is provided for IP phone and desktop configurations. The QoS level helps ensure that voice over IP (VoIP) traffic takes precedence. • Voice and data traffic travels in preconfigured VLANs • Port security is provided to limit unauthorized access to the network. Power Failover • A power failover feature is provided on the base configuration, giving access to the public switched telephone network (PSTN) lines in case of a power outage. When power is lost, FXO PSTN trunks are directly connected to foreign exchange station (FXS) analog ports, allowing for calls to be placed and received. • The process for providing customized MOH announcements is simplified with a dedicated MOH port, allowing small-business owners to play recorded announcements to their callers by simply plugging the audio source into the provided 3.5 mm mini-jack. • Customers can also use wave files stored on flash memory. • MOH is an audio stream that is played to PSTN and VoIP G.711 or G.729 callers who are placed on hold by the phone user. This audio reassures the callers that they are still connected to the called party. Deployment Options • The Cisco 1861 can be deployed as a desktop unit, wall-mounted, or installed in a standard 19-inch (48.26 cm) rack with an optional rack-mount kit.

Cisco Unity Express
The optional embedded Cisco Unity Express helps enable voicemail, desktop messaging, and Automated-Attendant services for increased customer service and rich employee communications experience.

Cisco Unified CallConnectors for Desktop Applications
The Cisco 1861 Integrated Services Router integrates with common Windows desktop applications to give small business owners access to productivity gains once available only to large businesses. With Cisco Unified CallConnectors, you can integrate your Cisco Unified IP phones with common applications, including Microsoft Outlook, Internet Explorer, Microsoft Dynamics CRM, or Salesforce.com CRM.

LAN Switching
The Cisco 1861 Integrated Services Router has an integrated, managed Ethernet switch that provides 8 ports of 10/100 PoE. Additionally, the system capacity can be expanded by connecting the recommended Cisco Catalyst portfolio of switches.

Recorded Announcements for Callers: Music on Hold (MOH)

Platform Features and Benefits
The Cisco 1861 Integrated Services Router is an all-in-one unified communications solution that integrates voice, data, video, and security into one platform. It brings unified communications to SMBs and enterprise small branch offices by providing a simplified, affordable solution that is easy to configure, deploy, and manage. By combining call control, messaging, and security into one device, the Cisco 1861 eliminates the added costs of multiple servers and provides a solution that is easy to set up and manage at a lower price point.

Secure Network Connectivity for Data, Voice, and Video
Security has become a fundamental element of any network. Routers play an important role in any network defense strategy because security needs to be embedded throughout the network. The Cisco 1861 Integrated Services Router features advanced, integrated, end-to-end security for the

60

61

Cisco 1800 Series (Cisco 1861 Router Modular)

Cisco 1800 Series (Cisco 1861 Router Modular)

Cisco Unified Communications Features Benefits and Advantages continued
IP telephony is currently undergoing tremendous growth, accelerated by access to value-added features and applications that only IP telephony can provide to the end user. Additionally, the cost benefits of converging data, voice, and video on a single network are adding to the rapid acceptance of this technology. Because it is integrated into a single system, the Cisco 1861 Integrated Services Router for SMBs and enterprise small branch offices enhances the advantages of convergence by offering the following unique benefits: • Cost-effective operations through a single, integrated voice-and-data platform for all SMB and enterprise branch office needs: This highly reliable platform provides robust QoS and the right level of security, encryption, and firewall to deliver enhanced VPN services to meet small-business needs. The system delivers integrated IP telephony, voicemail, and Automated-Attendant functions, allowing you to deploy one device to address all your business needs-thereby simplifying management, maintenance, and operations and delivering a lower total cost of ownership (TCO). • Sophisticated key system and private branch exchange (PBX) capabilities: SMBs and enterprise branch offices have different workflows and require specialized features to support their work practices. The Cisco 1861 delivers a robust set of telephony features for the small office and delivers unique, value-added capabilities through the Extensible Markup Language (XML). These capabilities, which cannot be delivered by traditional systems, enhance the productivity of the end user and the business. • Remote maintenance and troubleshooting: You can use the industry-standard Cisco IOS Software Command-Line Interface (CLI) or user-friendly GUI to configure and administer the Cisco 1861 Integrated Services Router system. The Cisco 1861 Integrated Services Router appliance in the first phase offers the feature set available with Cisco Unified Communications Manager Express 4.1 and Cisco Unity Express 2.3. IP Telephony Support Overview summarizes the unified communications features.

Platform Overview
Security is a fundamental element of any network, and Cisco products play an important role in embedding security at the customer’s access edge. The optional Cisco IOS Software security features for the Cisco 1861 Integrated Services Router are activated with hardware-based encryption on the motherboard and provide a robust array of features such as Cisco IOS Firewall, IP Security (IPsec) VPNs (Digital Encryption Standard [DES], Triple DES [3DES], and Advanced Encryption Standard [AES]), SSL Web VPN, SSHv2.0, and SNMP in one solution set. Secure Networking Overview summarizes the enhanced security functions available through the optional security image.

Secure Network Overview
Features Cisco IOS Software Firewall Details Sophisticated security and policy enforcement provides features such as stateful, application-based filtering (context-based access control), per-user authentication and authorization, real-time alerts, transparent firewall, and IPv6 firewall. SSL provides security for Web transactions by handling authentication, data encryption, and digital signatures.

SSL

Onboard VPN Encryption Acceleration The Cisco 1861 supports IPsec DES; 3DES; and AES 128, 192, and 256 cryptology by using an optional security image. Network Admission Control (NAC) A Cisco Self-Defending Network initiative, NAC seeks to dramatically improve the ability of networks to identify, prevent, and adapt to threats by allowing network access only to compliant and trusted endpoint devices. The Cisco 1861 supports specific provider edge functions plus a mechanism to extend customers’ MPLS VPN networks out to the customer edge with a Virtual Route Forwarding (VRF) firewall and VRF IPsec. For details about the MPLS VPN support on the different integrated services routers, please check the feature navigator tool at: http://www.cisco.com. Flexible and high-performance support is offered through Cisco IOS Software. IPS offers the ability to load and enable selected intrusion detection system (IDS) signatures in the same manner as Cisco IDS Sensor Software. Cisco IOS Firewall includes HTTP and several e-mail inspection engines that can be used to detect misuse of port 80 and e-mail connectivity. The Cisco 1861 eases administration and management of point-topoint VPNs by actively pushing new security policies from a single headend to remote sites. DMVPN is a Cisco IOS Software solution for building IPsec + Generic routing encapsulation (GRE) VPNs in an easy and scalable manner. GET VPN is a Cisco IOS Software solution that simplifies securing large Layer 2 or MPLS networks requiring partial or full-mesh connectivity by providing tunnel-less VPN connectivity. URL filtering is available externally with a PC server running the URL filtering software.

IP Telephony Support Overview
Features IP Phone Support PVDM Support Details Onboard PoE switch ports can be used to power Cisco IP phones. Onboard support analog and digital voice, conferencing, transcoding, and secure Real-Time Transport Protocol (RTP) applications. This feature is not upgradable. Cisco Unified Communications Manager Express (CME v4.2) is embedded in Cisco IOS Software at first customer shipment (FCS) and provides call processing for Cisco IP phones. Cisco CME delivers telephony features similar to those that are commonly used by business users to meet the requirements of the small to medium-sized offices. For additional information about Cisco Unified Communications Manager Express features, please visit http://www.cisco.com/go/ccme. An integrated voicemail and Automated-Attendant solution using Cisco Unity Express v2.3 is available optionally as a factory option. Up to 8 mailboxes and 5 general delivery mailboxes are available with the Cisco Unity Express option. For additional information about Cisco Unity Express features, please visit http://www.cisco.com/go/cue. Onboard voice ports integrated into the system by default include interfaces for PSTN; PBX; and key system connections, including FXS, FXO, and BRI. Branch offices can take advantage of centralized call control while costeffectively providing local branch backup using SRST redundancy for unified communications. For additional information about Cisco Unified SRST features, please visit http://www.cisco.com/go/srst.

Multiprotocol Label Switching (MPLS) VPN Support

IPS

Integrated Call Processing

Advanced Application Inspection and Control Cisco Easy VPN Remote and Server Support DMVPN GET VPN

Integrated Voicemail and Automated Attendant

PSTN Interfaces Support

URL Filtering

Cisco Unified SRST

Standard 802.1x Support on Integrated Standard 802.1x applications require valid access credentials that make unauthorized access to protected information resources and Switching deployment of unsecured wireless access points more difficult. Network Address Translation (NAT) NAT simplifies and reduces costs associated with global IP address allocation and management. Only a single registered IP address is required to support all users on an entire LAN infrastructure.

62

63

Cisco 1800 Series (Cisco 1861 Router Modular)

Cisco 1800 Series (Cisco 1861 Router Modular)

Cost-of-Ownership and Ease-of-Use Features
The Cisco 1861 continues the heritage of offering versatility, integration, and power to branch offices. The platform offers many enhancements to help enable the support of multiple services in the branch office, as shown in Cost-of-Ownership and Ease-of-Use Overview.

When to Deploy
Deploy the Cisco 1861 when you need: • Unified communications solutions for SMB office, commercial offices and enterprise small branch offices for up to 8 IP phone users • Integrated Cisco Unified Communications Manager Express or Cisco Unified Survivable Remote Site Telephony (SRST) for call processing • Optional Cisco Unity® Express for voice messaging and Automated Attendant • Integrated WAN for data connectivity with the flexibility to add or change WAN services to support changing needs and applications, including serial, T1/E1, and broadband DSL/Cable modem or 3G, etc. • Integrated LAN switching with eight ports of 10/100 Power over Ethernet (PoE)-expandable through Cisco Catalyst® Switches • Integrated security services such as firewall, VPN, SSL and Intrusion Prevention System capabilities (IPS) • As part of the Cisco Self-Defending Network, which enable network device protection, threat defense, secure connectivity, and endpoint protection and control
Product Number C1861-SRST-C-F/K9 Product Description Cisco 1861 Voice Bundle with IOS SP Services, PVDM2-32, Inbuilt CUE, 8 Feature Licenses (SRST and CUE), 4 FXS ports, 4 FXO ports, 8 Power Over Ethernet (PoE) ports, 128MB Flash/256MB DRAM Cisco 1861 Voice Bundle with IOS SP Services, PVDM2-32, Inbuilt CUE, 8 Feature Licenses (SRST and CUE), 4 FXS ports, 2 BRI ports, 8 Power Over Ethernet (PoE) ports, 128MB Flash/256MB DRAM Cisco 1861 Voice Bundle with IOS SP Services, PVDM2-32, 8 SRST Feature Licenses, 4 FXS ports, 4 FXO ports, 8 Power Over Ethernet (PoE) ports, 128MB Flash/256MB DRAM Cisco 1861 Voice Bundle with IOS SP Services, PVDM2-32, 8 SRST Feature Licenses, 4 FXS ports, 2 BRI ports, 8 Power Over Ethernet (PoE) ports, 128MB Flash/256MB DRAM Cisco 1861 Unified Communications Bundle with IOS SP Services, PVDM2-32, Inbuilt CUE, 8 User Licenses (CCME, CUE and Phone User licenses), 4 FXS ports, 2 BRI ports, 8 Power Over Ethernet (PoE) ports, 128MB Flash/256MB DRAM Cisco 1861 Unified Communications Bundle with IOS Advanced IP Serv, PVDM2-32, Inbuilt CUE, 8 User Licenses (CCME, CUE and Phone User licenses), 2 Unified CallConnector Personal Licenses, 4 FXS ports, 4 FXO ports, 8 Power Over Ethernet (PoE) ports, 128MB Flash/256MB DRAM Cisco 1861 Unified Communications Bundle with IOS Advanced IP Serv, PVDM2-32, Inbuilt CUE, 8 User Licenses (CCME, CUE and Phone User licenses), 2 Unified CallConnector Personal Licenses, 4 FXS ports, 2 BRI ports, 8 Power Over Ethernet (PoE) ports, 128MB Flash/256MB DRAM

1861 Summary The Cisco 1861 Integrated Services Router, which is part of the Cisco 1800 Series, is an all-in-one, affordable unified communications platform targeted at SMBs and enterprise small branch offices with up to 8 employees. It takes advantage of industry-leading, business-class, proven unified communications technologies (voice, data, video, and security) integrated into one platform and facilitates integration with commonly used desktop applications such as Microsoft Outlook and Outlook Express, IBM Lotus Notes, and CRM software. Functions include Automated Attendant and voicemail, PSTN and Internet connectivity, and analog phone and fax machine support. A wide array of IP phones are supported by PoE ports. The Cisco 1861 Integrated Services Router solution also provides the capability to network the office for voice, video, and data networking and allows business owners and employees to be securely connected to the office while they are traveling or working from their home offices.

IP Telephony Support Overview
Features Integrated Channel Service Unit/ Data Service Unit (CSU/DSU), Add/ Drop Multiplexers, Firewall, Modem, Compression, and Encryption Cisco IOS IP Service-Level Agreements (IP SLAs) Details These features consolidate typical communications equipment found in branch office wiring closets into a single, compact unit, providing better manageability because it saves space. With Cisco IOS IP SLAs, you can verify service guarantees, increase network reliability by validating network performance, proactively identify network problems, and increase return on investment (ROI) by easing the deployment of new IP services. This feature reduces system boot time and decreases downtime caused by Cisco IOS Software reboots. This feature offers advanced management and configuration capabilities through a Web-based GUI. This feature configures remote routers automatically across a WAN connection to save the cost of sending technical staff to the remote site. This feature enables automation of many network management tasks and directs the operation of Cisco IOS Software to increase availability, collect information, and notify external systems or personnel about critical events.

Cisco IOS Software Warm Reboot CiscoWorks Support Cisco AutoInstall

Cisco IOS Embedded Event Manager (EEM)

C1861-SRST-C-B/K9

C1861-SRST-F/K9

C1861-SRST-B/K9

C1861-UC-4FXO-K9

C1861-4F-VSEC/K9

C1861-2B-VSEC/K9

64

65

Notes

Cisco 1900 Series Integrated Services Routers
Cisco® 1900 Series Integrated Services Routers build on 25 years of Cisco innovation and product leadership. The new platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while maximizing operational cost savings. The Integrated Services Routers Generation two platforms are future-enabled with multi-core CPUs, Gigabit Ethernet switching with enhanced POE, and new energy monitoring and control capabilities while enhancing overall system performance. Additionally, a new Cisco IOS® Software Universal image and Services Ready Engine module enable you to decouple the deployment of hardware and software, providing a stable technology foundation which can quickly adapt to evolving network requirements. Overall, the Cisco 1900 Series offer unparalleled total cost of ownership savings and network agility through the intelligent integration of market leading security, unified communications, wireless, and application services. Cisco® 1941 builds on the best-in-class offering of the existing Cisco 1841 Integrated Services Routers by offering two models-Cisco 1941 and Cisco 1941W. In addition to the support of a wide range of wireless and wired connectivity options supported on Cisco 1941 Series, Cisco 1941W offers integration of IEEE 802.11n access point which is backwards compatible with IEEE 802.11a/b/g access points. All Cisco 1900 Series Integrated Services Routers offer embedded hardware encryption acceleration, optional firewall, intrusion prevention, and application services. In addition, the platforms support the industries widest range of wired and wireless connectivity options such as T1/E1, xDSL, 3G, and GE.

66

67

Cisco 1900 Series

Cisco 1900 Series

Benefits and Advantages

Benefits and Advantages continued
Cisco® 1941 builds on the best-in-class offering of the existing Cisco 1841 Integrated Services Routers by offering two models-Cisco 1941 and Cisco 1941W. In addition to the support of a wide range of wireless and wired connectivity options supported on Cisco 1941 Series, Cisco 1941W offers integration of IEEE 802.11n access point which is backwards compatible with IEEE 802.11a/b/g access points. All Cisco 1900 Series Integrated Services Routers offer embedded hardware encryption acceleration, optional firewall, intrusion prevention, and application services. In addition, the platforms support the industries widest range of wired and wireless connectivity options such as T1/E1, xDSL, 3G, and GE. Benefit Service Integration Description • The Cisco 1941 Series offer increased levels of services integration with data, security, wireless and mobility services enabling greater efficiencies cost savings. • A single Cisco IOS® Software Universal image is installed on each ISR G2. The Universal image contains all of the Cisco IOS technology sets which can be activated with a software license. This allows your business to quickly deploy advanced features without downloading a new IOS image. Additionally, larger default memory is included to support the new capabilities. • The Cisco Services Ready Engine (SRE) enables a new operational model which allows you to reduce capital expenditures (CapEx) and deploy a variety of application services as needed on a single integrated compute services module. High Performance with Integrated Services • The Cisco 1900 Series enables deployment in high speed WAN environments with concurrent services enabled up to 25 Mbps. • Multi-Gigabit Fabric enables high bandwidth module to module communication without compromising routing performance Network Agility • Designed to address customer business requirements, Cisco 1941 Series with the modular architecture, offers performance range of modular interfaces and services as your network needs grow. • Modular interfaces offer increased bandwidth, a diversity of connection options, and network resiliency. Energy Efficiency • The Cisco 1941 Series architecture provides energy savings features that include the following: • The Cisco 1900 Series offers intelligent power management and allows the customer to control power to the modules based on the time of day. Cisco EnergyWise technology will be supported in the future. • Services integration and modularity on a single platform performing multiple functions, optimizes raw materials consumption and energy usage. • Platform flexibility and ongoing development of both hardware and software capabilities lead to a longer product lifecycle, lowering all aspects of the total cost of ownership, including materials and energy use. • High efficiency power supplies are provided with each platform. Investment Protection • The Cisco 1941 Series maximizes investment protection by supporting: • Reuse of a broad array of existing modules supported on the original Integrated Services Routers provides a lower cost of ownership • Rich set of Cisco IOS Software features carried forward from the original Integrated Services Routers and delivered in the universal image. • Flexibility to grow as your business needs evolve

Services on Demand
The Cisco 1900 Series Integrated Services Routers extend this leadership in total cost of ownership by reducing initial capital outlays by decoupling the delivery of software from hardware on optional service modules. In addition, customers receive a Universal IOS image, capable of enabling all of Cisco’s rich IOS features allowing you to quickly deploy new services without having to download a new IOS image.

Services on Demand

Investment Protection
The Cisco 1900 Series extends its leadership in total cost of ownership by reducing deployment costs and increasing flexibility. The platform also offers investment protection with support for many of the existing ISR modules.

Key Benefits
The Integrated Services Routers Generation 2 (ISR G2) provide superior services integration and agility. Designed for scalability, the modular architecture of these platforms enables you to grow and adapt with your business needs. Table 1 lists the business benefits of the Cisco 1900.

Energy Efficiency
The Cisco 1900 architecture has been designed with higher efficiency power supplies that provide energy-savings features that include intelligent power management, allowing customers to control power to a specific module based on time of day, with full Cisco EnergyWise feature support in the future.

68

69

Cisco 1900 Series

Cisco 1900 Series

Architecture & Modularity
The Cisco 1941 Series is architected to meet the application demands of today’s branch offices with design flexibility for future applications. The modular architecture is designed to support expanding customer requirements, increased bandwidth, and fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE (ePoE). The table below lists the architectural features and benefits of the Cisco 1941 Series.

Modularity Features and Benefits
The Cisco 1941 provides significantly enhanced modular capabilities offering investment protection for customers. Most of the modules available on previous generations of Cisco routers, such as the Cisco 1841 ISR, are supported on the Cisco 1941. Additionally, modules used on the Cisco 1941 can easily be interchanged with other Cisco routers to provide maximum investment protection. Taking advantage of common interface cards across a network greatly reduces the complexity of managing inventory requirements, implementing large network rollouts, and maintaining configurations across a variety of branch-office sizes. A complete list of supported modules is available at http://www.cisco.com/go/1941.

Architectural Feature Modular Platform

Description • The Cisco 1941 Series ISR are highly modular platforms with multiple module slots to provide connectivity and services for varied branch network requirements. • The ISRs offer an industry-leading breadth of LAN and WAN connectivity options through modules to accommodate field upgrades to future technologies without requiring replacement of the platform.

Benefit Cisco Enhanced High Speed WAN Interface Card (EHWIC)

Description • The EHWIC slot replaces the high-speed WAN interface card (HWIC) slot and can natively support HWICs, WAN interface cards (WICs), voice interface cards (VICs), and voice/WAN interface cards (VWICs) • Two integrated EHWIC slots are available on the Cisco 1941 for flexible configurations for support of two modules: One double wide HWIC-D or single wide EHWIC/HWIC module and a second single wide E-HIC/HWIC module are supported • Each HWIC Slot offers high data throughput capability • Up to 1.6 Gbps aggregate towards the router processor • Up to 2 Gbps aggregate to other module slots over MultiGigabit Fabric (MGF)

Processors

• The Cisco 1941 Series is powered by high-performance multi-core processors that support growing demands of branch office networks by supporting high throughput WAN requirements. • The Cisco 1941 introduces an innovative MultiGigabit Fabric (MGF) which allows for efficient module to module communication, enabling direct services interactions across modules while reducing the overhead on the router processor. • Embedded hardware encryption acceleration is enhanced to provide higher scalability, which, combined with an optional Cisco IOS Security license, enables WAN link security and VPN services (Both IPsec and SSL acceleration). • All onboard WAN ports are 10/100/1000 Gigabit Ethernet WAN routed ports. • A new, innovative, mini-B USB console port supports management connectivity when traditional serial ports are not available. • The traditional console and auxiliary ports are also available. Either the USB-based console or the RJ-45-based console port can be used to configure the router. • An optional upgrade to the internal power supply provides in-line power (802.3af-compliant Power-over-Ethernet [PoE] and Cisco standard inline power) to optional integrated switch modules. • The Cisco 1941 offers a secure integrated access point in a single device. • Integrated access point is based on the IEEE 802.11n draft 2.0 standard that uses MIMO (Multi-Input, Multiple-output) to improve coverage for existing 802.11a/ b/g clients and new 802.11n clients. • The Cisco 1941 supports dual radios-802.11 b/g/n and 802.11a/n and is capable of operating in both autonomous and unified modes. Compact Flash Slots

MultiGigabit Fabric

Embedded IPsec/ SSL VPN Hardware Acceleration Integrated Gigabit Ethernet Ports Innovative universalserial-bus (USB)-based console access

Cisco Internal Services Module (ISM)

• A single ISM Slot provides flexibility to integrate intelligent services modules that do not require interface ports. • ISM replaces the Advanced Integration Module (AIM) slot, existing AIM modules are not supported in the ISM slot • Each ISM Slot offers high data throughput capability • Up to 4 Gbps aggregate towards the router processor • Up to 2 Gbps aggregate to other module slots over MultiGigabit Fabric (MGF) • Power to ISM slots can be managed by extensions similar to the Cisco EnergyWise framework, allowing organizations to reduce energy consumption in their network infrastructure. Full EnergyWise support will be available in future software releases. Note: The Cisco 1941 cannot have ISM and WLAN on the same chassis. Please refer to ordering information for WLAN SKUs • Two external Compact Flash slots are available on the Cisco 1941. Each slot can support high-speed storage densities upgradeable to 4GB in density. • Two high-speed USB 2.0 ports are supported. The USB ports enable another mechanism secure token capabilities and storage.

Optional Integrated Power Supply for Distribution of Power Over Ethernet (PoE) Integrated Wireless LAN

USB 2.0 Ports

70

71

Cisco 1900 Series

Cisco 1900 Series

Cisco IOS Software
The Cisco 1941 Series Integrated Services Routers deliver innovative technologies running on industryleading Cisco IOS Software. Developed for wide deployment in the world’s most demanding enterprise, access, and service provider networks, Cisco IOS Software Release 15 M&T provides support for a comprehensive portfolio of Cisco technologies, including new functionality and features delivered in Releases 12.4 and 12.4T, and new innovations that span multiple technology areas, including security, voice, high availability, IP Routing and Multicast, quality of service (QoS), IP Mobility, Multiprotocol Label Switching (MPLS), VPNs, and embedded management.

Key Branch Office Services continued throughput with less overhead for the router processor when compared with software-based encryption solutions. Cisco Integrated Services Routers offer a comprehensive and adaptable security solution for branch-office routers that include features such as: • Secure connectivity: Secure collaborative communications with Group Encrypted Transport VPN (GETVPN), Dynamic Multipoint VPN (DMVPN), or Enhanced Easy VPN. • Integrated threat control: Respond to sophisticated network attacks and threats using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, IOS IPS, IOS Content Filtering, and Flexible Packet Matching (FPM). • Identity Management: Intelligently protecting endpoints using technologies such as authentication, authorization, and accounting (AAA) and public key infrastructure (PKI). Detailed information on the security features and solutions supported on the Cisco 1900 Series routers can be found at http://www.cisco.com/go/routersecurity.

Cisco IOS Software Licensing and Packaging
A single Cisco IOS Universal image encompassing all functions is delivered with the platforms. You can enable advanced features by activating a software license on the Universal image. In previous generations of access routers, these feature sets required you to download a new software image. Technology packages and feature licenses, enabled through the Cisco software licensing infrastructure, simplify software delivery and decrease the operational costs of deploying new features. Four major technology licenses are available on the Cisco 1941 Series Integrated Services Routers; you can activate the licenses through the Cisco software activation process identified at http://www.cisco.com/go/sa. • IP Base: This technology package is available as default • Data • Security (SEC) or Security with No Payload Encryption (SEC-NPE) For additional information and details about Cisco IOS Software licensing and packaging on Cisco 1941 Series Integrated Services Routers, please visit http://www.cisco.com/go/1941.

Wireless and Mobility Services

Wireless LAN
The Cisco Integrated Services Routers supporting the Cisco Unified Wireless Network enable deployment of secure, manageable WLANs optimized for remote sites and branch offices, including fast secure mobility, survivable authentication, and simplified management. The Cisco Unified Wireless Network addresses critical points of potential failure and helps enable resiliency and survivability for WLANs at remote locations and branch offices. This solution protects the WLAN by providing fast recovery from a variety of faults that may occur. With Cisco’s high availability for remote WLANs, hardware and software work together to enable rapid recovery from disruptions and help ensure fault transparency to users and network applications. The new Cisco 1941W with IEEE 802.11n integrated access point support both unified and autonomous deployments. This integrated WiFi access point offers IEEE 802.11n draft 2.0 standard support for mobile access to high-bandwidth data, voice, and video applications through the use of multiple-input, multipleoutput (MIMO) technology that provides increased throughput, reliability, and predictability. IEEE 802.11n wireless networks create a cohesive working environment by combining the mobility of wireless with the performance of wired networks. Cisco has innovative, next-generation wireless solutions that offer greater performance and extended reach for pervasive wireless connectivity. IEEE 802.11n technology delivers outstanding reliability and up to nine times the throughput of current IEEE 802.11 a/b/g networks. It makes wireless networks an integral part of every type of organization by offering the following benefits: • Data rates of up to 600 Mbps support more users, devices, and mission-critical, bandwidth-intensive applications. • New MIMO technology provides predictable WLAN coverage and reliable connectivity. • Next-generation wireless technology provides superior investment protection to support emerging mobile applications. These routers help extend corporate networks to secure remote sites while giving users access to the same applications found in corporate offices for both data and voice applications. When users require WLAN access, visibility, and control of network security are even more critical at the remote site. The new fixed Cisco Integrated Services Routers meet this need with a single device that combines integrated IEEE 802.11a/b/g/n capabilities with security features such as WiFi Protected Access (WPA), including authentication with IEEE 802.1X with the Cisco Light Extensible Authentication Protocol (LEAP) and Protected EAP (PEAP) and encryption with the WPA Temporal Key Integrity Protocol (TKIP).

Key Branch Office Services
The Cisco Integrated Services Routers are industry-leading routers that offer unprecedented levels of services integration. Designed to meet the requirements of the branch office, these platforms provide a complete solution with voice, security, mobility, and data services. Businesses enjoy the benefit by deploying a single device that meets all their needs and save on capital and operational expenses.

Integrated Network Security for Data and Mobility
Security is essential to protect a business’ intellectual property while also ensuring business continuity and providing the ability to extend the corporate workplace to employees who need anytime, anywhere access to company resources. As part of the Cisco SAFE architectural framework that allows organizations to identify, prevent, and adapt to network security threats—the Cisco 1900 Series Integrated Services Routers facilitate secure business transactions and collaboration. The Cisco IOS Software Security technology package license for the Cisco 1900 Series offers a wide array of common security features such as advanced application inspection and control, threat protection, and encryption architectures for enabling more scalable and manageable VPN networks in one solution set. The Cisco 1941 Series offers native hardware-based encryption acceleration to provide greater IPsec

72

73

Cisco 1900 Series

Cisco 1900 Series

Wireless and Mobility Services continued

When to Deploy
The Cisco 1941 Integrated Services Router (ISR) delivers highly secure data, mobility, and application services. Key features include: • 2 integrated 10/100/1000 Ethernet ports • 2 enhanced High-Speed WAN Interface Card slots that can host 2 single wide or 1 double wide and 1 single wide (e)HWIC • 1 Internal Services Module slot • Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE • Security: - Embedded hardware-accelerated VPN encryption - Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy VPN - Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering - Identity management that uses authentication, authorization, and accounting (AAA), and public key infrastructure The Cisco 1900 Integrated Routers Series are targeted for small branch sites with WAN bandwidth requirements up to 25Mbps. For 1900 Series technical specifications please see the data sheet at: http://www.cisco.com/en/US/prod/collateral/routers/ps10538/data_sheet_c78_556319.html

Wireless WAN
Cisco third-generation (3G) wireless WAN (WWAN) modules combine traditional enterprise router functions, such as remote management, advanced IP services such as voice over IP (VoIP), and security, with mobility capabilities of 3G WAN access. Using high-speed 3G wireless networks, routers can replace or complement existing landline infrastructure, such as dialup, Frame Relay, and ISDN. Cisco 3G solutions support 3G standards High-Speed Packet Access (HSPA) and Evolution Data Only/Evolution Data Optimized (EVDO) providing you with a true multipath WAN backup and the ability to rapidly deploy primary WAN connectivity. For more information about 3G solutions on Cisco Integrated Services Routers, please refer to www.cisco.com/go/3g

Application Services

Wireless WAN
As organizations continue to centralize and consolidate their branch IT infrastructure in an effort to reduce cost and complexity in the branch office, they are challenged to provide adequate user experience, ensure continuous service availability, and deliver business-relevant applications when and where they are needed. To address these challenges, the Cisco 1941 Series provides the ability to host Cisco, 3rd party, and custom applications on Cisco Services Ready Engine (SRE) module that seamlessly integrate into the router. The module has its own processor, network interface, and memory that operate independently of the host router resources, helping to ensure maximum concurrent routing and application performance while reducing physical space requirements, lowering power consumption, and consolidating management.

Cisco Services Ready Engine
The Cisco Services Ready Engine solution is available in a Internal Service Module (ISM) form-factor. The Internal Service Module hardware offers up to seven times performance improvement over the previousgeneration Advanced Integration Modules and provides a x86 processor. The Cisco SRE module enables on-demand provisioning of branch-office applications on the Cisco 1900 Series platforms so that you can deploy the right application, at the right time, in the right place. The hardware and software decoupling provided by the service-ready deployment model enables applications to be provisioned on the module at the time of its installation or remotely anytime thereafter. Supported solutions include Cisco Application Extension Platform (AXP), Cisco Wireless LAN Controller (WLC), and other applications under development. The Service Ready Engine enables organizations of various sizes to future-proof their network by allowing them to quickly deploy new branch-office applications without deploying new hardware, reducing the cost of rolling out branch-office services.

Ordering Information
The Cisco 1900 Series Integrated Services Routers are orderable and shipping. For information about how to order the Cisco 1900 Series, please visit the Cisco 1900 Series Ordering Guide. To place an order, visit the Cisco Ordering Home Page. For additional product numbers, including the Cisco 1900 Series bundle offerings, please check the Cisco 1900 Series Integrated Services Router Price List or contact your local Cisco account representative.
Product Number Cisco 1941/K9 Cisco1941W-A/K9 Cisco1941W-E/K9 Cisco1941W-P/K9 Cisco1941W-N/K9 Cisco1941W-C/K9 Product Description Cisco 1941 with 2 onboard GE, 2 EHWIC slots, 1 ISM slot, 256MB CF default, 512MB DRAM default, IP Base Cisco 1941 Router w/ 802.11 a/b/g/n FCC Compliant, 2 onboard GE, 2 EHWIC slots, 256MB CF default, 512MB DRAM default, IP Base Cisco 1941 Router w/ 802.11 a/b/g/n ETSI Compliant, 2 onboard GE, 2 EHWIC slots, 256MB CF default, 512MB DRAM default, IP Base Cisco 1941 Router w/ 802.11 a/b/g/n Japan Compliant, 2 onboard GE, 2 EHWIC slots, 256MB CF default, 512MB DRAM default, IP Base Cisco 1941 Router w/ 802.11 a/b/g/n Aus and NZ Compliant, 2 onboard GE, 2 EHWIC slots, 256MB CF default, 512MB DRAM default, IP Base Cisco 1941 Router w/ 802.11 a/b/g/n China Compliant, 2 onboard GE, 2 EHWIC slots, 256MB CF default, 512MB DRAM default, IP Base

Managing Your Integrated Services Routers
Network Management applications are instrumental in lowering Operating Expenditures (OPEX) while improving network availability by simplifying and automating many of the day-to-day tasks associated with managing an end-to-end network. “Day-one-device-support” provides immediate manageability support for the Integrated Services Router enabling quick and easy deployment, monitoring, and troubleshooting from Cisco and third party applications. Organizations rely on Cisco, third-party and in-house developed network management applications to achieve their Opex and productivity goals. Underpinning those applications are the embedded management features available in every ISR. The new ISRs continue a tradition of broad and deep manageability features within the devices. Features such as IPSLA, EEM, NetFlow, allow you to know what’s going on in your network at all times. These features along with SNMP and SYSLOG support enable your organization’s management applications. Refer to Tables 4, 5 and 6 for details on IOS, Network Management and Manageability support on Cisco 1941 Series Integrated Services Routers.

74

75

Notes

Cisco 2800 Series
Cisco is redefining best-in-class enterprise and small- to medium-sized business routing with a new line of Integrated Services Routers that are optimized for the secure, wire-speed delivery of concurrent data, voice, and video services. Founded on 20 years of leadership and innovation, Cisco 2800 Series integrated services routers intelligently embed data, security, and voice services into a single, resilient system for fast, scalable delivery of mission-critical business applications. The unique integrated systems architecture of the Cisco 2800 Series delivers maximum business agility and investment protection. Benefits and Advantages

Enhanced Architecture
The Cisco 2800 Series features support for new interface cards. Depending on the router model, this can include up to four high-speed WAN interface card (HWIC) slots, up to one Enhanced Network Module (NME) slot, and up to one Extension Voice Module (EVM) slot. Embedded on the motherboard of the router is a hardwarebased VPN accelerator, up to three PVDM (Packet Voice DSP Module) slots for integrated digital signal processor (DSP) modules, two advanced integration module (AIM) slots, up to two USB 1.1 ports, and two Fast Ethernet 10/100 ports (Cisco 2801, 2811) or two Gigabit Ethernet 10/100/1000 ports (Cisco 2821, 2851). Additionally, optional support for inline power (including 802.3af) is offered.

Integrated Switching
With support of up to 64 ports of integrated switching with inline power, the Cisco 2800 Series offers an excellent platform for combining two of the most common components of any network infrastructure. Additionally, with support for the 802.3af (Power over Ethernet [PoE]) standard, the 4- and 9-port Cisco EtherSwitch HWICs and the 16-, 24-, and 48-port EtherSwitch Service Modules can provide power to any 802.3af-compliant devices, greatly expanding the number and types of devices that can be powered from the router’s integrated switch ports. An optional upgrade to the internal power supply provides power to the integrated switch ports.

Integrated Services
With the optional integration of numerous services modules, the Cisco 2800 Series offers the ability to easily integrate the functions of standalone network appliances and components into the Cisco 2800 Series chassis itself. Many of these modules, such as the Cisco Network Analysis Module, Cisco Unity™ Express Voice Mail Module, Cisco Intrusion Prevention Module, and Cisco Wide Area Application Services Module, have embedded processors and hard drives that allow them to run largely independently of the router while allowing management from a single management interface. This flexibility greatly expands the potential applications of the Cisco 2800 Series beyond traditional routing, while maintaining the benefits of integration. 77

Investment Protection and Versatility
The Cisco 2800 Series provides significant additional value compared to prior generations of Cisco routers such as the Cisco 1700 and 2600 Series routers at similar price points by offering up to a five-fold performance improvement, up to a ten-fold increase in security and voice performance, new embedded service options, and dramatically increased slot performance and density while maintaining support for most of the more than 90 existing modules that are available today for the Cisco 1700 Series and Cisco 2600 Series.

76

Cisco 2800 Series

Cisco 2800 Series

Benefits and Advantages continued

Security Features continued applications ranging from voice over IP (VoIP) and voice over Frame Relay (VoFR) transport to robust, centralized solutions using the Cisco Survivable Remote Site Telephony (SRST) solution or distributed call processing using Cisco CallManager Express (CCME). The architecture is highly scalable with the ability to support up to 96 IP phones, 12 T1/E1s trunks, 52 foreign-exchangestation (FXS) ports, or 36 foreign-exchange-office (FXO) ports concurrent with data routing and other services. Cisco IOS Firewall • Feature rich, stateful firewall • Per-user authentication and authorization • Real-time alerts • Transparent firewall • IPv6 firewall • VRF-aware firewall • Advanced Application Inspection and Control – HTTP inspection engine – E-mail inspection engines (SMTP, ESMTP, IMAP, POP) Network Foundation Protection • Control Plane Policing (CPP) • AutoSecure • CPU/Memory Threshold • Secure Shell (SSH) • Access Control List (ACL) • Command-Line Interface (CLI) • Committed Access Rate (CAR) URL Filtering • Onboard with an optional content-engine network module • Local URL filtering in Cisco IOS software based on external server Cisco IOS IPS • Inline ability to drop packet, reset connection, locally shun, or send an alarm; dynamically load and enable selected attack signatures in the same manner as Cisco IPS Appliances. For broader signature support and higher performance, look at optional IPS AIM module for ISR. IOS WebVPN (SSL VPN) • Secure remote access for mobile users without installing PC client software • Integrated into the router— no separate appliance required • Cisco 2801 supports up to 75 users, Cisco 2811 and 2821 support up to 100 users, and Cisco 2851 supports up to 150 users with AIM-VPN/ SSL-2 • Requires IOS WebVPN feature license FL-WEBVPN-10 or FL-WEBVPN-25 (purchase multiple quantities to add up to the desired number of users) • Requires an IOS security feature set (IOS security feature set is included in all secure router bundles)
URL Filtering

Secure Networking
Integrated on the motherboard of every Cisco 2800 Series router is hardware-based encryption acceleration that offloads the encryption processes to provide greater IPsec throughput with less overhead for the router CPU, when compared with software-based solutions. With the optional integration of VPN modules (for enhanced performance and tunnel count), intrusion prevention modules or NAC network modules for network admission control, combined with the rich Cisco IOS Software security feature set that includes firewall, intrusion prevention, voice and video-enabled VPN (V3PN), Group Encrypted Transport (GET) VPN and Dynamic Multipoint VPN (DMVPN), Cisco offers the industry’s most robust and adaptable security solution for branch-office routers.

Onboard USB 1.1 port • 1 or 2 onboard USB 1.1 ports • Secure token and Flash memory support Security Solutions • Network Admission Control (NAC) • Voice and Video Enabled IPsec VPN (V3PN) Optional Security Modules • Intrusion Prevention System (AIM-VPN-K9) • VPN and Encryption Advanced Integration Modules (AIM-VPN/SSL-2) • Network Admission Control Network Module (NME-NAC-K9) Cisco Router and Security Device Manager (SDM) • Ships by default Certifications • ICSA IPsec • ICSA Firewall • Common Criteria IPsec (EAL4) (in process) • Common Criteria Firewall (EAL4+) (in process) • FIPS 140-2, Level 2 (in process)

Video Surveillance
The Cisco® Integrated Video Surveillance solution enables you to rapidly deploy highly distributed, IP-enabled video surveillance at your offices while migrating traditional analog surveillance equipment to IP. The solution based on Cisco 2800 and 3800 Series ISR offers the lowest total cost of ownership (TCO) for the branch office, ease of integration through network transparency, reliable data interoperability, and maximized overall security. It allows you to consolidate costly branch-office servers and deploy new applications centrally while still offering real-time access to physical security video and data.

IP Telephony
The Cisco 2800 Series allows network managers to provide scalable analog and digital telephony without investing in a one-time solution, giving enterprises greater control of their converged telephony needs. Using voice and fax modules, the Cisco 2800 Series can be deployed for

Security Features
IPsec VPN • Advanced Encryption Standard (AES) 128, 192, and 256; Triple Data Encryption Standard (3DES); and DES cryptology support • Embedded hardware-based VPN acceleration on the motherboard • Cisco Easy VPN remote; Cisco Easy VPN server • Dynamic Multipoint VPN (DMVPN) • Group Encrypted Transport (GETVPN) • Virtual Tunnel Interfaces (VTI) • VPN QoS—Preclassification support Multiprotocol Label Switching (MPLS) VPN Support • Limited provider edge capabilities • Virtual Routing and Forwarding (VRF) firewall and VRF IPsec

Series Features Overview
Features Multiprotocol Label Switching (MPLS) VPN Support Intrusion Prevention System (IPS) Details Specific Provider Edge (PE) capabilities More than 1600 IPS signatures supported in Cisco IOS Software, with the ability to load and enable selected IPS signatures Optional high-performance IPS Network Module with more than 2000 signatures Onboard filtering with an optional content engine network module Local URL filtering in Cisco IOS Software based on external server Comes standard on all Cisco 2800 Series routers Cisco Router and Security Device Manager (SDM), version 2.0 and Above Media Authentication and Encryption Standards-based authentication and encryption using secure RTP provides a secure environment for IP Communications Advanced Encryption Standard (AES) 256-bit cryptography support

IP Telephony Features
IP Phone Support Optional integrated power supply with inline power, 802.3af support Up to 360W of inline power (Note: requires power supply upgrade) Analog Voice Support One EVM on the Cisco 2821 and Cisco 2851 Up to 52 FXS and 36 FXO ports

78

79

Cisco 2800 Series

Cisco 2800 Series

Series Features Overview continued
Features Details

Application Example
Options • Complete Cisco IP Communications and voice gateway capabilities • Cisco Survivable Remote Site Telephony (SRST) • Cisco Communications Express and Cisco Unity™ Express • Integrated stateful firewall Site-to-Site VPN using technologies such as EasyVPN, GET VPN, DMVPN • Network admission control (NAC), and intrusion prevention • Wide Area Application Services Acceleration • Wireless WAN Backup (3G CDMA and GSM) • Network Analysis • Circuit Emulation over IP (CEoIP) • Integrated low-density switching with PoE support • Video Surveillance, Management and Storage • Application Performance Assurance • Application eXtensions Platform (AXP)

IP Telephony Features continued
Digital Voice Support DSP (PVDM) Slots on Motherboard Cisco CallManager Express (CCME) Cisco SRST Voice Mail and Automated Attendant Voice Interfaces Up to 192 calls Up to three DSP slots on motherboard Local Conferencing and Transcoding Up to 96 phones Up to 96 phones Up to 250 mailboxes with up to 16 concurrent sessions using Cisco Unity™ Express Network Module FXS, FXO, Direct Inward Dial (DID), E&M, Centralized Automated Message Accounting (CAMA), Cisco Unity Express (CUE), Basic Rate Interface (BRI), T1, E1 Primary Rate Interface (PRI), Q.SIG, Channel Associated Signaling (CAS)

Network Example
Local Phone and PBX Connections Fully Integrated Security Services

Platform Overview
Compact Flash (MB) Default Max 64 128

Integrated IPsec, Firewall, IPS, IP Communications, QoS, and Content Networking

PSTN

Models Cisco 2801

NME 0***

EVM AIM HWIC PVDM* 0 2 2** 2

Fixed LAN Ports 2 FE

DRAM (MB) Default Max 128 384

Power Supply AC, AC-IP AC, AC-IP, DC

WAN

Cisco 2811

1

0

2

4

2

2 FE

256

768

64

256

IP
Comprehensive IP Connectivity and Services

Internet

Cisco 2821
Support for Local Legacy Systems Broad Range of Connectivity Options to Corporate WAN, Internet, and PSTN for Primary and Backup Data

1 NME or NME-X

1

2

4

3

2 GE

256

1024

64

256

AC, AC-IP, DC

When To Deploy
Deploy the Cisco 2800 Series when you need: • Performance and densities for concurrent data, security, voice, and advanced services up to multiple T1/E1/xDSL connections • VPN connections, or plan to migrate to them over time • Integrated security services as part of the Cisco Self Defending Network, which enable network device protection, threat defense, secure connectivity, and endpoint protection and control • Ability to upgrade the internal power supply to support integrated 10/100 switching with PoE support for up to 64 ports with inline power 80 • High-availability features such as an integrated Redundant Power Supply (RPS) connector for quick connections to an external redundant power supply, Error Correction Code (ECC) Double Data Rate (DDR) SDRAM memory to detect and correct SDRAM errors without user intervention, and Cisco IOS Software warm reboot support for reduced downtime caused by system reboots (Note: Cisco 2801 does not support ECC DDR DRAM.) • Secure integrated call processing, voice mail and automated attendant, flexible telephony interfaces, redundancy for centralized call processing, or robust DSP support, including local conferencing and transcoding • Advanced management for security, routing, Quality of Service (QoS), and switching services with Cisco SDM Version 2.0

Cisco 2851

1 NME, NMD, NME-X, or NME-XD

1

2

4

3

2 GE

256

1024

64

256

AC, AC-IP, DC

* Number of PVDM slots on the motherboard, additional DSP resources can be added using a network module ** Four interface card slots total are supported on the Cisco 2801 router; two slots support HWIC, WIC, VIC, or VWIC modules; one slot supports WIC, VIC, or VWIC modules; one slot supports VIC or VWIC modules (in voice mode only) *** Cisco 2801 router does not support network modules

81

Cisco 2800 Series

Cisco 2800 Series

Series Specifications
Dimensions (H x W x D) Cisco 2801 Cisco 2811 Cisco 2821, Cisco 2851 Console Port Auxiliary Port USB Port Cisco 2801 Cisco 2811, Cisco 2821, and Cisco 2851 Integrated Channel Service Unit/Data Service Unit (CSU/DSU) Voice/Data Support Compression Encryption Maximum 10/100 Switch Ports with Inline Power Cisco 2801 Cisco 2811 Cisco 2821 Cisco 2851 Maximum Inline Power Distribution Cisco 2801 Cisco 2811 Cisco 2821 Cisco 2851 Maximum 1 GB Ports Maximum Token Ring Ports Maximum High-speed Serial (up to 2 Mbps) Maximum Low-speed Serial (up to 128 Kbps) Maximum Integrated Modems Maximum ISDN BRI Ports Maximum ISDN PRI Ports Integrated RPS Connector Cisco 2801 Cisco 2811, Cisco 2821, Cisco 2851 Minimum Cisco IOS Software Release Cisco 2801 Cisco 2811 Cisco 2821 Cisco 2851

Ordering Information
All Cisco 2800 Series chassis ship with IP Base software, 64 MB of Compact Flash, either 128 or 256 MB of SDRAM, console, auxiliary and LAN cables, a power cord, 19-inch rack-mount brackets, and blank panels that cover unused WIC or network module slots. Optional items: • Cisco IOS Software feature set upgrade or revision; IP Base is default and included with the chassis • Several voice/WAN interface card options • Several WAN/LAN network module options
1 2 Yes, with optional T1/E1, Fractional T1/E1, 56k/64k support Yes, for voice through VIC, VWIC, NM, and EVM Software and hardware, with optional AIM support Hardware support on motherboard; optional AIM for enhanced performance

1.72 x 17.5 x 16.5 in. (43.7 x 445 x 419 mm); 1-rack unit (RU) height 1.75 x 17.25 x 16.4 in. (44.5 x 438.2 x 416.6 mm); 1 RU height 3.5 x 17.25 x 16.4 in. (88.9 x 438.2 x 416.6 mm) 2 RU height 1 (up to 115.2 Kbps) 1 (up to 115.2 Kbps)

• Optional MFT Dedicated Echo Cancellation Modules for select voice/WAN interface cards • Between 2 and 3 PVDMs plus additional PVDM capacity on select network modules • Several services module options, including content engine, IPS, network analysis, and CESoIP • Up to 2 AIMs • Cisco EtherSwitch modules (4-, 9-, 16-, 24- [Cisco 2821 or 2851 only] or 48-port [Cisco 2851 only]) • External RPS (Cisco RPS-675 [not supported on 2801]) • Flash/SDRAM memory upgrade • Cables • Feature license for IP Telephony

16 32 40 64 120W 160W 240W 360W 5, including HWIC and NME modules (not supported on Cisco 2801) 0 20 48 synchronous, 96 asynchronous 24 analog 20 2

Product Number

Product Description

Cisco 2800 Series Base Chassis Part Numbers
CISCO2851 CISCO2851-AC-IP Integrated Services Router with AC power, 2 GbE, slots for 1 NME-XD, 1EVM, 4 HWICs, 2 AIMs, 3 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with AC power including inline power distribution capability, 2 GbE, slots for 1 NME-XD, 1 EVM, 4 HWICs, 2 AIMs, 3 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with DC power, 2 GbE, slots for 1 NME-XD, 1 EVM, 4 HWICs, 2 AIMs, 3 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with AC power, 2 GbE, slots for 1 NME-X, 1 EVM, 4 HWICs, 2 AIMs, 3 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with AC power including inline power distribution capability, 2 GbE, slots for 1 NME-X, 1 EVM, 4 HWICs, 2 AIMs, 3 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with DC power, 2 GbE, slots for 1 NME-X, 1 EVM, 4 HWICs, 2 AIMs, 3 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with AC power, 2FE, slots for 1 NME, 4 HWICs, 2 AIMs, 2 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with AC power including inline power distribution, 2FE, slots for 1 NME, 4 HWICs, 2 AIMs, 2 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with DC power, 2FE, slots for 1 NME, 4 HWICs, 2 AIMs, 2 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with AC power, 2FE, slots for 4 Interface Cards, 2 AIMs, 2 PVDMs; and Cisco IOS IP Base Software Integrated Services Router with AC power including inline power distribution, 2FE, slots for 4 Interface Cards, 2 AIMs, 2 PVDMs; and Cisco IOS IP Base Software

CISCO2851-DC CISCO2821 CISCO2821-AC-IP

CISCO2821-DC CISCO2811

No Yes; use Cisco RPS-675 Redundant Power System 12.3(8)T4 12.3(8)T4 12.3(8)T4 12.3(8)T4

CISCO2811-AC-IP CISCO2811-DC CISCO2801 CISCO2801-AC-IP

82

83

Cisco 2800 Series

Cisco 2800 Series

Product Bundles
Product Number Product Description

Product Bundles continued
Product Number Product Description

HSEC Bundles
C2851-H-VSEC/K9 Cisco 2851 HVSEC Bundle with IOS Advanced IP Services, PVDM2-48, AIM-VPN/SSL-2, 50 User SRST License, 10 User SSL VPN License, 256 MB Flash/512 MB DRAM Cisco 2821 HVSEC Bundle with IOS Advanced IP Services, PVDM2-32, AIM-VPN/SSL-2, 50 User SRST License, 10 User SSL VPN License, 256 MB Flash/512 MB DRAM Cisco 2811 HVSEC Bundle with IOS Advanced IP Services, PVDM2-16, AIM-VPN/SSL-2, 35 User SRST License, 10 User SSL VPN License, 256 MB Flash/512 MB DRAM Cisco 2801 HVSEC Bundle with IOS Advanced IP Services, PVDM2-8, AIM-VPN/SSL-2, 25 User SRST License, 10 User SSL VPN License, 128 MB Flash/384 MB DRAM Cisco 2851 Security Bundle with IOS Advanced IP Services Image, AIM-VPN/SSL-2, 64 MB Flash/256 MB DRAM, 10 User SSL License Cisco 2821 Security Bundle with IOS Advanced IP Services Image, AIM-VPN/SSL-2, 64 MB Flash/256 MB DRAM, 10 User SSL License Cisco 2811 Security Bundle with IOS Advanced Security Image, 64 MB Flash/256 MB DRAM Cisco 2811 Security Bundle with IOS Advanced IP Services Image, AIM-VPN/SSL-2, 64 MB Flash/256 MB DRAM, 10 User SSL License Cisco 2801 Security Bundle with IOS Advanced IP Services Image, AIM-VPN/SSL-2, 64 MB Flash/256 MB DRAM, 10 User SSL License

Secure Voice Bundles continued
C2801-VSEC/K9 C2811-VSEC/K9 C2821-VSEC/K9 C2851-VSEC/K9 Cisco 2801 Voice Security Bundle, PVDM2-8, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM Cisco 2811 Voice Security Bundle, PVDM2-16, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM Cisco 2821 Voice Security Bundle, PVDM2-32, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM Cisco 2851 Voice Security Bundle, PVDM2-48, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM

C2821-H-VSEC/K9

C2811-H-VSEC/K9

C2801-H-VSEC/K9

Voice Bundles
CISCO2851-V/K9 CISCO2851-CCME/K9 CISCO2851-SRST/K9 C2851-35UC/K9 Cisco 2851 voice bundle with PVDM2-48, 64 MB Compact Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2851 voice bundle with PVDM2-48, CCME featuring 96-phone license, 128 MB Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2851 voice bundle with PVDM2-48, SRST featuring 96-phone license, 128 MB Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2851 Unified Communications Bundle with IOS SP Services, PVDM2-48, AIM-CUE, 35 User Licences (CCME, CUE, and Phone User licences), 10 Unified CallConnector Personal Licences, 128 MB Flash/256 MB DRAM Cisco 2821 voice bundle with PVDM2-32, 64 MB Compact Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2821 voice bundle with PVDM2-32, CCME featuring 48-phone license, 128 MB Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2821 voice bundle with PVDM2-32, SRST featuring 48-phone license, 64 MB Compact Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2821 Unified Communications Bundle with IOS SP Services, PVDM2-32, AIM-CUE, 25 User Licences (CCME, CUE, and Phone User licences), 10 Unified CallConnector Personal Licences, 128 MB Flash/256 MB DRAM Cisco 2811 voice bundle with PVDM2-16, 64 MB Compact Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2811 voice bundle with PVDM2-16, CCME featuring 36-phone license, 128 MB Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2811 voice bundle with PVDM2-16, SRST featuring 36-phone license, 128 MB Flash/256 MB DRAM, and Cisco IOS SP services Cisco 2811 Unified Communications Bundle with IOS SP Services, PVDM2-32, AIM-CUE, 15 User Licences (CCME, CUE, and Phone User licences), 5 Unified CallConnector Personal Licences, 128 MB Flash/256 MB DRAM Cisco 2801 voice bundle, PVDM2-8, Cisco IOS SP services, 64 MB Compact Flash/256 MB DRAM Cisco 2801 voice bundle with CCME featuring 24-phone license, Cisco IOS SP services, 64 MB Compact Flash/256 MB DRAM Cisco 2801 voice bundle with SRST featuring 24-phone license, Cisco IOS SP services, 64 MB Compact Flash/256 MB DRAM Cisco 2801 Unified Communications Bundle with IOS SP Services, PVDM2-32, AIM-CUE, 10 User Licences (CCME, CUE, and Phone User licences), 2 Unified CallConnector Personal Licences, 128 MB Flash/256 MB DRAM

CISCO2851-HSEC/K9 CISCO2821-HSEC/K9 CISCO2811-SEC/K9 CISCO2811-HSEC/K9 CISCO2801-HSEC/K9

CISCO2821-V/K9 CISCO2821-CCME/K9 CISCO2821-SRST/K9 C2821-25UC/K9

Secure Voice Bundles
CISCO2801-V3PN/K9 CISCO2811-V3PN/K9 CISCO2821-V3PN/K9 CISCO2851-V3PN/K9 C2801-VSEC-CCME/K9 C2801-VSEC-SRST/K9 C2811-VSEC-CCME/K9 C2811-VSEC-SRST/K9 C2821-VSEC-CCME/K9 C2821-VSEC-SRST/K9 C2851-VSEC-CCME/K9 C2851-VSEC-SRST/K9 Cisco 2801 V3PN bundle, with AIM-VPN, PVDM2-8, FL-CCME-24, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM Cisco 2811 V3PN bundle with AIM-VPN, PVDM2-16, CCME-36, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM Cisco 2821 V3PN bundle with AIM-VPN, PVDM2-32, CCME-48, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM Cisco 2851 V3PN bundle with AIM-VPN, PVDM2-48, CCME-72, IOS Advanced IP Services, 64 MB Flash/256 MB DRAM Cisco 2801 VSEC Bundle with PVDM2-8, FL-CCME-24, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM Cisco 2801 VSEC Bundle with PVDM2-8, FL-SRST-24, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM Cisco 2811 VSEC Bundle with PVDM2-16, FL-CCME-36, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM Cisco 2811 VSEC Bundle with PVDM2-16, FL-SRST-36, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM Cisco 2821 VSEC Bundle with PVDM2-32, FL-CCME-48, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM Cisco 2821 VSEC Bundle with PVDM2-32, FL-SRST-48, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM Cisco 2851 VSEC Bundle with PVDM2-48, FL-CCME-96, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM Cisco 2851 VSEC Bundle with PVDM2-48, FL-SRST-96, IOS Advanced IP Services, 128 MB Flash/256 MB DRAM CISCO2801-V/K9 CISCO2801-CCME/K9 CISCO2801-SRST/K9 C2801-10UC/K9

CISCO2811-V/K9 CISCO2811-CCME/K9 CISCO2811-SRST/K9 C2811-15UC/K9

84

85

Cisco 2800 Series

Cisco 2800 Series

Product Bundles continued
Product Number Product Description

Product Bundles continued
Product Number Product Description

Security Bundles
CISCO2851-SEC/K9 CISCO2851-HSEC/K9 CISCO2821-SEC/K9 CISCO2821-HSEC/K9 CISCO2811-SEC/K9 CISCO2811-HSEC/K9 CISCO2801-SEC/K9 CISCO2801-HSEC/K9 Cisco 2851 security bundle with Cisco IOS advanced security, and 64 MB Compact Flash/256 MB DRAM Cisco 2851 security bundle with Cisco IOS advanced IP services, 64 MB Compact Flash/256 MB DRAM, and AIM-VPN-EPII-PLUS Cisco 2821 security bundle with Cisco IOS advanced security, and 64 MB Compact Flash/256 MB DRAM Cisco 2821 security bundle with Cisco IOS advanced IP services, 64 MB Compact Flash/256 MB DRAM, and AIM-VPN-EPII-PLUS Cisco 2811 security bundle with Cisco IOS advanced security, and 64 MB Compact Flash/256 MB DRAM Cisco 2811 security bundle with Cisco IOS advanced IP services, 64 MB Compact Flash/256 MB DRAM, and AIM-VPN-EPII-PLUS Cisco 2801 Security bundle with Cisco IOS advanced security, and 64 MB Compact Flash/256 MB DRAM Cisco 2801 security bundle with AIM-VPN-EPII-PLUS, Cisco IOS advanced IP services, and 64 MB Compact Flash/256 MB DRAM

3G Bundles
C2811-3G-G-SEC/K9 C2811-3G-V-SEC/K9 C2811-3G-S-SEC/K9 Cisco 2811, HWIC-3G-GSM, 64MB FL /256MB DRAM, Adv Security Cisco 2811, HWIC-3G-CDMA-V, 64MB FL/256MB DRAM, Adv Security Cisco 2811, HWIC-3G-CDMA-S, 64MB FL/256MB DRAM, Adv Security

Broadband Bundles
CISCO2811-ADSL/K9 CISCO2801-ADSL/K9 CISCO2801-ADSL2/K9 CISCO2811-ADSL2/K9 C2801-SHDSL-V3/K9 C2801-2SHDSL/K9 C2801-4SHDSL/K9 C2811-SHDSL-V3/K9 C2811-2SHDSL/K9 C2811-4SHDSL/K9 C2821-4SHDSL/K9 Cisco 2811 ADSL bundle, WIC-1ADSL (ADSLoPOTS), 64 MB Compact Flash/256 MB DRAM, Cisco IOS SP services Cisco 2801 DSL bundle, WIC-1ADSL (ADSLoPOTS), Cisco IOS SP Services, 64 MB Compact Flash/192 MB DRAM Cisco 2801 bundle, HWIC-1ADSL, SP Services, 64 MB Flash/192 MB DRAM Cisco 2811 bundle, HWIC-1ADSL, SP Services, 64 MB Flash/256 MB DRAM Cisco 2801 bundle, WIC-1SHDSL-V3, SP Services, 64 MB Flash/256 MB DRAM Cisco 2801 2-pair G.SHDSL bundle, HWIC-2SHDSL, SP Services, 64 MB Flash/192 MB DRAM Cisco 2801 4-pair G.SHDSL bundle, HWIC-4SHDSL, SP Services, 64 MB Flash/192 MB DRAM Cisco 2811 DSL bundle, WIC-1SHDSL-V3 (4-wire), SP Services, 64 MB Flash/256 MB DRAM Cisco 2811 2-pair G.SHDSL bundle, HWIC-2SHDSL, SP Services, 64 MB Flash/256 MB DRAM Cisco 2811 4-pair G.SHDSL bundle, HWIC-4SHDSL, SP Services, 64 MB Flash/256 MB DRAM Cisco 2821 4-pair G.SHDSL bundle, HWIC-4SHDSL, SP Services, 64 MB Flash/256 MB DRAM

WAN Optimization Bundles
CISCO2851-WAE/K9 CISCO2821-WAE/K9 CISCO2811-WAE/K9 CISCO2811-WAE-302/K9 2851, NME-WAE-502-K9, WAAS Trans, ASK9, 128F/256D 2821, NME-WAE-502-K9, WAAS Trans, ASK9, 128F/256D 2811, NME-WAE-502-K9, WAAS Trans, ASK9, 64F/256D 2811, NME-WAE-302-K9, WAAS Trans, ASK9, 64F/256D

86

87

Notes

Cisco 2900 Series Integrated Services Routers
The Cisco® 2900 Series Integrated Services Routers build on 25 years of Cisco innovation and product leadership. The new platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while maximizing operational cost savings. The Integrated Services Routers Generation 2 platforms are future-enabled with multi-core CPUs, support for high capacity DSPs (Digital Signal Processors) for future enhanced video capabilities, high powered service modules with improved availability, Gigabit Ethernet switching with enhanced POE, and new energy monitoring and control capabilities while enhancing overall system performance. Additionally, a new Cisco IOS® Software Universal image and Services Ready Engine module enable you to decouple the deployment of hardware and software, providing a flexible technology foundation which can quickly adapt to evolving network requirements. Overall, the Cisco 2900 Series offer unparalleled total cost of ownership savings and network agility through the intelligent integration of market leading security, unified communications, wireless, and application services. Benefits and Advantages

Services on Demand
The Cisco 2900 Series Integrated Services Routers extend this leadership in total cost of ownership by reducing initial capital outlays by decoupling the delivery of software from hardware on optional service modules. In addition, customers receive a Universal IOS image, capable of enabling all of Cisco’s rich IOS features allowing you to quickly deploy new services without having to download a new IOS image.

Energy Efficiency
The Cisco 2900 architecture has been designed with higher efficiency power supplies that provide energy-savings features that include intelligent power management, allowing customers to control power to a specific module based on time of day, with full Cisco EnergyWise feature support in the future. Cisco 2900 Series builds on the best-in-class offering of the existing Cisco 2800 Series Integrated Services Routers by offering four platforms (Figure 1): the Cisco 2901, 2911, 2921, and 2951 Integrated Services Routers. All Cisco 2900 Series Integrated Services Routers offer embedded hardware encryption acceleration, voice- and video-capable digital signal processor (DSP) slots, optional firewall, intrusion prevention, call processing, voicemail, and application services. In addition, the platforms support the industries widest range of wired and wireless connectivity options such as T1/E1, xDSL, copper and fiber GE. 89

Investment Protection
The Cisco 2900 Series extends its leadership in total cost of ownership by reducing deployment costs and increasing flexibility. The platform also offers investment protection with support for many of the existing ISR modules.

88

Cisco 2900 Series

Cisco 2900 Series

Benefits and Advantages continued
Overall, the Cisco 2900 Series offers unparalleled operational savings and network agility through the continued intelligent integration of market leading security, unified communications, wireless, and application optimization services.

Benefits and Advantages continued

Key Business Benefits
The Integrated Services Routers Generation 2 (ISR G2) provide superior services integration and agility. Designed for scalability, the modular architecture of these platforms enables you to grow and adapt with your business needs. The table below lists the business benefits of the Cisco 2900 Series.

Benfits Energy Efficiency

Description The Cisco 2900 Series architecture provides energy-saving features that include the following: • The Cisco 2900 Series offers intelligent power management and allows the customer to control power to the modules based on the time of day. Cisco EnergyWise technology will be supported in the future. • Services integration and modularity on a single platform performing multiple functions, optimizes raw materials consumption and energy usage. • Platform flexibility and ongoing development of both hardware and software capabilities lead to a longer product lifecycle, lowering all aspects of the total cost of ownership, including materials and energy use. • High efficiency power supplies are provided with each platform.

Benfits Services Integration

Description • The Cisco 2900 Series ISRs offer increased levels of services integration with voice, video, security, wireless, mobility, and data services, enabling greater efficiencies and cost savings. • A single Cisco IOS® Software Universal image is installed on each ISR G2. The Universal image contains all of the Cisco IOS technology sets which can be activated with a software license. This allows your business to quickly deploy advanced features without downloading a new IOS image. Additionally, larger default memory is included to support the new capabilities. • The Cisco Services Ready Engine (SRE) enables a new operational model which allows you to reduce capital expenditures (CapEx) and deploy a variety of application services as needed on a single integrated compute services module. Investment Protection

Services on Demand

The Cisco 2900 Series maximizes investment protection: • Reuse of a broad array of existing modules supported on the original Integrated Services Routers provides a lower cost of ownership • A rich set of Cisco IOS Software features carried forward from the original Integrated Services Routers and delivered in a single universal image. • Flexibility to adapt as your business needs evolve.

High Performance with Integrated Services

• The Cisco 2900 Series enables deployment in high speed WAN environments with concurrent services enabled up to 75 Mbps. • A multigigabit fabric (MGF) enables high-bandwidth module-tomodule communication without compromising routing performance.

Network Agility

• Designed to address customer business requirements, the Cisco 2900 Series modular architecture offers increased capacity and performance as your network needs grow. • Modular interfaces offer increased bandwidth, a diversity of connection options, and network resiliency.

90

91

Cisco 2900 Series

Cisco 2900 Series

Platform Architecture and Modularity
The Cisco 2900 Series is architected to meet the application demands of today’s branch offices with design flexibility for future applications. The modular architecture is designed to support increasing bandwidth requirements, time-division multiplexing (TDM) interconnections, and fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE (ePoE).

Platform Architecture and Modularity
Architectural Feature Optional External Redundant Power Supply (RPS) Description • The Cisco 2911, 2921, and 2951 allow for power redundancy through the use of an external RPS device, thereby decreasing network downtime and protecting the network from power-supply failures. • Redundant power on the Cisco 2900 Series is supported through the Cisco RPS 2300 Redundant Power System. You can use the Cisco RPS 2300 to provide redundant power for Cisco 2900 Series ISRs as well as Cisco Catalyst® switches. • In order to use the Cisco RPS 2300, an external RPS adapter is required (configurable option) to connect the platform to the external RPS. PoE Boost • When connected to an external RPS device, the Cisco 2911, 2921, and 2951 can operate in a PoE boost configuration in lieu of redundant power mode—whereby the power capacity of the platform is increased to twice the normal level to power additional PoE ports. • The Cisco 2911 and 2951 are designed for NEBS environments • The 2911 is 12 inches deep and has an optional fan filter for deployments in a variety of environments. An assembly that provides front-to-back airflow is also available for 23 inch racks.

Architectural Feature Modular Platform

Description • The Cisco 2900 Series ISRs are highly modular platforms with several types of module slots to add connectivity and services for varied branch-office network requirements. • The ISRs offer an industry-leading breadth of LAN and WAN connectivity options through modules to accommodate field upgrades for future technologies without requiring a platform replacement.

Processors

• The Cisco 2900 Series are powered by high-performance multi-core processors that can support the growing demands of high-speed WAN connections to the branch-office while also running multiple concurrent services. • Embedded hardware encryption acceleration is enhanced to provide higher scalability, which combined with an optional Cisco IOS Security license, enables WAN link security and VPN services (both IPsec and SSL acceleration). • The onboard encryption hardware replaces and outperforms the advanced integration modules (AIMs) of previous generations.

Designed for Flexible Deployments

Embedded IP Security with Security Sockets Layer (IPsec/SSL) VPN Hardware Acceleration

Multigigabit Fabric (MGF)

• The Cisco 2900 Series introduces an innovative multigigabit fabric (MGF) that allows for efficient module-to-module communication, enabling tighter services interactions across modules while reducing the overhead on the route processor. • Unified communications services in the branch office are significantly enhanced with the use of a TDM interconnectivity fabric in the system architecture, allowing for scaling of DS-0 channel capacity. • All onboard WAN ports are 10/100/1000 Gigabit Ethernet WAN routed ports. • One of the three 10/100/1000 Ethernet WAN ports on the Cisco 2921 and 2951 supports Small Form-Factor Pluggable (SFP)-based connectivity in lieu of a RJ-45 port and enabling fiber connectivity.

TDM Interconnectivity Fabric

Integrated Gigabit Ethernet Ports

Innovative Universal-Serial-Bus (USB)-based Console Access

• A new, innovative USB console port offers management connectivity for devices without a serial port such as modern laptop computers. • Traditional console and auxiliary ports are also available.

Optional Integrated Power Supply for Distribution of PoE and Universal DC Power Supply

• An optional upgrade to the internal power supply provides inline power (802.3af-compliant PoE and Cisco Inline Power) to integrated switch modules. • On the Cisco 2911, 2921, and 2951, an optional DC power supply will be available in the future that extends deployment into central offices and industrial environments.

92

93

Cisco 2900 Series

Cisco 2900 Series

Modularity Features and Benefits
The Cisco 2900 Series provides significantly enhanced modular capabilities (refer to Table 3) offering investment protection for customers. Most of the modules available on previous generations of Cisco routers, such as the Cisco 2800 Series, are supported on the Cisco 2900 Series. Additionally, modules can be used on other supported Cisco platforms to provide maximum investment protection. Taking advantage of common interface cards across a network greatly reduces the complexity of managing inventory requirements, implementing large network rollouts, and maintaining configurations across a variety of branch-office sizes. A complete list of supported modules, including a list of supported SFPs for the Cisco 2900 Series, is available at: http://www.cisco.com/go/2900.

Modularity Features and Benefits
ISR Modules Cisco Internal Services Module (ISM) Description • A single ISM slot provides flexibility to integrate intelligent service modules on an internal slot within the chassis • Each ISM slot offers high-data-throughput capability:

- Up to 4 Gbps aggregate toward the route processor - Up to 2 Gbps aggregate to other module slots over the MGF • The ISM replaces the AIM slot; existing AIM modules are not supported in the ISM slot. • Power to ISM slots can be managed by extensions similar to the Cisco EnergyWise framework, so your organization can reduce energy consumption in your network infrastructure. Full EnergyWise support will be available in future software releases. • PVDM3 slots natively support PVDM3 modules, providing support for richer density for rich-media voice and video. • Each PVDM3 slot connects back to the system architecture through a 2 Gbps aggregate link through the MGF. • Investment protection for PVDM2 modules is supported through an adapter module. • Power to the PVDM slots can be managed by extensions similar to the Cisco EnergyWise framework, so your organization can reduce energy consumption in your network infrastructure. Full EnergyWise support will be available in future software releases. • Two external Compact Flash slots are available on the Cisco 2900 Series Integrated Services Routers. Each slot can support high-speed storage densities upgradeable to 4 GB in density. • Two high-speed USB 2.0 ports are supported. The USB ports enable secure token capabilities and storage.

ISR Modules Cisco Service Module

Description • Each service module slot offers high-data-throughput capability: - Up to 4 Gbps aggregate toward the route processor - Up to 2 Gbps aggregate to other module slots over MGF • Service module (SM) slots are highly flexible with support for doublewide service modules (SM-D’s), which are Service Modules that require two SM slots. SM-Ds in the Cisco 2921 and 2951 provide flexibility for higher-density modules. • A service module slot replaces the network module and the extension module for voice/fax (EVM) slots and is offered on Cisco 2911, 2921, and 2951 ISRs. • An adapter module enables backward compatibility with existing network modules, enhanced network modules (NMEs), and EVMs. • Service module slots provide twice the power capabilities relative to the network-module slots, allowing for flexibility for higher-scale and better-performance modules. • Power to service module slots can be managed by extensions similar to the Cisco EnergyWise framework, so your organization can reduce energy consumption in your network infrastructure. Full EnergyWise support will be available in future software releases. Compact Flash Slots Cisco High-Density Packet Voice Digital Signal Processor (DSP) Module (PVDM3) Slots on Motherboard

USB 2.0 ports

Cisco Enhanced High-Speed WAN Interface Card (EHWIC)

• The EHWIC slot provides enhancements to the prior generation’s high-speed WAN interface card (HWIC) slots while provide maximum investment protection by natively supporting HWICs, WAN interface cards (WICs), voice interface cards (VICs), and voice/WAN interface cards (VWICs). • Four integrated EHWIC slots on the Cisco 2901, 2911, 2921, and 2951 allow for more flexible configurations. • Each HWIC slot offers high-data-throughput capability: - Up to 1.6 Gbps aggregate toward the route processor - Up to 2 Gbps aggregate to other module slots over the MGF • Flexibility to support double-wide modules is enabled by combining two EHWIC slots. Up to 2 double-wide HWIC (HWIC-D) modules are supported.

94

95

Cisco 2900 Series

Cisco 2900 Series

Cisco IOS Software
Cisco 2900 Series Integrated Services Routers deliver innovative technologies running on industry-leading Cisco IOS Software. Developed for wide deployment in the world’s most demanding enterprise, access, and service provider networks, the Integrated Services Routers Generation 2 platforms are supported on Cisco IOS Software releases 15M&T. Release 15.0(1)M is available immediately and provides support for a comprehensive portfolio of Cisco technologies, including the functionality and features delivered in releases 12.4 and 12.4T. New innovations in 15.0(1)M span multiple technology areas, including security, voice, high availability, IP Routing and Multicast, quality of service (QoS), IP Mobility, Multiprotocol Label Switching (MPLS), VPNs, and embedded management.

Cisco IOS Software continued

Key Branch-Office Services
The Cisco Integrated Services Routers are industry-leading platforms that offer unprecedented levels of services integration. Designed to meet the requirements of the branch office, these platforms provide a complete solution with voice, video, security, mobility and application services. Businesses enjoy the benefit of deploying a single device that meets all their needs, reducing capital and operational expenses.

Cisco Unified Communications Manager Express and Survivable Remote Site Telephony
The Cisco Integrated Services Routers natively provide optional unified communications services within the Cisco IOS Software, minimizing the IT hardware footprint and total cost of ownership at the branch office. Cisco Unified Communications Manager Express (CME) provides a broad range of IP private-branch-exchange (PBX) and key-system features integrated into the router for the small and midsize branch office. Cisco Survivable Remote Site Telephony (SRST), also inherently available in Cisco IOS Software, and an option on the Cisco 2900 Series, helps ensure that branch-office employees have uninterrupted telephony services and features, even if the connection to a centralized Cisco Unified Communications Manager is disrupted. Coupled with Cisco Unity® Express, the integrated solution for voicemail, Automated Attendant, and interactive voice response (IVR), the Cisco 2900 Series offers the branch office a complete range of unified communications services while delivering industry-leading security within a single platform.

Integrated Network Security for Data, Voice, Video, and Mobility
Security is essential to protect a business’ intellectual property while also ensuring business continuity and providing the ability to extend the corporate workplace to employees who need anytime, anywhere access to company resources. As part of the Cisco’ SAFE architectural framework that allows organizations to identify, prevent, and adapt to network security threats, the Cisco 2900 Series Integrated Services Routers facilitate secure business transactions and collaboration. The Cisco IOS Software Security technology package for the Cisco 2900 Series offers a wide array of common security features such as advanced application inspection and control, threat protection, and encryption architectures for enabling more scalable and manageable VPN networks. The Cisco 2900 Series offers onboard hardware-based encryption acceleration to provide greater IPsec throughput with less overhead for the route processor when compared with softwarebased encryption solutions. Cisco Integrated Services Routers offer a comprehensive and adaptable security solution for branch offices that includes features such as: • Secure connectivity: Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN (DMVPN), or Enhanced Easy VPN • Integrated threat control: Responding to sophisticated network attacks and threats using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, Cisco IOS Content Filtering, and Flexible Packet Matching (FPM) • Identity management: Intelligently protecting endpoints using technologies such as authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) Detailed information about the security features and solutions supported on the Cisco 2900 Series is available at http://www.cisco.com/go/ routersecurity.

Unified Communications, Collaboration, and Voice-Gateway Services
The Cisco 2900 Integrated Services Router is the foundation for collaboration in the small and midsize branch office, serving as a critical component of a Cisco’s video architecture (Medianet) and enterprise Unified Communications solution. With embedded voice services and a wide range of supported telephony interfaces, the Cisco 2900 Series delivers maximum deployment flexibility for the distributed enterprise. Unified communications is enabled through a rich signaling and media-processing infrastructure, including a variety of protocols, media interworking, signal and media security, transcoding, conferencing, and QoS. Cisco Integrated Services Routers also feature a wide range of voice-gateway interfaces, supporting a broad array of signaling and physical network interfaces. The Cisco 2900 Series enables a full range of existing and emerging video services, with scaling improvements to support Cisco TelePresence® conferencing, security, and session control. The Cisco Unified Border Element extends these capabilities for business-to-business TelePresence communications. The Cisco 2900 Series adds support for the new Cisco High-Density Packet Voice Digital Signal Processor (DSP) Module (PVDM3), which has been optimized for voice and video support. The new PVDM3 modules support all voice-gateway functions of earlier generations of PVDMs and add higher density and more processing power to support emerging rich-media applications. The Cisco 2900 Series provides 2 or 3 onboard PVDM3 slots, depending on the platform.

Cisco IOS Software Licensing and Packaging
A single Cisco IOS Universal image encompassing all IOS technology feature sets is delivered with the platforms. You can enable advanced features by activating a software license on the Universal image. In previous generations of access routers, these feature sets required you to download a new software image. Technology packages and feature licenses, enabled through the Cisco software licensing infrastructure, simplify software delivery and decrease the operational costs of deploying new features. Four major technology licenses are available on the Cisco 2900 Series Integrated Services Routers; you can activate the licenses through the Cisco software activation process identified at http://www.cisco.com/go/sa. The four licenses are as follows: • IP Base: This technology package is available as default • Data • Unified Communications • Security (SEC) or Security with No Payload Encryption (SEC-NPE) For additional information and details about Cisco IOS Software licensing and packaging on Cisco 2900 Series Integrated Services Routers, please visit: http://www.cisco.com/go/2900l For a more comprehensive list of features supported in Cisco IOS software refer to the Feature Navigator tool at: http://www.cisco.com/go/fn. 96

VoiceXML Application Services
The Cisco 2900 Series also supports standardscertified VoiceXML browser services. VoiceXML is an open-standard markup language used to create voice-enabled web browsers and IVR applications. Just as HTML enables you to retrieve data with a PC, VoiceXML enables you to retrieve data using voice or dual-tone-multifrequency (DTMF) telephony input. The Cisco 2900 Series can deliver a much higher range of concurrent voice-gateway services combined with VoiceXML browser services, for up to 200 sessions on the Cisco 2951.

Cisco Unified Border Element
The Cisco Unified Border Element capabilities supported on the Cisco 2900 Series address the emerging requirements in an IP-centric interconnect for branch-office unified communications between enterprises and service provider networks. Cisco Unified Border Element provides intelligent border-element functions such as physical and logical ingress and egress demarcation points, signaling and media control, and consolidated security and management features. The Cisco 2900 Series supports higher scale than previously provided on the Cisco 2800 Series, up to 3 times the number of sessions.

97

Cisco 2900 Series

Cisco 2900 Series

Wireless and Mobility Services

Wireless and Mobility Services continued enabled PoE boost. These technologies allow you to meet increased endpoint power requirements without increasing the total power consumption of the branch.

Wireless LAN/WAN
The Cisco Integrated Services Routers supporting the Cisco Unified Wireless Architecture enable deployment of secure, manageable wireless LANs (WLANs) optimized for remote sites and branch offices, including fast secure mobility, survivable authentication, and simplified management. The Cisco Wireless LAN Controller Module on the Cisco 2900 Series allows small and medium-sized businesses (SMBs) and enterprise branch offices to cost-effectively deploy and manage secure WLANs. Cisco Wireless LAN Controllers work in conjunction with Cisco lightweight access points and the Cisco Wireless Control System (WCS) to provide system-wide WLAN functions, managing up to 6, 12, and 25 access points.

Cisco Unified Computing System Express
The Cisco Services Ready Engine solution is available in a Service Module and Internal Service Module (ISM) form-factor. The Service Module hardware offers up to a seven times performance improvement over the previous-generation Network Modules and provides a multi-core x86-64 processor. The SRE modules also support up to 1 terabyte of storage, RAID configurations, hardwareassisted virtualization and cryptography options. The Cisco SRE module enables on-demand provisioning of branch-office applications on the Cisco 2900 Series platforms so that you can deploy the right application, at the right time, in the right place. The hardware and software decoupling provided by the service-ready deployment model enables applications to be provisioned on the module at the time of its installation or remotely anytime thereafter. Supported solutions include Cisco Wide Area Application Services (WAAS), Cisco Unity Express, Cisco Application Extension Platform (AXP), Cisco Wireless LAN Controller (WLC), Cisco Video Surveillance, and other applications under development. The Service Ready Engine enables organizations of various sizes to future-proof their network by allowing them to quickly deploy new branch-office applications without deploying new hardware, reducing the cost of rolling out branch-office services.

Managing Your Integrated Services Routers
Network management applications are instrumental in lowering operating expenses (OpEx) while improving network availability by simplifying and automating many of the day-to-day tasks associated with managing an end-to-end network. Day-one device support provides immediate manageability support for the Integrated Services Router, enabling quick and easy deployment, monitoring, and troubleshooting from Cisco and third-party applications. Organizations rely on Cisco, third-party, and in-house developed network management applications to achieve their OpEx and productivity goals. Underpinning those applications are the embedded management features available in every Integrated Services Router. The new Integrated Services Routers continue a tradition of broad and deep manageability features such as IP service-level agreement (IP SLA), Cisco IOS Embedded Event Manager (EEM), and NetFlow which allow you to know the status of your network at all times. These features, along with Simple Network Management Protocol (SNMP) and syslog, enable your organization’s management applications.

Application Services
As organizations continue to centralize and consolidate their branch-office IT infrastructure in an effort to reduce cost and complexity, they are challenged to provide an excellent user experience, ensure continuous service availability, and deliver business-relevant applications when and where they are needed. To address these challenges, the Cisco 2900 Series provides the capability to host Cisco, third-party, and custom applications on a portfolio of high-performance Cisco Services Ready Engine (SRE) modules that transparently integrate into the router. The modules have their own processors, storage, network interfaces, and memory that operate independently of the host router resources, helping to ensure maximum concurrent routing and application performance while reducing physical space requirements, lowering power consumption, and consolidating management.

Wireless WAN
Cisco third-generation (3G) wireless WAN (WWAN) modules combine traditional enterprise router functions, such as remote management, advanced IP services such as voice over IP (VoIP), and security, with mobility capabilities of 3G WAN access. Using high-speed 3G wireless networks, routers can replace or complement existing landline infrastructure, such as dialup, Frame Relay, and ISDN. Cisco 3G solutions support 3G standards High-Speed Packet Access (HSPA) and Evolution Data Only/Evolution Data Optimized (EVDO) providing you with a true multipath WAN backup and the ability to rapidly deploy primary WAN connectivity. For more information about 3G solutions on Cisco Integrated Services Routers, please visit www.cisco.com/go/3g.

Application Acceleration
The Cisco 2900 Series seamlessly combines industry leading security, IOS based traffic control and visibility, with Cisco application acceleration solutions. Cisco IOS Software features such as NBAR, IP SLA, and NetFlow provide visibility and monitoring of traffic patterns and application performance while IOS features such as QoS, ACLs, and PfR intelligently control the traffic to maximize the quality of the user experience and employee productivity. The user experience can be further enhanced through the addition of a Cisco WAAS Network Module which can be used to securely provide more advanced WAN optimization techniques such as TCP optimization, caching, compression, and application acceleration. Cisco Integrated Services Routers combined with Cisco WAAS Network Modules, provide optimal performance for applications delivered from a central data center to branch-office users. The solution allows you to consolidate costly server, storage, and backup infrastructure into data centers while maintaining LAN-like service levels for remote users.

Integrated LAN Switching
The Cisco 2900 Integrated Services Routers (Cisco 2911 through Cisco 2951) support the new Cisco Enhanced EtherSwitch® Service Modules, which greatly expand router capabilities by integrating industry-leading Layer 2 or Layer 3 switching with feature sets identical to those found in the Cisco Catalyst 2960 and Catalyst 3650-E Series Switches performing local line-rate switching and routing. The new Cisco Enhanced EtherSwitch Service Modules take advantage of the increased power capabilities on the Cisco 2900 ISRs. Additionally, the Cisco Enhanced EtherSwitch modules enable the newest Cisco power initiatives, Cisco EnergyWise, Cisco Enhanced Power over Ethernet (ePoE), per-port PoE power monitoring, and RPS-

98

99

Cisco 2900 Series

Cisco 2900 Series

When to Deploy
The Cisco 2951 Integrated Services Router (ISR) delivers highly secure data, voice, video, and application services for small offices. Key features include: • • • • • • 3 integrated 10/100/1000 Ethernet ports with 1 port capable of RJ-45 or SFP connectivity 2 service module slots 4 Enhanced High-Speed WAN Interface Card slots 3 onboard digital signal processor (DSP) slots 1 internal service module slot for application services Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE

When to Deploy continued
The Cisco 2911 Integrated Services Router (ISR) delivers highly secure data, voice, video, and application service. Key features include: • • • • • • 3 integrated 10/100/1000 Ethernet ports (RJ-45 only) 1 service module slot 4 enhanced high-speed WAN interface card slots 2 onboard digital signal processor (DSP) slots 1 Internal Service Module slot for application services Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE

Security • Onboard hardware acceleration for VPN encryption • Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy VPN • Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management using authentication, authorization, and accounting (AAA), and public key infrastructure Voice • High-density packet voice DSP module, optimized for voice and video support • Standards-certified VoiceXML browser services • Cisco Unified Border Element capabilities • Cisco Unity Express voicemail support • Support for Cisco Communications Manager Express and Survivable Remote Site Telephony The Cisco 2921 Integrated Services Router (ISR) delivers highly secure data, voice, video, and application services for small offices. Key features include: • • • • • • 3 Integrated 10/100/1000 Ethernet ports with 1 port capable of RJ-45 or SFP connectivity 1 service module slot 4 Enhanced High-Speed WAN Interface Card (EHWIC) slots 3 onboard digital signal processor slots 1 internal service module slot for application services Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE

Security • Embedded hardware-accelerated VPN encryption for secure connectivity and collaborative communications Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management using authentication, authorization, and accounting (AAA) and public key infrastructure Voice • High-density-packet voice DSP module, optimized for voice and video support • Standards-certified VoiceXML browser services • Cisco Unified Border Element capabilities • Cisco Unity Express voicemail support • Support for Cisco Communications Manager Express and Survivable Remote Site Telephony The Cisco 2901 Integrated Services Router (ISR) delivers highly secure data, voice, video, and application services for small offices. Key features include: • • • • • 2 integrated 10/100/1000 Ethernet ports 4 enhanced high-speed WAN interface card slots 2 onboard digital signal processor (DSP) slots 1 onboard Internal Service Module for application services Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE

Security • Embedded hardware-accelerated VPN encryption • Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy VPN • Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management: Intelligently protecting endpoints using authentication, authorization, and accounting (AAA), and public key infrastructure Voice • High-density packet voice DSP module, optimized for voice and video support • Standards-certified VoiceXML browser services • Cisco Unified Border Element capabilities • Cisco Unity Express voicemail support • Support for Cisco Communications Manager Express and Survivable Remote Site Telephony

Security • Embedded hardware-accelerated VPN encryption for secure collaborative VPN communications • Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management that uses authentication, authorization, and accounting (AAA) and public key infrastructure Voice • High-density-packet voice DSP module, optimized for voice and video • Standards-certified VoiceXML browser services • Cisco Unified Border Element capabilities • Cisco Unity Express voicemail support • Support for Cisco Communications Manager Express and Survivable Remote Site Telephony

100

101

Cisco 2900 Series

Cisco 2900 Series

When to Deploy continued
The Cisco 2900 Integrated Routers Series are recommended to be deployed when nnabling Borderless Networks at the Branch for small to medium size branch offices with user WAN bandwidth requirements up to 75Mbps. See picture below for specific 2900 Series recommended WAN bandwidth deployment guidelines.

Ordering Information continued
Product Number CISCO2901/K9 CISCO2911/K9 CISCO2921/K9 CISCO2951/K9 SL-29-DATA-K9 SL-29-UC-K9 SL-29-SEC-K9 Product Description Cisco 2901 with 2 onboard GE, 4 EHWIC slots, 2 DSP slots, 1 ISM slot, 256MB CF default ,512MB DRAM default, IP Base Cisco 2911 with 3 onboard GE, 4 EHWIC slots, 2 DSP slots, 1 ISM slot, 256MB CF default ,512MB DRAM default, IP Base Cisco 2921 with 3 onboard GE, 4 EHWIC slots, 3 DSP slots, 1 ISM slot, 256MB CF default ,512MB DRAM default, IP Base Cisco 2951 with 3 onboard GE, 4 EHWIC slots, 3 DSP slots, 1 ISM slot, 256MB CF default ,512MB DRAM default, IP Base Data License for Cisco 2901-2951 Unified Communications License for Cisco 2901-2951 Security License for Cisco 2901-2951

Ordering Information
For 2900 Series platform overview, series specifications, ordering information, product bundles, and technical specifications please see the data sheet at: http://cisco.com/en/US/prod/collateral/routers/ ps10537/data_sheet_c78_553896.html Ordering Information The Cisco 2900 Series Integrated Services Routers are orderable and shipping. For information about how to order the Cisco 2900 Series, please visit the Cisco 2900 Series Ordering Guide. To place an order, visit the Cisco Ordering Home Page which provides basic ordering information. For additional product numbers, including the Cisco 2900 Series bundle offerings, please check the Cisco 2900 Series Integrated Services Router Price List at: or contact your local Cisco account representative.

102

103

Notes

Cisco 3800 Series
Based on 20 years of innovation, Cisco 3800 Integrated Services Routers extend Cisco’s leadership in multiservice routing by providing customers with unparalleled network agility, performance, and intelligence. The Cisco 3800 Series is the flagship platform in a portfolio of next-generation routers that integrate advanced technologies, adaptive services, and secure enterprise communications. These new routers offer the performance and reliable packet delivery necessary to deliver mission-critical network capabilities efficiently, including real-time applications such as Voice over IP (VoIP), business video, and collaborative communications. Architectural enhancements include embedded security processing, significant platform performance and memory improvements, and new high-density interface types. These design achievements complement the Cisco IOS Software features and superior investment protection that this platform inherits from the Cisco 3700 Series. The Cisco 3800 Series, comprised of the Cisco 3825 and Cisco 3845, serves as a catalyst for midsize organizations and enterprise branch offices that want to gracefully scale their enterprise edges and take advantage of converged business services, while minimizing the cost and complexity of network upgrades. Benefits and Advantages

Enhanced Architecture
The Cisco 3800 Series offers two modular platforms optimized for the secure delivery of concurrent voice, video, and data. The integrated services architecture of the Cisco 3800 Series builds on the highly successful Cisco 3700 Series design, and adds embedded security and voice processing to a highly modular system that is optimized for rapid deployment of intelligent network services and converged communications. The Cisco 3800 Series supports the bandwidth requirements for multiple Fast Ethernet interfaces per slot, time-division multiplexing (TDM) interconnections, and fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE), while supporting the existing portfolio of modular interfaces.

Integrated Switching
With support for up to 112 ports of integrated switching with inline power, the Cisco 3800 Series offers an excellent platform for combining two of the most common components of any network infrastructure. The Cisco 3800 Series supports the 16-, 24-, and 48-port Cisco EtherSwitch® Service Network Modules which adhere to the 802.3af (PoE) standard. When partnered with the optional internal power supply upgrade, the EtherSwitch Service Network Modules and high-density WAN interface cards (HWICs) power any 802.3af compliant device through their integrated switch ports.

Investment Protection and Versatility
The Cisco 3800 Series provides significant additional value compared to prior generations of Cisco routers at similar price points by offering up to three times the performance, new embedded 105

104

Cisco 3800 Series

Cisco 3800 Series

Benefits and Advantages continued service options, and dramatically increased slot performance and density while maintaining support for most of the more than 90 existing modules that are available today for the Cisco 3700 Series. This helps to ensure continuing investment protection to accommodate network expansion or changes in technology as new services and applications are deployed. By integrating the functions of multiple separate devices into a single, compact unit, Cisco 3800 Series Integrated Services Routers dramatically reduce the cost and complexity of managing remote networks. The Cisco 3800 Series delivers multiple concurrent services at wirespeed performance of up to T3/E3 speeds. The Cisco 3845 features a removable motherboard, fan assembly, and supports high-availability features such as online insertion and removal (OIR) of like network modules, and redundant integrated system and inline power supplies. • Four network module slots for single-wide or extended network modules, two double-wide or extended double-wide network modules (NME-XD), or two extension voice/fax modules (EVM-HD) • Four single-wide or two double-wide HWICs • Two advanced integration modules (AIMs) • Four Packet Voice DSP Modules (PVDM) slots for voice processing • Onboard IP Security (IPsec) acceleration • 802.3af-compliant inline power for IP phones or wireless access points The Cisco 3825 is engineered to help customers effectively scale deployment of services, offering the following hardware features: • Two built-in autosensing 10/100/1000 Ethernet ports • One SFP slot gigabit Ethernet • Two built-in USB ports • Two network module slots for single-wide or extended network modules, one double-wide or extended double-wide network module (NME-XD), or one extension voice/fax module (EVM-HD) • Four single-wide or two double-wide HWICs • Two AIMs • Four PVDM slots for voice processing • Onboard IPsec encryption acceleration • 802.3af-compliant inline power for IP phones or wireless access points • External Redundant Power Supply (RPS) for system power and external redundant inline power for IP phones

Benefits and Advantages continued

IP Telephony
The Cisco 3800 Series allows network managers to provide scalable analog and digital telephony without investing in a one-time solution, giving enterprises greater control of their converged telephony needs. Using voice and fax modules, the Cisco 3800 Series can be deployed for applications ranging from VoIP and Voice-overFrame Relay (VoFR) transport to robust, centralized solutions using the Cisco Survivable Remote Site Telephony (SRST) solution or distributed call processing using Cisco Communication Express (CCME). The architecture is highly scalable with the ability to support up to 168 IP phones with the 3825 router and 240 IP phones with the 3845 router, 24 T1/E1s trunks, 88 foreign-exchange-station (FXS) ports, or 56 foreign-exchange-office (FXO) ports concurrent with data routing and other services.

Video Surveillance
The Cisco® Integrated Video Surveillance solution enables you to rapidly deploy highly distributed, IP-enabled video surveillance at your offices while migrating traditional analog surveillance equipment to IP. The solution based on Cisco 2800 and 3800 Series ISR offers the lowest total cost of ownership (TCO) for the branch office, ease of integration through network transparency, reliable data interoperability, and maximized overall security. It allows you to consolidate costly branch-office servers and deploy new applications centrally while still offering real-time access to physical security video and data.

Integrated Services
With the optional integration of numerous services modules, the Cisco 3800 Series offers the ability to easily integrate the functions of standalone network appliances and components into the Cisco 3800 Series chassis itself. Many of these modules, such as the Cisco Network Analysis Module, Cisco Unity Express™ Voice Mail Module, Cisco Intrusion Prevention Module, and Cisco Wide Area Application Services Module, have embedded processors and hard drives that allow them to run largely independently of the router while allowing management from a single management interface. This flexibility greatly expands the potential applications of the Cisco 3800 Series beyond traditional routing, while maintaining the benefits of integration. The Cisco 3845 Integrated Services Router is optimized for the concurrent delivery of voice, video, and data at T3 wire-rate performance. The architecture provides high-performance embedded security and voice processing for reliable delivery of mission-critical traffic such as VoIP, business video, and collaborative communications. The Cisco 3845 is engineered to help customers effectively scale deployment of services, offering the following hardware features: • Two built-in autosensing 10/100/1000 Ethernet ports • One small form-factor pluggable (SFP) slot gigabit Ethernet • Two built-in USB ports

Security Features
IPsec VPN • Advanced Encryption Standard (AES) 128, 192, and 256 bit keys; Triple Data Encryption Standard (3DES); and DES cryptology support • Embedded hardware-based VPN acceleration on the motherboard • Cisco Easy VPN remote and server • Group Encrypted Transport (GET-VPN) • Dynamic Multipoint VPN (DMVPN) • Virtual Tunnel Interfaces (VTI) • 802.1x • VPN QoS—Preclassification support Multiprotocol Label Switching (MPLS) VPN Support • Limited provider edge capabilities • Virtual routing and forwarding (VRF) firewall and VRF IPsec Cisco IOS IPS • Inline ability to drop packet, reset connection, locally shun, or send an alarm • Dynamically load and enable selected attack signatures in the same manner as Cisco IPS Appliances • For broader signature support and higher performance, look at optional IPS AIM module for ISR Network Foundation Protection • Control Plane Policing (CPP) • AutoSecure • CPU/Memory Threshold • Secure Shell (SSH) • Access Control List (ACL) • Command-Line Interface (CLI) • Committed Access Rate (CAR) IOS WebVPN (SSL VPN) • Secure remote access for mobile users without installing PC client software • Integrated into the router —no separate appliance required • Cisco 3825 and 3845 support up to 200 users (with AIM-VPN/SSL-3) • Requires IOS WebVPN feature license FL-WEBVPN-10, FL-WEBVPN-25 or FL-WEBVPN-100 (purchase multiple quantities to add up to the desired number of users) • Requires an IOS security feature set (IOS security feature set is included in all secure router bundles) Media Authentication and Encryption • Standards-based authentication and encryption using secure RTP provides a secure environment for IP Communications • Advanced Encryption Standard (AES) 128-bit cryptography support 107

Secure Networking
Integrated on the motherboard of every Cisco 3800 Series router is hardware-based encryption acceleration that offloads the encryption processes to provide greater IPsec throughput with less overhead for the router CPU when compared with software-based solutions. The integration of optional VPN modules (for enhanced performance and tunnel count), intrusion prevention modules or NAC network modules for network admission control, combined with the rich Cisco IOS Software security feature set that includes firewall, intrusion prevention, voice- and video-enabled VPN (V3PN), Group Encrypted Transport (GET) VPN, and Dynamic Multipoint VPN (DMVPN), Cisco offers the industry’s most robust and adaptable security solution for branch office routers.

106

Cisco 3800 Series

Cisco 3800 Series

Security Features continued
Cisco IOS Firewall • Feature rich, stateful firewall • Per-user authentication and authorization • Real-time alerts • Transparent firewall • IPv6 firewall • VRF-aware firewall • Advanced Application Inspection and Control – HTTP inspection engine – E-mail inspection engines (SMTP, ESMTP, IMAP, POP) URL Filtering • Onboard with an optional content-engine network module • Local URL filtering in Cisco IOS software based on external server Onboard USB 1.1 port • 2 onboard USB 1.1 ports • Secure token and Flash memory support Security Solutions • Network Admission Control (NAC) • Voice and Video Enabled IPsec VPN (V3PN) Optional Security Modules • Intrusion Prevention System Advanced Integration Modules (AIM-IPS-K9) • VPN and Encryption Advanced Integration Modules (AIM-VPN/SSL-3) • Network Admission Control Network Modules (NME-NAC-K9) Cisco Router and Security Device Manager (SDM) • Ships by default Certifications • ICSA IPsec • ICSA Firewall • Common Criteria IPsec (EAL4) (in process) • Common Criteria Firewall (EAL4+) (in process) • FIPS 140-2, Level 2

Network Example
Branch Office 3700/3800

IP

Regional Office
VPN V3PN Voice Video QoS

Internet
IP

IP

Branch Office 2600/2800 Branch Office 1700/1800
The figure above shows the Cisco 3800 Series routers converge voice, video, and data across a secure IPsec VPN network with high-quality, reliable performance. DMVPN creates tunnels on-the-fly based on user traffic. V3PN functionality provides QoS, multiprotocol, ease of provisioning, and secure connectivity.

IP Telephony Features
IP Phone Support Analog Voice Support Digital Voice Support Packet Voice Digital Signal Processor (DSP) Module (PVDM) Slots on Motherboard Cisco CallManager Express SRST Voice Mail and Automated Attendant Voice Interfaces Optional integrated power supply with inline power, 802.3af support, 360W of inline power Up to 88 FXS and 56 FXO ports Up to 720 calls 4 PVDM slots on motherboard, local conferencing and transcoding Up to 240 phones for the Cisco 3845 router, and up to 168 phones for the Cisco 3825 router Up to 720 phones for the Cisco 3845 router, and up to 336 phones for the Cisco 3825 router Up to 250 mailboxes with up to 16 concurrent sessions using Cisco Unity™ Express Network Module FXS, FXO, Direct Inward Dial (DID), E&M, Centralized Automated Message Accounting (CAMA), Basic Rate Interface (BRI), T1, E1, Primary Rate Interface (PRI), Q.SIG, channel associated signaling (CAS)

When To Deploy
Deploy the Cisco 3800 Series when you need: • The highest performance and densities for concurrent data, security, voice, and advanced services with headroom for growth • Higher availability and resiliency with OIR, redundant system, and inline power options • Higher WAN or voice densities with an additional (fourth) HWIC • Low density (up to 96 ports), integrated 10/100 switching with PoE support; up to 48 ports with Cisco Inline Power • Efficient, robust Error Correction Code (ECC) DDR SDRAM memory to detect and correct SDRAM errors without user intervention • Integrated security services as part of Cisco Self Defending Network, which enable network device protection, threat defense, secure connectivity, and endpoint protection and control • Integrated PVDMs, industry-leading call processing and autoattendant solutions, and highdensity voice cards and modules that speed IP Communications and give customers a choice of telephony interface devices • Advanced management for security, routing, QoS, and switching services with Cisco Router and Security Device Manager (SDM) 2.0 • Secure integrated call processing, voice mail and automated attendant, flexible telephony interfaces, redundancy for centralized call processing, with robust DSP support, including local call conforming and transcoding

108

109

Cisco 3800 Series

Cisco 3800 Series

Platform Overview
Cisco 3800 Series Features Network Module Slots (These slots can accommodate standard network module, NME, and NME-X slots. The NME has the same form factor as the standard network module. The EVM-HD is supported. The NME-X, when available, will have a wider form factor than the NME. Two side-by-side NME slots can be combined to accommodate one NMD or, when available, a NME-XD.) Maximum Number of Network Modules, NMEs, and NME-Xs Supported Maximum Number of NMD/NME-XDs Supported Maximum Number of EVM-HDs Supported Number of HWIC Slots (These HWIC slots also support voice interface cards (VICs), voice/WAN interface cards (VWICs), and WICs) Number of Fixed LAN Ports (fixed RJ-45 port for 10/100/1000 connectivity) Number of Fixed SFP Ports (for SFP Gigabit Ethernet connectivity) Number of AIM Slots (for optional AIMs for offloading compute-intensive features) Number of PVDM Slots (for optional PVDM2s) Number of USB 1.1 Ports (secure USB eToken and USB flash memory for secure Cisco IOS Software configuration distribution, and off-platform storage of VPN credentials) Embedded VPN (hardware-based VPN encryption acceleration) Number of Console Ports (up to 115.2 Kbps) Number of Auxiliary Ports (up to 115.2 Kbps) Memory (external compact Flash and internal DDR SDRAM with ECC) Cisco 3825 NM NME NME-X NMD NME-XD EVM-HD 2 1 1 4 Cisco 3845 NM NME NME-X NMD NME-XD EVM-HD 4

Platform Overview continued
Cisco 3800 Series Features AC: Input Voltage AC: Input Frequency AC: Input Current Cisco 3825 100–240 VAC, autoranging 47–63 Hz 3A (110V) 2A (230V) Startup current 50A maximum (one cycle) DC: Input Voltage 2 2 4 Output DC: Input Current 24–60 VDC, auto-ranging positive or negative 12A (24V) 5A (60V) Startup current 50A…...

Similar Documents