Datasheet
Data Sheet
© 2008, 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 11
Feature Benefit
(Note: available only on Cisco 2821 and 2851).
USB Support Up to two USB ports are available per Cisco 2800 series router. The routers' Universal Serial Bus
(USB) ports enable important security and storage capabilities.
Secure Networking—Feature and Benefits
The Cisco 2800 Series features enhanced security functionality as shown in Table 3. Integrated on the motherboard
of every Cisco 2800 Series router is hardware-based encryption acceleration that offloads the encryption processes
to provide greater IPSec throughput with less overhead for the router CPU when compared with software-based
solutions. With the integration of optional VPN modules (for enhanced VPN tunnel count), Cisco IOS Software-based
firewall, network access control, or content-engine network modules, Cisco offers the industry's most robust and
adaptable security solution for branch-office routers.
Table 3. Secure Networking—Feature and Benefits
Feature Benefit
Cisco IOS Software Firewall
●
Sophisticated security and policy enforcement provides features such as stateful, application-
based filtering (context-based access control), per-user authentication and authorization, real-time
alerts, transparent firewall, and IPv6 firewall.
Secure Sockets Layer (SSL)
●
SSL provides security for web transactions by handling authentication, data enryption and digital
signatures. The 2800 Series supports SSL VPNs and SSL acceleration via the AIM-VPN/SSL-3.
Onboard VPN Encryption Acceleration
●
The Cisco 2800 Series supports IPSec Digital Encryption Standard (DES), Triple DES (3DES),
Advanced Encryption Standard (AES) 128, AES 192, and AES 256 cryptology without consuming
an AIM slot.
Network Admissions Control (NAC)
●
A Cisco Self-Defending Network initiative, NAC seeks to dramatically improve the ability of
networks to identify, prevent, and adapt to threats by allowing network access only to compliant
and trusted endpoint devices.
Multiprotocol Label Switching (MPLS) VPN
Support
●
The Cisco 2800 Series supports specific provider edge functions plus a mechanism to extend
customers' MPLS VPN networks out to the customer edge with virtual routing and forwarding
(VRF) firewall and VRF IPSec. For details on the MPLS VPN support on the different versions of
the Cisco 2800 Series, please check the feature navigator tool on
http://www.cisco.com.
USB eToken Support
●
USB eTokens from Aladdin Knowledge Systems (available at
http://www.aladdin.com/etoken/cisco/) provides secure configuration distribution and allows users
to store VPN credentials for deployment
AIM-Based Security Acceleration
●
Support for an optional dedicated security AIM can deliver 2 to 3 times the performance of
embedded encryption capabilities with Layer 3 compression.
Intrusion Prevention System (IPS)
●
Flexible and high performance support is offered through Cisco IOS
®
Software or an intrusion-
detection-system (IDS) network module.
●
The ability to load and enable selected IDS signatures in the same manner as Cisco IDS Sensor
Appliances
Advanced Application Inspection and
Control
●
Cisco IOS Firewall includes HTTP and several email inspection engines that can be used to detect
misuse of port 80 and email connectivity.
Cisco Easy VPN Remote and Server
Support
●
The Cisco 2800 Series eases administration and management of point-to-point VPNs by actively
pushing new security policies from a single headend to remote sites.
Dynamic Multipoint VPN (DMVPN)
●
DMVPN is a Cisco IOS Software solution for building IPSec + generic routing encapsulation (GRE)
VPNs in an easy and scalable manner.
Group Encrypted Transport (GET) VPN
●
GET VPN is a Cisco IOS Software solution that simplifies securing large Layer 2 or MPLS
networks requiring partial or full-mesh connectivity by providing tunnel-less VPN connectivity.
URL Filtering
●
URL filtering is available onboard with an optional content-engine network module or external with
a PC server running the URL filtering software.
Cisco Router and Security Device
Manager (SDM)
●
This intuitive, easy-to-use, Web-based device-management tool is embedded within the Cisco IOS
Software access routers; it can be accessed remotely for faster and easier deployment of Cisco
routers for both WAN access and security features.
IP Telephony Support—Features and Benefits
The Cisco 2800 Series allows network managers to provide scalable analog and digital telephony without investing
in a one-time solution (refer to Table 4 for more detail), allowing enterprises greater control of their converged
telephony needs. Using the voice and fax modules, the Cisco 2800 Series can be deployed for applications ranging
from voice-over-IP (VoIP) and voice-over-Frame Relay (VoFR) transport to robust, centralized solutions using the