Datasheet
© 2004 Cisco Systems, Inc. All right reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com
Page 5 of 14
The Data Encryption AIM’s available for the Cisco 3700 Series offloads encryption processing from the CPU, providing over 10 times the
performance over software-only encryption. The AIM-VPN/EP on the Cisco 3725 supports a maximum of 800 tunnels. On the Cisco 3745, the
AIM-VPN/HP supports a maximum of 1,800 tunnels. The AIM-VPN/EPII and AIM-VPN/HPII further extend the encryption performance of
the Cisco 3700. These modules offers hardware accelerated DES/3DES and the new AES (Advanced Encryption standard) encryption at speeds
up to 90-Mbps on the Cisco 3745 (max based on 1400 byte packet size). In addition the AIM-VPN/EPII and AIM-VPN/HPII support hardware-
assisted layer-3 compression services where bandwidth conservation may lower network connection costs. The AIM-VPN/EPII on the Cisco
3725 and Cisco 3745 supports a maximum of 2,000 tunnels. The AIM-VPN/EPII Plus and AIM-VPN/HPII Plus modules add native support for
AES 192 and 256 bit encryption.
KEY APPLICATIONS AND BENEFITS
The Cisco 3700 platforms are designed for the Full Service Branch office that are deploying advanced applications, that require higher
performance for voice, security, QoS, content acceleration and delivery, and high availability at the network edge by integrating functions
previously addressed by a combination of platforms.
ADVANCED SECURITY SERVICES AND VPNS
The Security and VPN features of the Cisco 3700 offer customers the ability to deploy proven security features such as secure VPNs, Intrusion
Prevention Systems (IPS), and firewalls, as well as high-speed Internet access and the ability to create extranets or demilitarized zones (DMZs).
Cisco access routers deliver a rich, integrated package of routing, firewall, intrusion detection, and VPN functions for multiservice applications.
VPNs help companies reap benefits such as dramatically lowered WAN costs, improved global connectivity, and better reliability, while
enabling capabilities such as secure extranet communications. Remote dial, Internet, intranet, and extranet access can all be consolidated over a
single WAN connection to the Internet. The Cisco 3700 VPN solution supports the features essential to VPNs—IPSec data encryption,
tunneling, broad certificate authority support for public key infrastructure (PKI)—and advanced features such as stateful VPN failover,
certificate auto-enrollment, stateful firewall, intrusion detection, and service-level validation. The Cisco 3700 Series works with optional
Virtual Private Network Modules (VPN Modules) to optimize the platforms for virtual private networks (VPNs). The Cisco 3700 Series VPN
Modules provide up to 10 times the performance over software-only encryption by offloading the encryption processing from the router central
processing unit (CPU). The Cisco 3700 series together with the VPN module are the perfect IPSec VPN solution for connecting medium, and
large branch offices to other remote locations, corporate headquarters, central-office intranets, or partner extranets.
As network security becomes increasingly critical to securing business transactions, businesses must integrate security into the network design
and infrastructure. The Cisco IOS Firewall is a security-specific option for Cisco IOS software which runs on the Cisco 3700 platform. It
integrates robust firewall functionality and intrusion prevention for every network perimeter and enriches existing Cisco IOS security
capabilities. It adds greater depth and flexibility to existing Cisco IOS security solutions—such as authentication, encryption, and failover—by
delivering state-of-the-art security features such as stateful, application-based filtering; dynamic per-user authentication and authorization;
defense against network attacks; Java blocking; and real-time alerts.
VPN SECURITY FEATURES AND VOICE AND VIDEO-ENABLED IPSEC VPN
The Cisco 3700 VPN security features are all voice and video-enabled IPSec VPN ready. The Cisco 3700 offers a VPN infrastructure capable
of transporting converged voice, video, and data traffic across a secure IPSec network. The Cisco 3700 VPN platforms are able to accommodate
the diverse network topologies and traffic types characteristic of multiservice IPSec VPNs, and ensure that the VPN infrastructure does not
break multiservice applications deployed now or in the future. The network architecture of the Cisco Voice and Video-Enabled IPSec VPN
(V3PN) Solution takes advantage of Cisco VPN routers with Cisco IOS Software, Cisco CallManager, and IP phones. Furthermore, Cisco
provides an overall deployment model for these products through Cisco AVVID (Architecture for Voice, Video and Integrated Data) for