Data Sheet
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 18
Feature Benefit
Dual AIM Slots Dual AIM slots support concurrent services such as hardware-accelerated security,
ATM segmentation and reassembly (SAR), compression, and voice mail (Refer to
Table 7 for more details on specific platform support).
Packet Voice DSP Module (PVDM)
Slots on Motherboard
Slots for Cisco PVDM2 Modules (DSP Modules) are integrated on the motherboard,
freeing slots on the router for other services.
Extension-Voice-Module (EVM) Slot
The EVM supports additional voice services and density without consuming the
network-module slot (Note: available only on Cisco 2821 and 2851).
USB Support Up to two USB ports are available per Cisco 2800 series router. The routers'
Universal Serial Bus (USB) ports enable important security and storage capabilities.
Secure Networking—Feature and Benefits
The Cisco 2800 Series features enhanced security functionality as shown in Table 3. Integrated on
the motherboard of every Cisco 2800 Series router is hardware-based encryption acceleration that
offloads the encryption processes to provide greater IPSec throughput with less overhead for the
router CPU when compared with software-based solutions. With the integration of optional VPN
modules (for enhanced VPN tunnel count), Cisco IOS Software-based firewall, network access
control, or content-engine network modules, Cisco offers the industry's most robust and adaptable
security solution for branch-office routers.
Table 3. Secure Networking—Feature and Benefits
Feature Benefit
Cisco IOS Software Firewall
●
Sophisticated security and policy enforcement provides features such as stateful,
application-based filtering (context-based access control), per-user authentication
and authorization, real-time alerts, transparent firewall, and IPv6 firewall.
Secure Sockets Layer (SSL)
●
SSL provides security for web transactions by handling authentication, data
enryption and digital signatures. The 2800 Series supports SSL VPNs and SSL
acceleration via the AIM-VPN/SSL-3.
Onboard VPN Encryption
Acceleration
●
The Cisco 2800 Series supports IPSec Digital Encryption Standard (DES), Triple
DES (3DES), Advanced Encryption Standard (AES) 128, AES 192, and AES 256
cryptology without consuming an AIM slot.
Network Admissions Control
(NAC)
●
A Cisco Self-Defending Network initiative, NAC seeks to dramatically improve the
ability of networks to identify, prevent, and adapt to threats by allowing network
access only to compliant and trusted endpoint devices.
Multiprotocol Label Switching
(MPLS) VPN Support
●
The Cisco 2800 Series supports specific provider edge functions plus a
mechanism to extend customers' MPLS VPN networks out to the customer edge
with virtual routing and forwarding (VRF) firewall and VRF IPSec. For details on
the MPLS VPN support on the different versions of the Cisco 2800 Series, please
check the feature navigator tool on
http://www.cisco.com.
USB eToken Support
●
USB eTokens from Aladdin Knowledge Systems (available at
http://www.aladdin.com/etoken/cisco/) provides secure configuration distribution
and allows users to store VPN credentials for deployment
AIM-Based Security Acceleration
●
Support for an optional dedicated security AIM can deliver 2 to 3 times the
performance of embedded encryption capabilities with Layer 3 compression.
Intrusion Prevention System (IPS)
●
Flexible and high performance support is offered through Cisco IOS
®
Software or
an intrusion-detection-system (IDS) network module.
●
The ability to load and enable selected IDS signatures in the same manner as
Cisco IDS Sensor Appliances
Advanced Application Inspection
and Control
●
Cisco IOS Firewall includes HTTP and several email inspection engines that can
be used to detect misuse of port 80 and email connectivity.
Cisco Easy VPN Remote and
Server Support
●
The Cisco 2800 Series eases administration and management of point-to-point
VPNs by actively pushing new security policies from a single headend to remote
sites.
Dynamic Multipoint VPN (DMVPN)
●
DMVPN is a Cisco IOS Software solution for building IPSec + generic routing
encapsulation (GRE) VPNs in an easy and scalable manner.
Group Encrypted Transport (GET)
VPN
●
GET VPN is a Cisco IOS Software solution that simplifies securing large Layer 2
or MPLS networks requiring partial or full-mesh connectivity by providing tunnel-
less VPN connectivity.
URL Filtering
●
URL filtering is available onboard with an optional content-engine network module
or external with a PC server running the URL filtering software.
