CISCO 830 SERIES SECURE BROADBAND ROUTERS
Advanced security for data, voice, and video access ideal for small offices and teleworkers.
The Cisco® 830 Series of secure broadband routers is ideal for providing secure Internet and corporate network connectivity to small remote offices and to teleworkers. Cisco 830 Series routers provide a wide range of integrated security services and advanced quality of service (QoS) features for high-quality data, voice, and video applications. They offer easy deployment and remote management features with Cisco IOS® Software.
Figure 1. The Cisco 830 Series Router
The Cisco 830 Series is comprised of the Cisco 831 Ethernet Broadband Router, the Cisco 836 ADSL over ISDN Broadband Router with an ISDN BRI port, and the Cisco 837 ADSL Broadband Router. The Cisco 831 router has an Ethernet WAN port for use with an external digital subscriber line (DSL) or cable modem. The Cisco 836 router supports asymmetric DSL (ADSL) over Integrated Services Digital Network (ISDN). The Cisco 837 router supports ADSL over POTS (basic telephone service). All models offer a four-port 10/100 Ethernet LAN switch for connecting multiple PCs or network devices in a small-office network.
ADVANCED SECURITY AND PERFORMANCE FOR ENTERPRISE-CLASS VPNs
The Cisco 830 Series delivers integrated enterprise-class security services, including hardware-accelerated IP Security (IPSec), Triple Data Encryption Standard (3DES) encryption for virtual private networks (VPNs), and stateful-inspection firewall for secure Internet connectivity. Optional advanced features-such as OSPF, RIP, and RIP v2, EIGRP and BGP (limited) routing protocols; Cisco Easy VPN Remote (a software feature that allows simple deployment and management of VPNs) and Easy VPN Server (limited to five users); public key infrastructure (PKI) security requiring digital certificates; IPSec Network Address Translation transparency (NAT-T); the Cisco Intrusion Detection System (IDS); WCCP and URL filtering-help ensure that the small office receives the highest level of security, which contributes to the corporate network's security.
HIGH-QUALITY, SECURE VOICE AND VIDEO
The advanced QoS and high-performance encryption features offered in Cisco 830 Series routers provide high-quality voice and video services to remote users. When IP phones are connected at a remote site, a Cisco 830 Series router can queue and prioritize the voice traffic over data traffic to ensure a high-quality, secure voice-over-IP (VoIP) connection from the remote or home office back to the corporate network.
MANAGEABLE, SCALABLE, AND RELIABLE ACCESS
The Cisco 830 Series uses valuable management and deployment tools to deliver the industry's lowest total cost of ownership for connecting small remote offices and teleworkers to the corporate network. As a remotely manageable platform, the Cisco 830 Series supports advanced remote troubleshooting commands available in Cisco IOS Software; a virtual auxiliary (AUX) port for out-of-band management with an external modem or through an integrated ISDN Basic Rate Interface (BRI) ISDN port (Cisco 836 router); and Secure Shell (SSH) Protocol for secure in-band management via Telnet. Cisco 830 series routers come equipped with two embedded remote management tools, Cisco Security Device Manager (SDM) and Cisco Router Web SetUp Tool (CRWS).
For scalability in deployment and management, the Cisco Router Web SetUp Tool, available in several languages, allows nontechnical users to quickly set up the router and turn on key features such as the stateful firewall. Cisco Security Device Manager provides added functionality for Web-based security and router set up and monitoring. Cisco provides a suite of solutions-such as Cisco Easy VPN, the Cisco IE 2100 Intelligence Engine, Cisco VPN Solution Center (VPNSC), the CiscoWorks Router Management Center (Router MC) and Cisco Configuration Express-that allow for scalable network deployment and management, including automated security policy push and configuration updates.
For reliable access, the virtual AUX port on Cisco 831, 836, and 837 routers can be used for dial backup with an external modem, should the primary WAN connection fail. On the Cisco 836 router, an integrated ISDN BRI S/T port also provides ISDN dial backup and out-of-band management. The Cisco 830 Series runs Cisco IOS Software, the industry-proven software that has become the standard for reliable business access.
FEATURES AND BENEFITS
Table 1. Key Product Features and Benefits
Features |
Benefits |
Advanced Security and Performance for Enterprise-Class VPNs |
Demilitarized Zone Port (DMZ) |
One of the switch ports could be convertsed in to a DMZ port to place publicly accessible servers or to segregate users on the LAN. |
Dynamic DNS |
The router could be accessed by a DNS name. Hence the router will be accessible even if the WAN IP address keeps on changing. |
Stateful-Inspection Firewall |
• Offers internal users secure, per-application dynamic access control (stateful inspection) for all traffic across perimeters
• Defends and protects router resources against denial-of-service (DoS) attacks
• Provides context-based access control (CBAC)
• Checks packet headers and drops suspicious packets
• Protects against unidentified, malicious Java applets
• Details transactions for reporting on a per-application, per-feature basis |
Network Security Features with Cisco IOS Software, Including Access Control Lists (ACLs), Network Address Translation/Port Address Translation (NAT/PAT), Lock & Key Security, Dynamic ACLs, and Router and Route Authentication |
Provides perimeter network security to prevent unauthorized network access |
Cisco IDS |
Detects and prevents DoS attacks and unauthorized network access; sends alerts to initiate appropriate action |
Hardware-Accelerated IPSec 3DES Encryption |
• Delivers high-performance IPSec VPN encryption for broadband connections
• Supports Internet Key Exchange (IKE) and IPSec VPN standards for up to ten simultaneous tunnels
• Provides WAN encryption for all users on the LAN without requiring the configuration of individual PCs |
Cisco Easy VPN Remote |
Provides easy deployment and maintenance of VPN connections with auto-IPSec tunnel initiation and policy push from a Cisco VPN concentrator or server |
Cisco Easy VPN Server (up to five users) |
Allow up to five remote VPN clients (Cisco Easy VPN Remote clients/nodes) to terminate on the 83x0 Series routers via Cisco Easy VPN implementation |
URL Filtering with WebSENSE Software and Server |
• Allows a network administrator to easily apply Internet use policies to permit access only to company-approved URLs or categories of sites
• WebSENSE URL filtering software filters HTTP requests based on destination host name, destination IP address, keywords, and user name
• WebSENSE maintains and updates a URL database of more than 20 million sites, organized into more than 60 categories |
URL Filtering with N2H2 Software and Server |
N2H2 is a globally deployed URL-filtering software that can filter http requests based on destination hostname, destination IP address, and username and password. It relies on a sophisticated URL database exceeding 15 million sites and is organized into over 40 categories using both Internet technology and human review. |
IPSec NAT Transparency (NAT Traversal or NAT Aware IPSec) |
Allows reliable creation of VPN tunnels independent of the placement of firewalls and NAT across multiple networks |
PKI Support with Digital Certificates |
• Standards-based robust key management allows better network scaling and enhanced key security
• Facilitates extranet communications |
High-Quality, Secure Voice and Video |
IP QoS-Low Latency Queuing (LLQ), Pre-Classify, Pre-Fragmentation, Weighted Random Early Detection (WRED), Committed Access Rate (CAR), and Class-Based Traffic Shaping |
• Ensures consistent response times for multiple applications by intelligently allocating bandwidth
• Allows for classification of applications and gives the most important applications priority use of the WAN line
• Provides congestion avoidance by throttling down certain Transmission Control Protocol (TCP) sessions, depending on each session's priority level |
Asynchronous Transfer Mode (ATM) QoS (for the Cisco 836 and 837 routers)-ATM Traffic Universal Bit Rate (UBR), Variable Bit Rate non real time (VBRnrt), Variable Bit Rate real time (VBRrt) and Constant Bit Rate (CBR) with per-VC Queuing and Traffic Shaping |
Provides QoS guarantees for real-time traffic, with ability to send traffic over the appropriate virtual circuit to provide ATM-level shaping and ensure that no head-of-line blocking can occur between circuits of different or equal traffic classes |
High-Performance Encryption |
Provides secure connectivity without affecting performance for bandwidth-intensive applications |
IP Multicast Technology |
Reduces redundant traffic; conserves bandwidth for corporate communications, distance-learning applications such as Cisco IP/TV®, software distribution, and access to stock quotes and news applications |
Advanced Management Features for Low Cost of Ownership |
Plug-and-Play Installation with Default Settings and Web-Based Setup Tool |
Nontechnical users can easily set up the router and customize advanced features |
Cisco Security Device Manager (SDM)-An Intuitive, Web-Based Device Management Tool Embedded within Cisco IOS® Access Routers |
• Simplifies router and security configuration through intelligent wizards
• Enabling customers to quickly and easily deploy, configure and monitor a Cisco 83x0 Series routers without requiring knowledge of Cisco IOS command line interface (CLI) |
Cisco Router Web SetUp Tool |
Allows nontechnical users to complete installation by simply pointing a browser at the router and providing user information |
Cisco Easy VPN Remote and Server (up to five users) |
Provides easy deployment and maintenance of VPN connections with auto-IPSec tunnel initiation and pushed policy acceptance |
Cisco Configuration Express |
Lowers the cost of deployment by shipping preconfigured units directly to end users without requiring staging or storage |
Router Status Page in Cisco Router Web SetUp Tool |
Provides a Web-based visual presentation of router configuration and feature status |
Cisco IOS Software Interactive Debug and Remote Management Features |
Enables remote management and monitoring via Simple Network Management Protocol (SNMP), Telnet, or HTTP and local management via console port to diagnose network problems in detail |
Cisco IOS Software Command-Line Interface (CLI) |
Allows customers to use existing knowledge of Cisco IOS Software CLI for easier installation and manageability without requiring additional training |
Cisco IOS Software Technology |
Offers technology that is used throughout the backbone of the Internet and in most enterprise networks |
Cisco ISC (IE 2100 Intelligence Engine Management Appliance, VPNSC, Configuration Express) |
Allows remote sites to be configured to automatically contact this centrally located device for Cisco IOS Software configuration updates |
Supported by Cisco VPNSC, CiscoWorks VPN/Security Management Solution (VMS), and Cisco Secure Policy Manager |
Allows for scalable deployment of security policy management |
SSH v2.0 |
Provides a secure, encrypted connection to a router that is similar to an inbound Telnet session |
PRODUCT SPECIFICATIONS
Table 2. Cisco 830 Series Hardware Specifications
Hardware Specifications |
Cisco 831, 836, and 837 Routers |
Processor |
Motorola RISC |
Default DRAM* Memory |
64 MB |
Maximum DRAM Memory |
80 MB |
Default Flash* Memory |
12 MB |
Maximum Flash Memory |
24 MB |
WAN |
• 10BASE-T Ethernet (Cisco 831 router)
• ADSL over ISDN-Annex B (Cisco 836 router)
• ADSL over POTS-Annex A (Cisco 837 router) |
LAN |
Four-port 10/100BASE-T with autosensing MDI/MDX for autocrossover |
Console Port |
This port can be configured to behave as an auxiliary port (virtual AUX supports modem control for dial backup and out-of-band management) |
RJ-45 |
ISDN BRI S/T port which can be configured for ISDN dial backup or out-of-band management (Cisco 836 only) |
LEDs |
10 |
External Power Supply |
Universal 100-240 VAC |
* DRAM and Flash memory must be obtained from Cisco
Table 3. Memory Requirements and Software Feature Sets for Cisco 831, 836, and 837 Routers
Cisco 830 Series with Cisco IOS Software Images |
Cisco 830 Series Memory Requirements |
|
Flash |
DRAM |
IP/Firewall/IPSec 3DES (default) |
12 MB |
48 MB |
IP/Firewall/IPSec 3DES PLUS1 |
12 MB |
48 MB |
IP/Firewall/IPSec 3DES/PLUS/dial backup (Cisco 836 router only) |
12 MB |
48 MB |
Table 4 lists features supported in each of the above images by platform.
Table 4. Cisco 830 Series Software Feature Sets
Protocols and Features Supported by Cisco 830 Series Secure Broadband Routers |
|
IP/FW/IPSec 3DES (default feature set) |
IP/FW/IPSec 3DES PLUS |
IP/FW/IPSec 3DES PLUS ISDN Dial Backup (Cisco 836 router only) |
Routing and Bridging |
Transparent Bridging |
X |
X |
X |
IP Routing, Integrated Routing and Bridging (IRB) |
X |
X |
X |
Point-to-Point Protocol over Ethernet (PPPoE), Including TCP MSS Adjust |
X |
X |
X |
PPP over ATM (PPPoA), (Cisco 836 and 837 routers only) |
X |
X |
X |
IP-Enhanced Interior Gateway Routing Protocol (IGRP) |
- |
X |
X |
Routing Information Protocol (RIP), RIPv2 |
- |
X |
X |
Security |
Route and Router Authentication |
- |
X |
X |
Multilevel User Authentication for Access to Router for Management |
X |
X |
X |
Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Local Password |
X |
X |
X |
Generic Routing Encapsulation (GRE) Tunneling |
- |
X |
X |
IP Basic and Extended Access Lists, Lock & Key |
X |
X |
X |
Stateful-Inspection Firewall |
X |
X |
X |
IPSec 56-Bit Encryption |
X |
X |
X |
IPSec 3DES Encryption |
X |
X |
X |
Hardware-Accelerated IPSec 3DES Encryption |
Cisco 831 router (Cisco 836 and 837 routers require PLUS image) |
X |
X |
PKI with Digital Certificates |
- |
X |
X |
Cisco Easy VPN Remote |
Cisco 831 router (Cisco 836 and 837 routers require PLUS image) |
X |
X |
Cisco Easy VPN Server (up to five users) |
X |
X |
X |
Multiuser IPSec Pass-Through (TCP and unencapsulated) |
X |
X |
X |
Multiuser Point-to-Point Tunneling Protocol (PPTP) Pass-Through |
X |
X |
X |
Advanced Encryption Standard (AES) (software-based) |
- |
X |
X |
URL Filtering with WebSENSE Software and Server |
- |
X |
X |
IPSec NAT Transparency (NAT Traversal or NAT Aware IPSec) |
- |
X |
X |
Remote Authentication Dial-In User Service (RADIUS) |
- |
X |
X |
Terminal Access Controller Access Control System Plus (TACACS+) |
- |
X |
X |
QoS |
X |
X |
X |
LLQ |
X |
X |
X |
Pre-Classify |
- |
X |
X |
Pre-Fragmentation |
- |
X |
X |
IP Policy Routing |
X |
X |
X |
Class-Based Traffic Shaping (Cisco 831 router only) |
X |
X |
X |
WRED |
- |
X |
X |
CAR |
- |
X |
X |
Link Fragmentation and Interleaving (LFI) |
- |
X |
X |
Per-VC Queuing and per-VC Traffic Shaping (Cisco 836 and 837 routers only) |
X |
X |
X |
ATM UBR, CBR, VBRnrt, and VBRrt (Cisco 836 and 837 routers only) |
X |
X |
X |
ATM Fault Management, Operation, Administration and Maintenance (OAM) (F5) Segment Continuity Check and Segment and End-to-End Loopback and Interim Local Management Interface (ILMI) Support (Cisco 836 and 837 routers only) |
X |
X |
X |
Ten Virtual Circuits/Permanent Virtual Circuits (PVCs) |
X |
X |
X |
TX Ring Adjustment (Cisco 836 and 837 routers only) |
X |
X |
X |
Bandwidth Optimization and Management |
IP Multicast |
- |
X |
X |
Protocol Independent Multicast (PIM) Sparse Mode |
- |
X |
X |
Standard-Based Encryption (STAC) |
X |
X |
X |
Ease of Use and Deployment |
Cisco SDM |
X |
X |
X |
CRWS |
X |
X |
X |
Easy VPN Remote |
- |
X |
X |
Management |
|
|
|
SNMP, Telnet, and Console Port |
X |
X |
X |
Syslog |
X |
X |
X |
Network Time Protocol (NTP) Client and Server |
X |
X |
X |
Trivial File Transfer Protocol (TFTP) Client and Server |
X |
X |
X |
Cisco Service Assurance Agent (SAA) |
X |
X |
X |
Out-Of-Band Management Through Virtual AUX Port |
X |
X |
X |
Out-of-Band Management Through ISDN BRI S/T Port (Cisco 836 router only) |
Cisco 836 router |
Cisco 836 router |
Cisco 836 router |
Redundancy |
Hot Standby Router Protocol (HSRP) |
- |
X |
X |
Dial Backup with External Modem Through Virtual AUX Port |
X |
X |
X |
Dial Backup with External Modem Through ISDN BRI S/T Port (Cisco 836 router) |
N/A |
N/A |
Cisco 836 router |
Address Conservation and Allocation |
NAT Many-to-One (PAT) |
X |
X |
X |
NAT Many-to-Many (multi-NAT) |
X |
X |
X |
H.323 Support with NAT |
X |
X |
X |
NetMeeting V.2.10/1 and 3.01 |
X |
X |
X |
Session Initiation Protocol (SIP) Support with NAT |
X |
X |
X |
IP Control Protocol (IPCP) Address and Subnet Negotiation |
X |
X |
X |
Dynamic Host Control Protocol (DHCP) Client and Server |
X |
X |
X |
DHCP Relay |
X |
X |
X |
DHCP Client Address Negotiation |
X |
X |
X |
DHCP Client Host Name (option 12) for Certain Cable Services (Cisco 831 router only) |
X |
X |
X |
Table 5. Cisco 800 Series-DSLAM Interoperability
DSLAM |
Chipset |
Interoperability Status |
Comments |
Alcatel ASAM 1000 |
AME |
Yes |
- |
Alcatel 7300 |
AME |
Yes |
- |
Lucent Stinger |
AME |
Yes |
- |
ECI |
ADI 918 |
Yes |
UR-2 compliant |
ECI |
ADI 930 |
Yes |
UR-2 compliant |
Siemens XpressLink 2.0 |
TI |
Yes |
UR-2 compliant |
Siemens XpressLink 2.1 |
TI |
Yes |
UR-2 compliant |
REGULATORY AND STANDARDS COMPLIANCE
Business-class Cisco 830 Series secure broadband routers are available for worldwide deployment.
Safety
• UL 1950/CSA 950-95: Third Edition
• IEC 950: Second Edition with Amendments 1, 2, 3, and 4
• EN60950: 1992 with Amendments 1, 2, 3, and 4
• CS-03, Canadian Telecom Requirements
• FCC Part 68 U.S. Telecom Requirements
• AS/NZS 3260: 1996 with Amendments 1, 2, 3, and 4
• ETSI 300-047
• TS 001 with Amendment 1
• EMI
• AS/NRZ 3548: 1992 Class B
• CFR 47 Part 15 Class B
• EN60555-2 Class B
• EN55022 Class B
• VCCI Class II
• ICES-003, Issue 2, Class B, April 1997S
• IEC 1000-3-2
Immunity
• IEC 1000-4-2 (EN61000-4-2)
• IEC 1000-4-3 (ENV50140)
• IEC 1000-4-4 (EN61000-4-4)
Cisco 837 Router ADSL Specifications
• ST-Micro DynaMiTe (formerly Alcatel Micro Electronics) ADSL Chipset (20150)
• T1.413 ANSI ADSL DMT issue 2
• G.992.1 ITU G.DMT support
• G.992.2 ITU G.Lite support
• G.992.3 ITU G.hs ADSL type negotiation
The chipset does not provide interoperability with carrierless amplitude modulation/phase modulation (CAP)-based ADSL lines.
Cisco 836 Router ADSL Specifications
• ST-Micro DynaMiTe (formerly Alcatel Micro Electronics) ADSL Chipset (20150)
• ETSI 101-388 v1.2.1 ADSL over ISDN
• Annex B ITU ADSL over ISDN support (Planned)
• UR-2 Specification (Deutsche Telekom)
The chipset does not provide interoperability with carrierless amplitude modulation/phase modulation (CAP)-based ADSL lines.
ISDN Specifications (Cisco 836 Router)
• Two B channels plus one D channel: 2 x 64 Kbps (precompressed)
• Interoperable switched 56: 2 x 56 Kbps (precompressed)
• Single-point and multipoint configurations
• Compatible with data or voice B-channel ISDN switch types
• CTR3 (ETSI, NET3)
• VN3/4/5 (France)
Physical Specifications
• Dimensions (H x W x D): 2.0 x 9.7 x 8.5 in. (5.1 x 24.6 x 21.6 cm)
• Weight: 1.48/1.5 lb (0.67/0.68 kg)
Environmental Operating Ranges
• Nonoperating temperature: -4 to 149° F (-20 to 65° C)
• Nonoperating humidity: 5 to 95%, relative humidity (noncondensing)
• Nonoperating altitude: 0 to 15,000 ft (0 to 4,570 m)
• Operating temperature: 32 to 104° F (0 to 40° C)
• Operating humidity: 10 to 85%, relative humidity (noncondensing)
• Operating altitude: 0 to 10,000 ft (0 to 3,000 m)
Power Ratings
• AC input voltage: 100 to 250 VAC, 50 to 60 Hz
• Power consumption: 6 to 10W (idle-maximum consumption)
• Power supply rating: 15
댓글을 달아 주세요