Cisco Systems C897VAK9 User Manual
Size:
537.34 Kb
Download

verification, and configuration management, resulting in increased operational efficiency and reduced operating expenses (OpEx).

The following Metro Ethernet features are supported for the Cisco 890 Series:

E-LMI:Basic configuration for detection and isolation of connectivity in the Metro Ethernet network

E-LMI:Automated configuration of customer edge based on profiles configured:

Layer 2 connectivity management

Ethernet LMI for the customer edge

Metro Ethernet OA&M:

Debugging hierarchy of Ethernet networks

Layer 2 service performance monitoring

802.1agCFM:

Standard that uses domains to contain OA&M flows and bound OA&M responsibilities

802.3ah: Ethernet in the First Mile (EFM)

Three types of packets: Continuity Check, Layer 2 Ping, and Layer 2 Traceroute

IP SLA for Ethernet

Figure 4 shows a typical small branch-officeMetro Ethernet deployment.

Figure 4. Typical Metro Ethernet Deployment

High Availability

Cisco 890 Series Routers enable customers to deliver high-performance,high-availability,mission-criticalbusiness applications (Figure 5). The Cisco IOS Software universal image with Advanced IP Services feature license (default) offers basic and advanced routing capabilities to deliver failover protection and load balancing. These capabilities include Virtual Router Redundancy Protocol (VRRP) (RFC 2338), Hot Standby Router Protocol (HSRP), MultigroupHSRP (MHSRP), and dial backup with external modem through a virtual auxiliary port. Cisco 890 Series Routers are integrated with ISDN BRI (892, 896, and 897 models), a V.92 analog modem (891 model), or a GigabitEthernet port for a secondary WAN backup connection. If the primaryEthernet-accessWAN is disconnected, the router detects this failure and fails over to the secondary backup WAN.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 5 of 16

Figure 5. High Availability

Integrated Wireless LAN Capability

The Cisco 890 Series is ideal for enterprise small branch offices and small businesses that need to be connected to larger enterprise networks. These routers help extend corporate networks to secure remote sites while giving users access to the same applications found in a corporate office. They provide increased reliability for diversity of wireless data, voice, and video applications. When users require wireless LAN (WLAN) access, visibility and control of network security are even more critical at the remote site. The Cisco 890 Series meets this need with a single device that combines integrated 802.11a/g/n capabilities with security features such as Wi-FiProtected Access (WPA), including authentication with IEEE 802.1X with Cisco Extensible Authentication Protocol (LEAP) and Protected EAP (PEAP), and encryption with WPA Temporal Key Integrity Protocol (TKIP). The Cisco 890 Series wireless models that include the integrated access point have full feature parity with the Cisco Aironet® 1250 Series Access Point and can be used in either autonomous or Cisco Unified WLAN modes. In Cisco Unified WLAN mode, as part of an enterprise WLAN architecture, all WLAN functions are centrally managed through Cisco Wireless LAN Controllers and the Cisco Wireless Control System (WCS). The Cisco 897 with wireless supports Cisco CleanAir technology.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 6 of 16

Figure 6 shows a Cisco 890 Series Router deployed in an enterprise small branch-officeWLAN application.

Figure 6. Enterprise SmallBranch-OfficeWLAN

Manageability

Cisco 890 Series Routers support a whole suite of management tools to provide ease of use. Tools such as Cisco Configuration Professional use smart wizards and task-basedtutorials, which resellers and customers can use to quickly and easily deploy, configure, and monitor a Cisco access router without requiring knowledge of the Cisco IOS Softwarecommand-lineinterface (CLI).

Table 2 lists the features and benefits of the Cisco 890 Series Routers.

 

Table 2.

Features and Benefits of Cisco 890 Series Routers

 

 

 

 

 

 

 

 

 

Feature

 

Benefit

 

 

 

 

 

 

 

Increased performance for

Router performance allows customers to take advantage of broadband network speeds while running

 

 

concurrent services

secure, concurrent data, voice, video, and wireless services.

 

 

 

 

 

 

 

Integrated Gigabit Ethernet, SFP,

Integrated ports offer flexibility in Ethernet WAN access, and the additional capability to deploy redundant

 

 

and Fast Ethernet WAN ports

WAN connections for failover protections and load balancing.

 

 

 

 

 

 

 

 

 

 

 

Refer to Table 1 for details about the WAN interface.

 

 

 

Option of integrated 8-port

Fully managed LAN switch ports connect multiple LAN devices and reduce the need for an additional LAN

 

 

10/100BASE-Tmanaged switch

switch.

 

 

 

or integrated 8-port

The Cisco 891, 892, and 892F support10/100BASE-T.

 

 

 

10/100/1000BASE-Tmanaged

The Cisco 892FSP, 896VA, 897VA, and 898EA support10/100/1000BASE-T.

 

 

 

switch

 

 

 

 

Integrated WAN backup

Refer to Table 1 for details about the backup WAN interface.

 

 

 

Real-timeclock

Abuilt-in,real-timeclock maintains an accurate date and time for applications that require an accurate

 

 

 

 

time stamp, such as logging and digital certificates.

 

 

 

 

 

 

 

 

Enhanced security

An integrated stateful and application inspection firewall provides network perimeter security.

 

 

 

 

 

High-speedIPsec 3DES and AES encryption offers data privacy over the Internet.

 

 

 

 

 

Intrusion prevention enforces security policy in a larger enterprise or service provider network.

 

 

 

 

 

Web Security is supported with Cisco ScanSafe deployments.

 

 

 

Optional dual-radioordual-band

The Cisco 890 Series offers a secure, integrated access point in a single device. It supports both

 

 

 

IEEE 802.11n access point

autonomous and unified modes. It is backward-compatiblewith 802.11a/b/g.

 

 

 

 

 

The router supports IEEE 802.11n draft 2.0 and usesmultiple-input,multiple-output(MIMO) technology

 

 

 

 

that provides increased throughput, reliability, and predictability.

 

 

 

 

 

Refer to Table 1 for details aboutWi-Fioptions.

 

 

 

Separate console, auxiliary, and

One auxiliary and one console port enable remote configuration and management.

 

 

 

USB ports

 

 

 

 

 

The router has two USB 2.0 flash memory or security eTokens. Integrated USB ports can be configured to

 

 

 

 

work with an optional USB token for off-platformstorage of VPN credentials or for deployment of

 

 

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 7 of 16

Feature

Benefit

 

configurations stored on USB flash-memorydevices.

 

Unified wireless management

Configuration and management of access points is automated and simplified without manual intervention.

 

A unified hybridremote-edgeaccess point (HREAP) provides the following:

 

WLAN services to remote and branch offices without deploying a wireless LAN controller at each

 

location.

 

Central configuration and control of unified WLAN services for remote offices through a WAN link.

 

Flexibility in setting up wireless access at remote locations by specifying how traffic is to be bridged or

 

tunneled.

 

 

Cisco Configuration

Cisco Configuration Professional uses smart wizards andtask-basedtutorials, which resellers and

Professional

customers can use to quickly and easily deploy, configure, and monitor a Cisco access router without

 

requiring knowledge of the Cisco IOS Software CLI.

 

 

 

Summary

Cisco 890 Series Integrated Services Routers combine increased network performance with advanced security and wireless technology to allow enterprise small branch-officecustomers to get the most from their broadband connections. Service providers andvalue-addedresellers can take advantage of the Cisco 890 Series to provide a truebusiness-classbroadband service. The Cisco 890 Series delivers on the requirements of enterprise small branch offices and managed services providers.

Product Specifications

Tables 3 and 4 list software and hardware features of the Cisco 890 Series.

Table 3.

Cisco IOS Software Features on Cisco 890 Series Routers: Advanced IP Features Set (Default)

 

 

 

Feature

 

Description

 

 

IP and IP services features

Routing Information Protocol Versions 1 and 2 (RIPv1 and RIPv2)

 

 

Generic routing encapsulation (GRE) and multipoint GRE (MGRE)

 

 

Cisco Express Forwarding

 

 

Standard 802.1d Spanning Tree Protocol

 

 

Layer 2 Tunneling Protocol (L2TP)

 

 

Layer 2 Tunneling Protocol Version 3 (L2TPv3)

 

 

Network Address Translation (NAT)

 

 

Dynamic Host Configuration Protocol (DHCP) server, relay, and client

 

 

Dynamic Domain Name System (DNS)

 

 

DNS Proxy

 

 

DNS Spoofing

 

 

Access control lists (ACLs)

 

 

IPv4 and IPv6 Multicast

 

 

Open Shortest Path First (OSPF)

 

 

Border Gateway Protocol (BGP)

 

 

Performance Routing (PfR)

 

 

Enhanced Interior Gateway Routing Protocol (EIGRP)

 

 

Virtual Route Forwarding (VRF) Lite

 

 

Next Hop Resolution Protocol (NHRP)

 

 

Bidirectional Forwarding Detection (BFD)

 

 

Web Cache Communication Protocol (WCCP)

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 8 of 16

Feature

Description

 

 

xDSL

True Multimode VDSL2/ADSL2+ over Annex A, B, J, and M including traditional G.DMT and T1.413

 

World-classinteroperability withindustry-standardDSL access multiplexers (DSLAM)chipsets

 

Highest field reliability with Impulse Noise Protection over REIN/SHINE, ExtendedINP-Delay,G.INP,

 

Physical Layer Retransmission, SRA, and Bitswap

 

 

 

VDSL2 PSD Profiles upto 17a/b with support for Spectral Shaping

 

VDSL2 Vectoring to offer blazing fiber speeds over copper

 

Support for4-pairmultimode G.SHDSL; that is, ATM and EFM

 

Remote management with TR069/CWMP

 

Investment protection with GE/SFP for Future Fiber that could replace xDSL deployment

Switch features

Auto Media Device In/Media Device Cross Over(MDI-MDX)

 

14 802.1QVLANs

 

MAC filtering

 

Four-port802.3af and Cisco compliant PoE

 

Switched Port Analyzer (SPAN)

 

Storm Control

 

Smart ports

 

Secure MAC address

 

Internet Group Management Protocol Version 3 (IGMPv3) snooping

 

802.1x

Security features

Secure connectivity:

 

 

 

SSLVPN for secure remote access

 

Hardware-acceleratedDES, 3DES, AES 128, AES 192, and AES 256

 

Public-key-infrastructure(PKI) support

 

Fifty IPsec tunnels

 

Cisco Easy VPN Client and Server

 

Network Address Translation (NAT) transparency

 

DMVPN

 

Tunnel-lessGroup Encrypted Transport VPN

 

IPsec stateful failover

 

VRF-awareIPsec

 

IPsec over IPv6

 

Adaptive control technology

 

Session Initiation Protocol (SIP)application-layergateway

 

Cisco IOS Firewall:

 

Zone-BasedPolicy Firewall

 

 

 

VRF-awarestateful inspection routing firewall

 

 

 

Stateful inspection transparent firewall

 

 

 

Advanced application inspection and control

 

Secure HTTP (HTTPS), FTP, and Telnet Authentication Proxy

 

Dynamic and static port security

 

Firewall stateful failover

 

VRF-awarefirewall

 

Cisco ScanSafe Connector

 

Cisco IOS Software black and white lists

 

Integrated threat control:

IPS

Control Plane Policing

Flexible Packet Matching

Network foundation protection

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 9 of 16

Feature

Description

 

 

QoS features

Low-LatencyQueuing (LLQ)

 

Weighted Fair Queuing (WFQ)

 

Class-BasedWFQ (CBWFQ)

 

Class-BasedTraffic Shaping (CBTS)

 

Class-BasedTraffic Policing (CBTP)

 

Policy-BasedRouting (PBR)

 

Class-BasedQoS MIB

 

Class of service(CoS)-to-differentiatedservices code point (DSCP) mapping

 

Class-BasedWeighted Random Early Detection (CBWRED)

 

Network-BasedApplication Recognition (NBAR)

 

Link fragmentation and interleaving (LFI)

 

Resource Reservation Protocol (RSVP)

 

Real-TimeTransport Protocol (RTP) header compression (cRTP)

 

Differentiated Services (DiffServ)

 

QoS preclassify and prefragmentation

 

HQoS

Management features

Cisco Configuration Professional

 

Cisco Configuration Express

 

Cisco Configuration Engine support

 

Cisco AutoInstall

 

IP SLA

 

Cisco IOS Embedded Event Manager (EEM)

 

CiscoWorks

 

Cisco Security Manager

 

Telnet, SNMPv3, SSH, CLI, and HTTP management

 

RADIUS and TACACS+

 

Out-of-bandmanagement with ISDN S/T port or external modem through a virtual auxiliary port on models

 

supporting those interfaces; refer to Table 1 for details

 

Cisco Wireless Control System (WCS) for management of unified access points in models supporting

 

WLAN; on models supporting WLAN, refer to Table 1 for details

 

 

High-availabilityfeatures

Virtual Router Redundancy Protocol (VRRP) (RFC 2338)

 

HSRP

 

MHSRP

 

Dial backup with external modem through virtual auxiliary port

 

Dial backup with ISDN S/T or V.92 Analog modem port

Metro Ethernet features

Ethernet OA&M

 

Ethernet LMI

 

IP SLA for Ethernet

IPv6 features

IPv6 addressing architecture

 

IPv6 name resolution

 

IPv6 statistics

 

IPv6 translation: Transport packets betweenIPv6-onlyandIPv4-onlyendpointsNAT-PT)

 

Internet Control Message Protocol Version 6 (ICMPv6)

 

IPv6 DHCP

 

OSPFv3

 

BGP4+

 

IPv6 path maximum transmission unit (PMTU)

 

IPv6 Neighbor Discovery

 

IPv6 stateless address autoconfiguration (SLAAC)

 

IPv6 Multicast Routing

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 10 of 16

Feature

 

Description

 

 

Unified WLAN management

Unified access point features:

 

 

Supported by wireless LAN controller and Cisco WCS

 

 

 

 

 

Configurable local or central switching for HREAP mode

 

 

Radio management through Cisco WCS

 

 

Transparent roaming with mobility groups

Application visibility and control

Cisco Wide Area Application Services (WAASx)

 

 

NBAR2

 

 

 

Flexible NetFlow (FNF)

 

 

Performance Agent

Number of recommended users

50

 

 

 

 

Table 4.

Cisco IOS Software

Features

on Cisco 890 Series Routers: WLAN Features (Available with Wireless Option)

 

 

 

Feature

 

Description

 

 

Standard 802.11 a/g/n access

Optional on Cisco 890 Series models

point

 

 

 

 

 

WLAN hardware

Support for CleanAir technology on Cisco 897

 

 

Automatic rate selection for 802.11a/g/n

 

 

Noncaptive RPTNC omnidirectional dipole antennae;2-dBigain @ 2.4 GHz,5-dBigain @ 5 GHz

 

 

2 x 3 MIMO radio operation

 

 

Wi-Fi802.11n Draft v2.0 certified

WLAN software features

Autonomous or unified access point

 

 

Cisco WCS support for monitoring ofautonomous-modeaccess points

 

 

Option to maximize throughput or maximize range

 

 

Software-configurabletransmit power

 

 

Radio roles, including access point, root bridge, nonroot bridge, and workgroup bridge

 

 

Wi-FiMultimedia (WMM) certification

 

 

Traffic specifications (TSPEC) Call Admission Control (CAC) to ensure voice quality is maintained

 

 

Unscheduled Automatic Power Save Delivery (UPSD) to reduce latency

WLAN security features

Standard 802.11i

 

 

WPA and AES (WPA2)

 

 

EAP authentication: Cisco LEAP, PEAP, Extensible Authentication Protocol Transport Layer Security

 

 

(EAP TLS), Extensible Authentication Protocol-FlexibleAuthentication via Secure Tunneling(EAP-FAST),

 

 

Extensible Authentication Protocol-SubscriberInformation Module(EAP-SIM),Extensible Authentication

 

 

Protocol-MessageDigest Algorithm 5(EAP-MD5),and Extensible AuthenticationProtocol-TunneledTLS

 

 

(EAP-TTLS)

 

 

 

 

 

Static and dynamic Wired Equivalent Privacy (WEP)

 

 

TKIP/Simple Security Network (TKIP/SSN) encryption

 

 

MAC authentication and filter

 

 

User database for survivable local authentication using LEAP andEAP-FAST

 

 

Configurable limit to the number of wireless clients

 

 

Configurable RADIUS accounting for wireless clients

 

 

Preshared keys (PSKs)(WPA-smalloffice or home office[WPA-SOHO])

Certifications

 

 

 

 

 

Service Set Identifiers (SSIDs)

16

 

and Multiple Broadcast SSIDs

 

 

 

 

Wireless VLANs

14 (encrypted and nonencrypted VLANs)

 

 

 

 

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 11 of 16