Cisco Systems C897VAK9 User Manual
537.34 Kb

verification, and configuration management, resulting in increased operational efficiency and reduced operating expenses (OpEx).

The following Metro Ethernet features are supported for the Cisco 890 Series:

E-LMI:Basic configuration for detection and isolation of connectivity in the Metro Ethernet network

E-LMI:Automated configuration of customer edge based on profiles configured:

Layer 2 connectivity management

Ethernet LMI for the customer edge

Metro Ethernet OA&M:

Debugging hierarchy of Ethernet networks

Layer 2 service performance monitoring


Standard that uses domains to contain OA&M flows and bound OA&M responsibilities

802.3ah: Ethernet in the First Mile (EFM)

Three types of packets: Continuity Check, Layer 2 Ping, and Layer 2 Traceroute

IP SLA for Ethernet

Figure 4 shows a typical small branch-officeMetro Ethernet deployment.

Figure 4. Typical Metro Ethernet Deployment

High Availability

Cisco 890 Series Routers enable customers to deliver high-performance,high-availability,mission-criticalbusiness applications (Figure 5). The Cisco IOS Software universal image with Advanced IP Services feature license (default) offers basic and advanced routing capabilities to deliver failover protection and load balancing. These capabilities include Virtual Router Redundancy Protocol (VRRP) (RFC 2338), Hot Standby Router Protocol (HSRP), MultigroupHSRP (MHSRP), and dial backup with external modem through a virtual auxiliary port. Cisco 890 Series Routers are integrated with ISDN BRI (892, 896, and 897 models), a V.92 analog modem (891 model), or a GigabitEthernet port for a secondary WAN backup connection. If the primaryEthernet-accessWAN is disconnected, the router detects this failure and fails over to the secondary backup WAN.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 5 of 16

Figure 5. High Availability

Integrated Wireless LAN Capability

The Cisco 890 Series is ideal for enterprise small branch offices and small businesses that need to be connected to larger enterprise networks. These routers help extend corporate networks to secure remote sites while giving users access to the same applications found in a corporate office. They provide increased reliability for diversity of wireless data, voice, and video applications. When users require wireless LAN (WLAN) access, visibility and control of network security are even more critical at the remote site. The Cisco 890 Series meets this need with a single device that combines integrated 802.11a/g/n capabilities with security features such as Wi-FiProtected Access (WPA), including authentication with IEEE 802.1X with Cisco Extensible Authentication Protocol (LEAP) and Protected EAP (PEAP), and encryption with WPA Temporal Key Integrity Protocol (TKIP). The Cisco 890 Series wireless models that include the integrated access point have full feature parity with the Cisco Aironet® 1250 Series Access Point and can be used in either autonomous or Cisco Unified WLAN modes. In Cisco Unified WLAN mode, as part of an enterprise WLAN architecture, all WLAN functions are centrally managed through Cisco Wireless LAN Controllers and the Cisco Wireless Control System (WCS). The Cisco 897 with wireless supports Cisco CleanAir technology.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 6 of 16

Figure 6 shows a Cisco 890 Series Router deployed in an enterprise small branch-officeWLAN application.

Figure 6. Enterprise SmallBranch-OfficeWLAN


Cisco 890 Series Routers support a whole suite of management tools to provide ease of use. Tools such as Cisco Configuration Professional use smart wizards and task-basedtutorials, which resellers and customers can use to quickly and easily deploy, configure, and monitor a Cisco access router without requiring knowledge of the Cisco IOS Softwarecommand-lineinterface (CLI).

Table 2 lists the features and benefits of the Cisco 890 Series Routers.


Table 2.

Features and Benefits of Cisco 890 Series Routers




















Increased performance for

Router performance allows customers to take advantage of broadband network speeds while running



concurrent services

secure, concurrent data, voice, video, and wireless services.








Integrated Gigabit Ethernet, SFP,

Integrated ports offer flexibility in Ethernet WAN access, and the additional capability to deploy redundant



and Fast Ethernet WAN ports

WAN connections for failover protections and load balancing.












Refer to Table 1 for details about the WAN interface.




Option of integrated 8-port

Fully managed LAN switch ports connect multiple LAN devices and reduce the need for an additional LAN



10/100BASE-Tmanaged switch





or integrated 8-port

The Cisco 891, 892, and 892F support10/100BASE-T.





The Cisco 892FSP, 896VA, 897VA, and 898EA support10/100/1000BASE-T.









Integrated WAN backup

Refer to Table 1 for details about the backup WAN interface.





Abuilt-in,real-timeclock maintains an accurate date and time for applications that require an accurate





time stamp, such as logging and digital certificates.









Enhanced security

An integrated stateful and application inspection firewall provides network perimeter security.






High-speedIPsec 3DES and AES encryption offers data privacy over the Internet.






Intrusion prevention enforces security policy in a larger enterprise or service provider network.






Web Security is supported with Cisco ScanSafe deployments.




Optional dual-radioordual-band

The Cisco 890 Series offers a secure, integrated access point in a single device. It supports both




IEEE 802.11n access point

autonomous and unified modes. It is backward-compatiblewith 802.11a/b/g.






The router supports IEEE 802.11n draft 2.0 and usesmultiple-input,multiple-output(MIMO) technology





that provides increased throughput, reliability, and predictability.






Refer to Table 1 for details aboutWi-Fioptions.




Separate console, auxiliary, and

One auxiliary and one console port enable remote configuration and management.




USB ports






The router has two USB 2.0 flash memory or security eTokens. Integrated USB ports can be configured to





work with an optional USB token for off-platformstorage of VPN credentials or for deployment of



© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 7 of 16




configurations stored on USB flash-memorydevices.


Unified wireless management

Configuration and management of access points is automated and simplified without manual intervention.


A unified hybridremote-edgeaccess point (HREAP) provides the following:


WLAN services to remote and branch offices without deploying a wireless LAN controller at each




Central configuration and control of unified WLAN services for remote offices through a WAN link.


Flexibility in setting up wireless access at remote locations by specifying how traffic is to be bridged or





Cisco Configuration

Cisco Configuration Professional uses smart wizards andtask-basedtutorials, which resellers and


customers can use to quickly and easily deploy, configure, and monitor a Cisco access router without


requiring knowledge of the Cisco IOS Software CLI.





Cisco 890 Series Integrated Services Routers combine increased network performance with advanced security and wireless technology to allow enterprise small branch-officecustomers to get the most from their broadband connections. Service providers andvalue-addedresellers can take advantage of the Cisco 890 Series to provide a truebusiness-classbroadband service. The Cisco 890 Series delivers on the requirements of enterprise small branch offices and managed services providers.

Product Specifications

Tables 3 and 4 list software and hardware features of the Cisco 890 Series.

Table 3.

Cisco IOS Software Features on Cisco 890 Series Routers: Advanced IP Features Set (Default)









IP and IP services features

Routing Information Protocol Versions 1 and 2 (RIPv1 and RIPv2)



Generic routing encapsulation (GRE) and multipoint GRE (MGRE)



Cisco Express Forwarding



Standard 802.1d Spanning Tree Protocol



Layer 2 Tunneling Protocol (L2TP)



Layer 2 Tunneling Protocol Version 3 (L2TPv3)



Network Address Translation (NAT)



Dynamic Host Configuration Protocol (DHCP) server, relay, and client



Dynamic Domain Name System (DNS)



DNS Proxy



DNS Spoofing



Access control lists (ACLs)



IPv4 and IPv6 Multicast



Open Shortest Path First (OSPF)



Border Gateway Protocol (BGP)



Performance Routing (PfR)



Enhanced Interior Gateway Routing Protocol (EIGRP)



Virtual Route Forwarding (VRF) Lite



Next Hop Resolution Protocol (NHRP)



Bidirectional Forwarding Detection (BFD)



Web Cache Communication Protocol (WCCP)

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 8 of 16






True Multimode VDSL2/ADSL2+ over Annex A, B, J, and M including traditional G.DMT and T1.413


World-classinteroperability withindustry-standardDSL access multiplexers (DSLAM)chipsets


Highest field reliability with Impulse Noise Protection over REIN/SHINE, ExtendedINP-Delay,G.INP,


Physical Layer Retransmission, SRA, and Bitswap




VDSL2 PSD Profiles upto 17a/b with support for Spectral Shaping


VDSL2 Vectoring to offer blazing fiber speeds over copper


Support for4-pairmultimode G.SHDSL; that is, ATM and EFM


Remote management with TR069/CWMP


Investment protection with GE/SFP for Future Fiber that could replace xDSL deployment

Switch features

Auto Media Device In/Media Device Cross Over(MDI-MDX)


14 802.1QVLANs


MAC filtering


Four-port802.3af and Cisco compliant PoE


Switched Port Analyzer (SPAN)


Storm Control


Smart ports


Secure MAC address


Internet Group Management Protocol Version 3 (IGMPv3) snooping



Security features

Secure connectivity:




SSLVPN for secure remote access


Hardware-acceleratedDES, 3DES, AES 128, AES 192, and AES 256


Public-key-infrastructure(PKI) support


Fifty IPsec tunnels


Cisco Easy VPN Client and Server


Network Address Translation (NAT) transparency




Tunnel-lessGroup Encrypted Transport VPN


IPsec stateful failover




IPsec over IPv6


Adaptive control technology


Session Initiation Protocol (SIP)application-layergateway


Cisco IOS Firewall:


Zone-BasedPolicy Firewall




VRF-awarestateful inspection routing firewall




Stateful inspection transparent firewall




Advanced application inspection and control


Secure HTTP (HTTPS), FTP, and Telnet Authentication Proxy


Dynamic and static port security


Firewall stateful failover




Cisco ScanSafe Connector


Cisco IOS Software black and white lists


Integrated threat control:


Control Plane Policing

Flexible Packet Matching

Network foundation protection

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 9 of 16





QoS features

Low-LatencyQueuing (LLQ)


Weighted Fair Queuing (WFQ)


Class-BasedWFQ (CBWFQ)


Class-BasedTraffic Shaping (CBTS)


Class-BasedTraffic Policing (CBTP)


Policy-BasedRouting (PBR)


Class-BasedQoS MIB


Class of service(CoS)-to-differentiatedservices code point (DSCP) mapping


Class-BasedWeighted Random Early Detection (CBWRED)


Network-BasedApplication Recognition (NBAR)


Link fragmentation and interleaving (LFI)


Resource Reservation Protocol (RSVP)


Real-TimeTransport Protocol (RTP) header compression (cRTP)


Differentiated Services (DiffServ)


QoS preclassify and prefragmentation



Management features

Cisco Configuration Professional


Cisco Configuration Express


Cisco Configuration Engine support


Cisco AutoInstall




Cisco IOS Embedded Event Manager (EEM)




Cisco Security Manager


Telnet, SNMPv3, SSH, CLI, and HTTP management




Out-of-bandmanagement with ISDN S/T port or external modem through a virtual auxiliary port on models


supporting those interfaces; refer to Table 1 for details


Cisco Wireless Control System (WCS) for management of unified access points in models supporting


WLAN; on models supporting WLAN, refer to Table 1 for details




Virtual Router Redundancy Protocol (VRRP) (RFC 2338)






Dial backup with external modem through virtual auxiliary port


Dial backup with ISDN S/T or V.92 Analog modem port

Metro Ethernet features

Ethernet OA&M


Ethernet LMI


IP SLA for Ethernet

IPv6 features

IPv6 addressing architecture


IPv6 name resolution


IPv6 statistics


IPv6 translation: Transport packets betweenIPv6-onlyandIPv4-onlyendpointsNAT-PT)


Internet Control Message Protocol Version 6 (ICMPv6)








IPv6 path maximum transmission unit (PMTU)


IPv6 Neighbor Discovery


IPv6 stateless address autoconfiguration (SLAAC)


IPv6 Multicast Routing

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 10 of 16






Unified WLAN management

Unified access point features:



Supported by wireless LAN controller and Cisco WCS






Configurable local or central switching for HREAP mode



Radio management through Cisco WCS



Transparent roaming with mobility groups

Application visibility and control

Cisco Wide Area Application Services (WAASx)







Flexible NetFlow (FNF)



Performance Agent

Number of recommended users






Table 4.

Cisco IOS Software


on Cisco 890 Series Routers: WLAN Features (Available with Wireless Option)









Standard 802.11 a/g/n access

Optional on Cisco 890 Series models







WLAN hardware

Support for CleanAir technology on Cisco 897



Automatic rate selection for 802.11a/g/n



Noncaptive RPTNC omnidirectional dipole antennae;2-dBigain @ 2.4 GHz,5-dBigain @ 5 GHz



2 x 3 MIMO radio operation



Wi-Fi802.11n Draft v2.0 certified

WLAN software features

Autonomous or unified access point



Cisco WCS support for monitoring ofautonomous-modeaccess points



Option to maximize throughput or maximize range



Software-configurabletransmit power



Radio roles, including access point, root bridge, nonroot bridge, and workgroup bridge



Wi-FiMultimedia (WMM) certification



Traffic specifications (TSPEC) Call Admission Control (CAC) to ensure voice quality is maintained



Unscheduled Automatic Power Save Delivery (UPSD) to reduce latency

WLAN security features

Standard 802.11i



WPA and AES (WPA2)



EAP authentication: Cisco LEAP, PEAP, Extensible Authentication Protocol Transport Layer Security



(EAP TLS), Extensible Authentication Protocol-FlexibleAuthentication via Secure Tunneling(EAP-FAST),



Extensible Authentication Protocol-SubscriberInformation Module(EAP-SIM),Extensible Authentication



Protocol-MessageDigest Algorithm 5(EAP-MD5),and Extensible AuthenticationProtocol-TunneledTLS









Static and dynamic Wired Equivalent Privacy (WEP)



TKIP/Simple Security Network (TKIP/SSN) encryption



MAC authentication and filter



User database for survivable local authentication using LEAP andEAP-FAST



Configurable limit to the number of wireless clients



Configurable RADIUS accounting for wireless clients



Preshared keys (PSKs)(WPA-smalloffice or home office[WPA-SOHO])







Service Set Identifiers (SSIDs)



and Multiple Broadcast SSIDs





Wireless VLANs

14 (encrypted and nonencrypted VLANs)





© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

Page 11 of 16