Friday, September 30, 2011

CISCO 881/K9, Cisco 881 Ethernet Security Router


Cisco 881-K9, hot Ethernet security router, provides collaborative business solutions for secure voice and data communication to small businesses and enterprise teleworkers.The Cisco 881-K9 router delivers features, including firewall, content filtering, VPNs, and WLANs, at broadband speeds to small offices. Easy deployment and centralized management features enable the CISCO886-K9 to be deployed by enterprises or service providers in small branch offices or small businesses.

To get the general features of Cisco 881/K9
Device TypeRouter - 4-port switch (integrated)
Enclosure TypeDesktop
Connectivity TechnologyWired
Data Link ProtocolEthernet, Fast Ethernet
CapacityIPSec VPN tunnels: 20
Network / Transport ProtocolL2TP, IPSec, DHCP, DNS, L2TPv3, DDNS
Routing ProtocolRIP-1, RIP-2, CISCO887G-K9 HSRP, VRRP, GRE, policy-based routing (PBR)
Remote Management ProtocolTelnet, SNMP 3, HTTP, HTTPS, FTP, SSH, CLI
Encryption AlgorithmLEAP, DES, Triple DES, MD5, SSL, TLS, PEAP, TTLS, TKIP, WPA, WPA2, WPA-PSK, PKI, 128-bit AES, 192-bit AES, 256-bit AES
Authentication MethodRADIUS, TACACS+
FeaturesFirewall protection, DHCP support, NAT support, VLAN support, auto-uplink (auto MDI/MDI-X), Stateful Packet Inspection (SPI), MAC address filtering, High Availability, Class-Based Weighted Fair Queuing (CBWFQ), Weighted Fair Queuing (WFQ), Virtual Route Redundancy Protocol (VRRP) support, Access Control List (ACL) support, Quality of Service (QoS), CISCO887GW-GN-A-K9 DHCP server, DNS proxy
Compliant StandardsIEEE 802.1D, IEEE 802.1Q, IEEE 802.1x
RAM256 MB (installed) / 768 MB (max) - DDR2 SDRAM - SO DIMM 200-pin
Flash Memory 128 MB
Status IndicatorsPort status, power
InterfacesLAN: 4 x 10Base-T/100Base-TX - RJ-45 ¦ Management: 1 x console - RJ-45 ¦ WAN: 1 x 10Base-T/100Base-TX - RJ-45 ¦ USB : 1 x 4 PIN USB Type A
Expansion Slots Total (Free) 1(1 ) x ExpressCard ¦ 1 ( 1 ) x memory - SO DIMM 200-pin
Power Device Power adapter - external - 60 Watt
Voltage Required AC 120/230 V (50/60 Hz )
Compliant StandardsIEC 61000-3-2, VCCI-II, EN55024, EN55022 Class B, ICES-003 Class B, AS/NZS 60950-1, CISCO887GW-GN-E-K9 CS-03, EN 60555-2, UL 60950-1, IEC 60950-1, FCC CFR47 Part 15 B, CSA C22.2 No. 60950-1
OS Provided Cisco IOS Advanced Security

More info about Cisco 881-K9 such as price, purchasing guide, you can visit www.router-switch.com.
Posted by at No comments:
Labels:

Thursday, September 22, 2011

DoS Protection on Cisco Routers


The Cisco router is one of the most versatile High End routing machines. It is one of enterprise’s networking devices. If you take a look at Cisco website under the Routers Product Category, you will notice that the Cisco 7600 can be used in Data Centers, in Service Provider networks, in WAN aggregation or as Internet Edge router. In Service Providers can be used as Provider Edge (PE) in IP MPLS networks aggregating many Customer Edge (CE) router devices. Its modularity and high port capacity allows the 7600 to work as both Layer2 aggregation and as Layer3 high performance router.
In Service Provider networks one of the main concerns of network administrators is to protect the networking infrastructure from Denial of Service attacks. These DoS attacks are actually the most serious and popular security threat against Service Providers. buy used router Botnets are frequently the main source of such attacks. ICMP flooding, UDP flooding, spoofed addresses DoS, SYN attacks etc are a few examples of DoS or DDos (Distributed Denial of Service) attacks. Fortunately the Cisco 7600 router has many robust features and mechanisms to protect itself from such attacks.
In the company that I work (Service Provider) we have already implemented several security protection features on 7600 which are really effective against DoS attacks. A summary of the DoS protection mechanisms on 7600 follows below:
  • Security Access Control Lists (ACL): Applied on interfaces to block traffic at Layer3/4 layers.
  • QoS Rate Limiting: Using class-maps and policy-maps you can apply rate limiting to specific type of traffic (e.g ICMP)
  • uRPF (unicast Reverse Path Forwarding): protects against spoofing attacks. sell cisco routers
  • Traffic Storm Control: Protects against broadcast storm attacks.
  • TCP Intercept: Protects against SYN attacks.
  • Hardware-Based Rate Limiters: Work on PFC3 engines. These rate limiters protect the MSFC routing engine from various packets that can overload its CPU (configured with the mls rate-limit command)
  • Control Plane Policing (CoPP): Again used for protection of the MSFC routing engine by applying rate limiting to packets that flow from the data plane to the control plane.
Of course in addition to the above you must not forget other important security mechanisms such as strong password policy, proper Authentication and Accounting, refurbished cisco router logging, SNMP security, Routing Protocols security (MD5 authentication in OSPF, BGP etc) etc. All of these technical issues must be based on a thorough and carefully written security policy.
Tips: If you need to know more about Cisco 7600 series, such as key features, specs, related software and price, or wannato buy cisco refurbished routers, you can visit router-switch.com to see more news and info of Cisco network equipment. Also,Cisco blog at router-switch.com share all kinds of news and info related to Cisco, computer and technology, hardware, networking, CISCO network equipment, cloud computing, etc. with all the Cisco fans and networking lovers…
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)