Standard Cisco Network Foundation Protection. AutoSecure offers a single command-line interface CLI command that instantly configures the security posture of routers and disables nonessential system processes and services, thereby eliminating potential security threats. Control Plane Policing and Protection.
This feature protects the route processor from unnecessary or malicious levels of traffic, including DoS attacks. CPU and memory thresholding notification. This feature triggers a syslog notification when a specified percentage of CPU resources for a given process exceeds or falls below a certain threshold for a configured time period.
Routing protection. This feature validates routing peers, enhances routing stability, and provides overload protection by using MD5 peer authentication and redistribution protection. ACL protection. These features protect the router from malicious traffic by restricting the legitimate traffic that can be sent to the router destination address.
Secure access mode silent mode. Secure access mode suppresses response messages from the router control plane, limiting network reconnaissance information available to hackers.
Raw IP traffic export. This feature allows copies of inbound and outbound packets to efficiently capture packets with analysis or intrusion-detection-system IDS tools by sending them out a LAN interface. This feature provides wire-rate, real-time defense against DDoS attacks using a combination of IP routing features.
Digital image signing. Cisco IOS Software login enhancements. These enhancements delay potential dictionary attacks and provide other methods of thwarting unwanted device access.
Role-based CLI access. This feature provides view-based access to CLI commands, allowing highly secure, logical separation of the router between network operations, security operations, and end users. SSHv2 enhances previous versions of SSH for remote network management by concealing password length, making dictionary attacks more difficult. It resolves SSHv1 vulnerability to man-in-the-middle attacks during user authentication. SNMPv3 provides secure, standards-based management and control of devices for customer applications.
Security Management. Cisco Configuration Professional. Cisco Security Management Suite. You can use this application in networks of all sizes-from small networks to large networks consisting of thousands of devices-by using policy-based management techniques. Cisco Security Manager Release 3. Ordering Information. Table 3. Security License Paper for Cisco Security License E-Delivery for Cisco Table 4.
Table 5. Table 6. Cisco and Partner Services for the Branch. For More Information. Cisco Integrated Services Routers ship with the industry's most comprehensive security services, intelligently embedding data, security, voice, and wireless in the platform portfolio for fast, scalable delivery of mission-critical business applications. With routing performance and IP Security IPSec VPN and firewall acceleration up to five times that of previous integrated services routers with services enabled, the Cisco , , and Series Integrated Services Routers are ideal for small businesses and enterprise branch offices Figure 1.
The routers deliver a rich, integrated solution for connecting remote offices, teleworkers, mobile users, and partner extranets or service provider-managed customer premises equipment CPE. Protect your network from all threats while enhancing the branch-office experience:.
Through borderless services, you use the existing infrastructure to secure branch-office connections. You can take full advantage of your existing network infrastructure to control security threats at remote sites and conserve WAN bandwidth-without deploying additional hardware. You have the flexibility to apply security functions, such as firewall, intrusion prevention system IPS , content filtering, and VPN, anywhere in your network to maximize security benefits.
Recent highlights include:. Router-based network security solutions reduce both capital expenditures CapEx and operating expenses OpEx by lowering the number of devices, training, manageability, power, and service contract costs. The last date to order the product through Cisco point-of-sale mechanisms. The product is no longer for sale after this date. September 29, Last Ship Date: HW.
Actual ship date is dependent on lead time. December 28, The last date that Cisco Engineering may release any final software maintenance releases or bug fixes. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software. The last date that Cisco Engineering may release a planned maintenance release or scheduled software remedy for a security vulnerability issue. September 28, The last-possible date a routine failure analysis may be performed to determine the cause of hardware product failure or defect.
The last date to extend or renew a service contract for the product. December 25, Last Date of Support: HW. I was hoping to be able to configure a ipsec VPN tunnel between a few other routers I have, but I seem to have run into an issue with licensing.
I was under the impression that the has 60 evaluation licenses for securityk9 and datak9, then after the 60 days, it turns into a RightToUse license and the features would continue to work, but it won't be in compliance with Cisco licensing.
When I do a "show license all", I get the following:. License Store: Primary License Storage. StoreIndex: 0 Feature: ipbasek9 Version: 1. License Type: Permanent. License State: Active, In Use. License Count: Non-Counted.
License Priority: Medium. License Store: Evaluation License Storage. StoreIndex: 0 Feature: securityk9 Version: 1. License Type: Evaluation. Evaluation total period: 8 weeks 4 days. Evaluation period left: 0 minute 0 second. License Priority: Low. StoreIndex: 1 Feature: datak9 Version: 1. Evaluation period left: 8 weeks 4 days. License Priority: None. Do I have an incorrect understanding of Cisco licensing, or just an incorrect understanding of how to active them?
Also, is there any way to make this work with ipsec VPN without purchasing an additional licensing?
0コメント