Cisco Systems
Copyright © 2001 Cisco Systems, Inc. All Rights Reserved.
Page 5 of 7
Routing
• RIP, RIP2, OSPF, RRI (Reverse Route Injection), Static,
Automatic endpoint discovery, Network Address
Translation (NAT), Classless Interdomain Routing
(CIDR)
• IPsec fragmentation policiy control, including support
for Path MTU Discovery (PMTUD)
• Interface MTU control
Third-Party Compatibility
• Certicom, iPass Ready, Funk Steel Belted RADIUS
certified, NTS TunnelBuilder VPN Client (Mac and
Windows), Microsoft Internet Explorer, Netscape
Communicator, Entrust, GTE Cybertrust, Baltimore,
RSA Keon
High Availability
• VRRP protocol for multi-chassis redundancy and
fail-over
• Remote Access Load Balancing clusters
• Destination pooling for client-based fail-over and
connection re-establishment
• Redundant SEP modules (optional), power supplies,
and fans (Cisco VPN 3015 - 3080)
Management
Configuration
• Embedded management interface is accessible via
console port, Telnet, SSH, and Secure HTTP
• Administrator access is configurable for five levels of
authorization. Authentication can be performed
externally via TACACS+
• Role-based management policy separates functions for
service provider and end-user management
Monitoring
• Event logging and notification via e-mail (SMTP)
• Automatic FTP backup of event logs
• SNMP MIB-II support
• Configurable SNMP traps
• Syslog output
• System status
• Session data (including Client Assign IP, Encryption
Type Connection Duration, Client OS, Version, etc)
• General statistics
Security
Authentication and Accounting Servers
• Support for redundant external authentication servers:
– RADIUS (Remote Authentication Dial-In User
Service)
– Microsoft NT Domain authentication
– Microsoft NT Domain authentication with Password
Expiration (MSCHAPv2)
– RSA Security Dynamics (SecurID Ready), including
native support for RSA 5 (Load Balancing, Resiliency)
• Internal Authentication server for up to 100 users
• X.509v3 Digital Certificates (including CRL/LDAP &
CRL/HTTP, CRL Caching and Backup CRL
Distribution Point support)
• RADIUS accounting
• TACACS+ Administrative user authentication
Internet-Based Packet Filtering
• Source and destination IP address
• Port and protocol type
• Fragment protection
• FTP session filtering
• Site-to-Site Filters and NAT (for overlapping address
space)
Policy Management
• By individual user or group
– Filter profiles
– Idle and maximum session timeouts
– Time and day access control
– Tunneling protocol and security authorization profiles
– IP Pool
– Authentication Servers
Certification
• FIPS 140-1 Level 2, VPNC
Ports
• Console port-Asynchronous serial (DB-9)
(4 Seiten)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern