I have some resources in data center and I need a IPSec VPN to it and some other location.
I suppose there will be up to 3-5 IPSec tunnels.
I choose Cisco ISR 881-SEC-K9 with one wan port and 4 LAN switch.
But know I’m looking for Cisco 891-K9.
There is no security bundle for it. But in cisco.com this router is marked Cisco 891-K9 Security router. Does it support security features like VPNs, ZBF, IOS Firewall, NBAR and IP SLA for ISP redundancy?
Also if my boss will choose chipper Cisco router 881-SEC-K9. Will I be able to organize 2 ISP redundancy on 4 LAN switch port inside VLAN interfaces because there is only one WAN port?
Secure Services and Mobility for Small Offices and Teleworker
The 10/100-Mbps fast Ethernet models of the Cisco 881 Integrated Services Routers combine Internet access, security and wireless services onto a single, secure device. This router offers broadband speeds and simplified management to small businesses, and enterprise small branch and teleworkers.
The Cisco 880 Series provides:
VPNs, and WLANs, at broadband speeds to small offices
Centralized management features
Available options on the Cisco 881 Integrated Services Router include:
Cisco 890 Series Integrated Services Routers are designed to deliver secure broadband, Metro Ethernet, wireless LAN connectivity, and business continuity for enterprise small branch offices. These fixed-configuration routers also come with powerful management tools, such as the web-based Cisco Configuration Professional, which simplifies setup and deployment. The Cisco 892 model includes an integrated ISDN BRI S/T interface.
Cisco 892 Series Integrated Services Routers offer:
High performance for secure broadband and Metro Ethernet access
Business continuity and WAN diversity with redundant WAN links (Fast Ethernet and ISDN Basic Rate Interface (BRI) )
Secure 802.11a/g/n access point (optional), which offers dual-band radios for mobility, and supports Cisco Unified WLAN architectures
Enhanced security, including:
Firewall with advance application and control
Site-to-site remote-access and dynamic VPN services: IP Security (IPsec) VPNs, Group Encrypted Transport VPN [GET VPN] with onboard acceleration, and Secure Sockets Layer [SSLVPN]
Intrusion prevention system (IPS)
An 8-port 10/100 Fast Ethernet managed switch with VLAN support and 4-port support for Power over Ethernet (PoE) (optional)
Metro Ethernet features that include:
One 1000 BASE-T Gigabit Ethernet and One 10/100 BASE-T Fast Ethernet WAN port
Intelligent hierarchical quality of service (HQoS)
Connectivity Fault Management (CFM), link operational administration and maintenance (OAM), and Ethernet Local Management Interface (E-LMI) for the Customer Edge
IP service-level agreement (SLA) for Metro Ethernet
Regards Thanveer "Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."