Cisco 860 and Cisco 880 Series Integrated Services Routers Software Configuration Guide - Deployment Scenarios [Cisco 800 Series Routers]

Table Of Contents

Deployment Scenarios

About the Deployment Scenarios

Enterprise Small Branch

Internet Service and IPSec VPN with 3G

SMB Applications

Enterprise Wireless Deployments with LWAPP

Deployment Scenarios

In the following sections, this chapter describes and shows some typical deployment scenarios for the Cisco 860 series and 880 series Intergrated Services Routers (ISRs):

•About the Deployment Scenarios

•Enterprise Small Branch

•Internet Service and IPSec VPN with 3G

•SMB Applications

•Enterprise Wireless Deployments with LWAPP

About the Deployment Scenarios

This chapter identifies and describes the features and functions of typical deployment scenarios. It provides a high-level overview of each scenario and provides pointers to information about new functions.

Major new features of the Cisco 860 series and 880 series ISRs include the following:

•3G wireless data connectivity backup (some Cisco 880 series ISRs)

•Voice capabilities (some Cisco 880 series ISRs)

•One embedded wireless device (optional)

•Power over Ethernet (all Cisco 880 series ISRs)

3G Wireless Backup

Some Cisco 880 series ISRs have 3G wireless data backup capability. See Chapter 5, "Configuring Backup Data Lines and Remote Management" for details.

Voice

Some Cisco 880 series ISRs contain voice capabilities. Refer to the Cisco IOS Voice Configuration Library for details.

Embedded Wireless Device

Cisco 860 and 880 series ISRs can contain an optional wireless device. It is a separate embedded processor that runs its own version of the Cisco IOS software and is capable of being configured as a WLAN access point.. See Chapter 2, "Wireless Device Overview" for a description of this device.

Power Over Ethernet

All Cisco 880 Series ISRs contain Power Over Ethernet (PoE) capabilities. See the Cisco 860 and Cisco 880 Series Integrated Services Router Hardware Installation Guide for details.

Enterprise Small Branch

Figure 18-1 shows an Enterprise Small Branch deployment that uses the following technologies and features:

•Group Encrypted Transport VPN (GETVPN) for highly scalable secure branch connectivity

•Cisco IOS firewall (FW) policies that secure the front line of network connectivity and provide network and application layer protection to the enterprise network

•Voice and multicast applications

•Quality of service (QoS) prioritizes critical applications and ensures timely delivery of latency- sensitive and mission-critical applications

Figure 18-1 Enterprise Small Branch

Internet Service and IPSec VPN with 3G

Figure 18-2 shows a remote office deployment thats uses 3G wireless technology for both backup and primary applications to communicate to their enterprise data center. Besides providiing direct Internet access employing Network Address Translation (NAT), Cisco 880 series ISRs can provide tunneled Virtual Private Network (VPN) service using IP Security and Generic Routing Encapsulation (IPSec+GRE) for secure and private communication over the public Internet.

Figure 18-2 Internet Service and IPSec VPN with 3G

SMB Applications

Figure 18-3 shows a small-to medium-size business deployment (SMB) that uses the following technologies and features at each branch office:

•Easy VPN with Virtual Tunnel Interface (VTI) to simplify secure VPN for remote offices and teleworkers.

•Deep packet inspection firewall for security. Firewalls provide the first level of access checking. They work with other security technologies, including intrusion prevention, encryption, and endpoint security, to provide a well-rounded defense-in-depth enterprise security system.

•Inline Intrusion Prevention Systems (IPS) protection provides additional security, and is a core facet of the Cisco Self-Defending Network, Cisco IOS IPS helps enable the network to defend itself with the intelligence to accurately classify, identify, and stop or block malicious or damaging traffic in real time.

•QoS provides timely delivery of latency-sensitive and mission-critical applications.

•ISDN connectivity backup provides network redundancy in the event that the primary service provider link fails.

•Support for existing analog voice and fax capabilities.

Figure 18-3 Small-to Medium-Size Business

Enterprise Wireless Deployments with LWAPP

Figure 18-4 shows an Enterprise wireless LAN deployment using Lightweight Access Point Protocol (LWAPP) and the following technologies and features:

•Broadband Internet access and VPN connection to a central site.

•Hybrid Remote Edge Access Point (H-REAP) provides wireless LAN services to remote and branch offices without using a wireless LAN controller at each location. With HREAP, organizations can bridge traffic locally, tunnel traffic over the WAN, or tunnel traffic over LWAPP on a per Service Set Identifier (SSID).

•Dynamic RF management with Cisco Wireless Control System (WCS).

•The ability to mix and match embedded access points with external access points.

Figure 18-4 Wireless LAN with LWAPP

	Cisco 860 and Cisco 880 Series Integrated Services Routers Software Configuration Guide
	Deployment Scenarios
Cisco 860 and Cisco 880 Series Integrated Services Routers Software Configuration Guide Preface Overview/Getting Started Product Overview Wireless Overview Basic Router Configuration Basic Wireless Device Configuration Configuring the Router Configuring Backup Data Lines and Remote Management Configuring Security Features Configuring the Ethernet Switches Configuring Voice Functionality Configuring and Administering the Wireless Device Service Set Identifiers Configuring the Radio Cipher Suites and WEP Authentication Types for Wireless Devices Configuring Wireless VLANs Using an Access Point as a Local Authenticator Hot Standby Access Points Workgroup Bridge Mode Administering the AP Additional Information Deployment Scenarios Troubleshooting Reference Information (Appendixes) Cisco IOS Software Basic Skills Concepts ROM Monitor Common Port Assignments System Message Logging Regulatory Domains and Channels	Download this chapter Deployment Scenarios Download the complete book Cisco 860 and Cisco 880 Series Integrated Services Routers Software Configuration Guide (PDF - 5 MB) Table Of Contents Deployment Scenarios About the Deployment Scenarios Enterprise Small Branch Internet Service and IPSec VPN with 3G SMB Applications Enterprise Wireless Deployments with LWAPP Deployment Scenarios In the following sections, this chapter describes and shows some typical deployment scenarios for the Cisco 860 series and 880 series Intergrated Services Routers (ISRs): •About the Deployment Scenarios •Enterprise Small Branch •Internet Service and IPSec VPN with 3G •SMB Applications •Enterprise Wireless Deployments with LWAPP About the Deployment Scenarios This chapter identifies and describes the features and functions of typical deployment scenarios. It provides a high-level overview of each scenario and provides pointers to information about new functions. Major new features of the Cisco 860 series and 880 series ISRs include the following: •3G wireless data connectivity backup (some Cisco 880 series ISRs) •Voice capabilities (some Cisco 880 series ISRs) •One embedded wireless device (optional) •Power over Ethernet (all Cisco 880 series ISRs) 3G Wireless Backup Some Cisco 880 series ISRs have 3G wireless data backup capability. See Chapter 5, "Configuring Backup Data Lines and Remote Management" for details. Voice Some Cisco 880 series ISRs contain voice capabilities. Refer to the Cisco IOS Voice Configuration Library for details. Embedded Wireless Device Cisco 860 and 880 series ISRs can contain an optional wireless device. It is a separate embedded processor that runs its own version of the Cisco IOS software and is capable of being configured as a WLAN access point.. See Chapter 2, "Wireless Device Overview" for a description of this device. Power Over Ethernet All Cisco 880 Series ISRs contain Power Over Ethernet (PoE) capabilities. See the Cisco 860 and Cisco 880 Series Integrated Services Router Hardware Installation Guide for details. Enterprise Small Branch Figure 18-1 shows an Enterprise Small Branch deployment that uses the following technologies and features: •Group Encrypted Transport VPN (GETVPN) for highly scalable secure branch connectivity •Cisco IOS firewall (FW) policies that secure the front line of network connectivity and provide network and application layer protection to the enterprise network •Voice and multicast applications •Quality of service (QoS) prioritizes critical applications and ensures timely delivery of latency- sensitive and mission-critical applications Figure 18-1 Enterprise Small Branch Internet Service and IPSec VPN with 3G Figure 18-2 shows a remote office deployment thats uses 3G wireless technology for both backup and primary applications to communicate to their enterprise data center. Besides providiing direct Internet access employing Network Address Translation (NAT), Cisco 880 series ISRs can provide tunneled Virtual Private Network (VPN) service using IP Security and Generic Routing Encapsulation (IPSec+GRE) for secure and private communication over the public Internet. Figure 18-2 Internet Service and IPSec VPN with 3G SMB Applications Figure 18-3 shows a small-to medium-size business deployment (SMB) that uses the following technologies and features at each branch office: •Easy VPN with Virtual Tunnel Interface (VTI) to simplify secure VPN for remote offices and teleworkers. •Deep packet inspection firewall for security. Firewalls provide the first level of access checking. They work with other security technologies, including intrusion prevention, encryption, and endpoint security, to provide a well-rounded defense-in-depth enterprise security system. •Inline Intrusion Prevention Systems (IPS) protection provides additional security, and is a core facet of the Cisco Self-Defending Network, Cisco IOS IPS helps enable the network to defend itself with the intelligence to accurately classify, identify, and stop or block malicious or damaging traffic in real time. •QoS provides timely delivery of latency-sensitive and mission-critical applications. •ISDN connectivity backup provides network redundancy in the event that the primary service provider link fails. •Support for existing analog voice and fax capabilities. Figure 18-3 Small-to Medium-Size Business Enterprise Wireless Deployments with LWAPP Figure 18-4 shows an Enterprise wireless LAN deployment using Lightweight Access Point Protocol (LWAPP) and the following technologies and features: •Broadband Internet access and VPN connection to a central site. •Hybrid Remote Edge Access Point (H-REAP) provides wireless LAN services to remote and branch offices without using a wireless LAN controller at each location. With HREAP, organizations can bridge traffic locally, tunnel traffic over the WAN, or tunnel traffic over LWAPP on a per Service Set Identifier (SSID). •Dynamic RF management with Cisco Wireless Control System (WCS). •The ability to mix and match embedded access points with external access points. Figure 18-4 Wireless LAN with LWAPP
	© 1992-2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.