Cisco Systems UBR900 User Manual
Feature Overview
4
Cisco IOS Release 12.0(7)T
In firewall mode, the Cisco uBR900 series cable access router provides a high-speed Internet
connection for an office’s local network while protecting the computers on the office network from
common attacks such as denial of service attacks and destructive Java applets, as well as real-time
alerts of such attacks.
connection for an office’s local network while protecting the computers on the office network from
common attacks such as denial of service attacks and destructive Java applets, as well as real-time
alerts of such attacks.
The Small Office feature set can be optionally extended with support for IPSec encryption to ensure
that the traffic passed over the Internet cannot be intercepted. You can select either standard 56-bit
IPSec Network Security encryption or high-security 168-bit Triple Data Encryption Standard (DES)
encryption.
that the traffic passed over the Internet cannot be intercepted. You can select either standard 56-bit
IPSec Network Security encryption or high-security 168-bit Triple Data Encryption Standard (DES)
encryption.
Telecommuter
In addition to full DOCSIS 1.0 support and all of the functionality of the Easy IP feature set, the
Telecommuter feature set supports IPSec encryption and the Layer 2 Tunneling Protocol (L2TP),
which can establish secure high-speed Internet connections between employees’ homes and the
office local network.
Telecommuter feature set supports IPSec encryption and the Layer 2 Tunneling Protocol (L2TP),
which can establish secure high-speed Internet connections between employees’ homes and the
office local network.
IPSec is an IP security feature that provides robust authentications and encryption of IP packets for
the secure transmission of sensitive information over unprotected networks such as the Internet. You
can select either standard 56-bit IPSec Network Security encryption or high-security 168-bit Triple
Data Encryption Standard (DES) encryption.
the secure transmission of sensitive information over unprotected networks such as the Internet. You
can select either standard 56-bit IPSec Network Security encryption or high-security 168-bit Triple
Data Encryption Standard (DES) encryption.
L2TP is an extension of the Point-to-Point Protocol (PPP) that allows computers on different
physical networks to interoperate as if they were on the same local area network (LAN). These
features are important components for Virtual Private Networks (VPNs).
physical networks to interoperate as if they were on the same local area network (LAN). These
features are important components for Virtual Private Networks (VPNs).
Note
The Telecommuter feature set does not require the firewall feature set because the individual
telecommuter has a secure connection to the office network. The office network, however, should
implement a firewall for its own connection to the Internet.
implement a firewall for its own connection to the Internet.
Data Operations
Figure 1 illustrates a typical broadband data cable system. Data transmitted to a Cisco uBR900 series
cable access router from the service provider’s CMTS shares a 27 or 26 Mbps, 6 MHz data channel
in the 88 to 860 MHz range. The Cisco uBR900 series cable access router shares an upstream data
rate of up to 10 Mbps on a 200 kHz-wide to 3.2 MHz-wide channel in the 5 to 42 MHz range.
cable access router from the service provider’s CMTS shares a 27 or 26 Mbps, 6 MHz data channel
in the 88 to 860 MHz range. The Cisco uBR900 series cable access router shares an upstream data
rate of up to 10 Mbps on a 200 kHz-wide to 3.2 MHz-wide channel in the 5 to 42 MHz range.
Note
End-to-end throughput varies based on the design and loading of network components, the
mix of traffic, the processing speed and interface of the host server(s), the processing speed and local
Ethernet performance of the subscriber’s computer, as well as other parameters. Since the network
can be configured to support multiple levels of service to meet differing market price/performance
requirements, the subscriber’s service level agreement also affects throughput. DOCSIS further
contains some fundamental performance limitations because standards are designed to give a larger
number of customers good performance, rather than permitting a few users to consume the entire
capacity.
Ethernet performance of the subscriber’s computer, as well as other parameters. Since the network
can be configured to support multiple levels of service to meet differing market price/performance
requirements, the subscriber’s service level agreement also affects throughput. DOCSIS further
contains some fundamental performance limitations because standards are designed to give a larger
number of customers good performance, rather than permitting a few users to consume the entire
capacity.