Cisco Systems UBR924 Manual De Usuario
1-6
Cisco uBR924 Software Configuration Guide
OL-0337-05 (8/2002)
Chapter 1
Overview
Cisco IOS Software Release Feature Sets
•
Dynamic port mapping to allow network applications with well-known port assignments to use
customized port numbers. This can be done on a host-by-host basis or for an entire subnet, providing
a large degree of control over which users can access different applications.
customized port numbers. This can be done on a host-by-host basis or for an entire subnet, providing
a large degree of control over which users can access different applications.
•
Intrusion Detection System (IDS) that recognizes the signatures of 59 common attack profiles.
When an intrusion is detected, IDS can perform a number of actions: send an alarm to a syslog server
or to NetRanger Director, drop the packet, or reset the TCP connection.
When an intrusion is detected, IDS can perform a number of actions: send an alarm to a syslog server
or to NetRanger Director, drop the packet, or reset the TCP connection.
•
Java blocking to protect against destructive Java applets. Applets can be allowed from only known
and trusted sources or blocked completely.
and trusted sources or blocked completely.
•
Real time and configurable alerts and audit trail capabilities to record and timestamp source and
destination hosts.
destination hosts.
•
Support for a broad range of commonly used protocols, including H.323 and NetMeeting, FTP,
HTTP, MS Netshow, RPC, SMTP, SQL*Net, and TFTP.
HTTP, MS Netshow, RPC, SMTP, SQL*Net, and TFTP.
•
User-configurable audit rules, real-time alerts, and audit-trail logs.
This feature is introduced in Cisco IOS Release 12.0(5)T and is enhanced with additional capabilities in
12.0(7)T.
12.0(7)T.
Note
For general information about these features, see the description of the Cisco IOS Firewall Feature Set
in the Cisco Product Catalog. For detailed information, see the Cisco IOS Firewall Feature Set
documentation set, as well as the sections on Traffic Filtering and Firewalls in the Security Configuration
Guide and Security Command Reference (available on the Documentation CD-ROM and CCO).
in the Cisco Product Catalog. For detailed information, see the Cisco IOS Firewall Feature Set
documentation set, as well as the sections on Traffic Filtering and Firewalls in the Security Configuration
Guide and Security Command Reference (available on the Documentation CD-ROM and CCO).
DOCSIS-Compliant Bridging
DOCSIS-compliant bridging allows the Cisco uBR924 cable access router to operate as a DOCSIS 1.0
cable modem, so that it can interoperate with any DOCSIS-qualified CMTS. This is the default mode of
operation for the Cisco uBR924 router.
cable modem, so that it can interoperate with any DOCSIS-qualified CMTS. This is the default mode of
operation for the Cisco uBR924 router.
This feature is introduced in Cisco IOS Software Release 12.0(4)XI1.
DOCSIS Baseline Privacy Interface
The DOCSIS Baseline Privacy Interface (BPI) feature is based on the DOCSIS BPI Specification
(SP-BPI-I02-990319 or later revision). It provides data privacy across the Hybrid Fiber-Coaxial (HFC)
network by encrypting traffic flows between the Cisco uBR924 router and the cable operator’s CMTS.
(SP-BPI-I02-990319 or later revision). It provides data privacy across the Hybrid Fiber-Coaxial (HFC)
network by encrypting traffic flows between the Cisco uBR924 router and the cable operator’s CMTS.
This feature is introduced in Cisco IOS Software Release 12.0(5)T.
Dynamic Host Configuration Protocol Server
The DHCP server on the Cisco uBR924 router includes both Intelligent DHCP Relay and DHCP Client
functionality. A DHCP Relay Agent is any host that forwards DHCP packets between clients and
servers—this enables the client and server to reside on separate subnets. If the Cisco IOS DHCP server
cannot satisfy a DHCP request from its own database, it can forward the DHCP request to one or more
secondary DHCP servers defined by the network administrator.
functionality. A DHCP Relay Agent is any host that forwards DHCP packets between clients and
servers—this enables the client and server to reside on separate subnets. If the Cisco IOS DHCP server
cannot satisfy a DHCP request from its own database, it can forward the DHCP request to one or more
secondary DHCP servers defined by the network administrator.
This feature is introduced in Cisco IOS Release 12.0(4)XI.