What's the difference between the CISCO837-SEC-K9 and the CISCO837-K9?

Discussion in 'Cisco' started by Hank Arnold, Dec 30, 2003.

  1. Hank Arnold

    Hank Arnold Guest

    We are in the process of setting up a remote office with VoIP to connect to
    our 3Com NBX system at our server room. We need to decide between the
    CISCO837-SEC-K9 and the CISCO837-K9 systems. We've gone through the Cisco
    site (am I crazy or do they work at making it hard to use/read??) but it's
    not really clear what we would get for the extra $100. Does anyone have a
    simple summary of what the
    advantages are of the SEC-K9 version vs. the K9?

    It will be connecting to our network through a Cisco 2620 router......

    Hank Arnold, Dec 30, 2003
    1. Advertisements

  2. :We are in the process of setting up a remote office with VoIP to connect to
    :eek:ur 3Com NBX system at our server room. We need to decide between the
    :CISCO837-SEC-K9 and the CISCO837-K9 systems. We've gone through the Cisco
    :site (am I crazy or do they work at making it hard to use/read??) but it's
    :not really clear what we would get for the extra $100. Does anyone have a
    :simple summary of what the
    :advantages are of the SEC-K9 version vs. the K9?


    See Table 4. The -SEC-K9 version has the PLUS feature set (second
    column), the non-SEC -K9 version does not (first column).

    I notice that neither has QoS, so if you are planning to run
    data as well as voice, it might not be the best device for the task.
    If, though, the transport between the two offices does not support QoS
    [e.g., an internet link instead of a point-to-point link] then
    it doesn't matter.
    Walter Roberson, Dec 30, 2003
    1. Advertisements

  3. Hank,

    The only difference I can see is the software included with the unit. The
    CISCO837-SEC-K9 inclues IOS with IP/FW/PLUS 3DES software and the
    CISCO837-K9 has IP/FW 3DES software. The following table outlines the
    different features between the CISCO837-SEC-K9 (on the left) and the
    CISCO837-K9 (on the right).


    Search Results
    First Image Information Second Image Information

    Image Name (Dram/Flash) c837-k9o3sy6-mz.12.2-13.ZH (32/8)

    Enterprise Product Number

    Image Name (Dram/Flash) c837-k9o3y6-mz.12.2-13.ZH (32/8)

    Enterprise Product Number

    Deferred Image View MIBs Release Notes
    Deferred Image View MIBs Release Notes

    Features Unique to First Image Features Unique to Second Image
    Additional Vendor-Proprietary RADIUS Attributes
    Class-Based Policing
    Committed Access Rate (CAR)
    Enhanced IGRP (EIGRP)
    Enhanced IGRP Stub Routing
    IP Enhanced IGRP Route Authentication
    IP Named Access Control List
    Next Hop Resolution Protocol (NHRP)
    Policer Enhancement - Multiple Actions
    PPPoE Radius Port Identification
    RADIUS Attribute 44 (Accounting Session ID) in Access Requests
    RADIUS Attribute 66 (Tunnel-Client-Endpoint) Enhancements
    RADIUS Attribute 82: Tunnel Assignment Id
    RADIUS Attribute Value Screening
    RADIUS for Multiple User Datagram Protocol Ports
    RADIUS Progress Codes
    RADIUS Route Download
    RADIUS Tunnel Attribute Extensions
    RADIUS Tunnel Preference for Load Balancing and Fail-over
    Reflexive Access Lists
    Single Rate 3-Color Marker for Traffic Policing
    Two-Rate Policer
    WCCP Redirection on Inbound Interfaces
    WCCP Version 1
    WCCP Version 2

    Common Features in Both Images
    AAA Broadcast Accounting
    AAA DNIS Map for Authorization
    AAA Resource Accounting
    AAA Server Group
    AAA Server Group Deadtimer
    AAA Server Group Enhancements
    AAA Server Groups Based on DNIS
    AAA-PPP-VPDN Non-Blocking
    Ability to Disable Xauth for Static IPsec Peers
    Accounting of VPDN Disconnect Cause
    ACL Authentication of Incoming RSH and RCP
    ACL Default Direction
    Address Resolution Protocol (ARP)
    ADSL - Asymmetric Digital Subscriber Line Support
    Authentication Proxy Accounting for HTTP
    AutoInstall Using DHCP for LAN Interfaces
    Automatic modem configuration
    Bandwidth Allocation Control Protocol (BACP)
    Bidirectional PIM
    CEF on Multipoint GRE Tunnels
    CEF/dCEF - Cisco Express Forwarding
    Certificate Auto-Enrollment
    Certificate Enrollment Enhancements
    Certification Authority Interoperability (CA)
    Challege Handshake Authentication Protocol (CHAP)
    Circuit Interface Identification Persistence for SNMP
    Cisco Discovery Protocol (CDP)
    Cisco Discovery Protocol (CDP) over ATM
    Class Based Ethernet CoS Matching & Marking (802.1p & ISL CoS)
    Class Based Weighted Fair Queuing (CBWFQ)
    Class-Based Frame-Relay DE-Bit Matching and Marking
    Class-Based Marking
    CLI String Search
    CNS Agents SSL Security
    CNS Configuration Agent
    CNS Event Agent
    CNS Flow-Through Provisioning
    Commented IP Access List Entries
    Compression Control Protocol
    Configurable per ATM-VC Hold Queue size
    Connect-Info RADIUS Attribute 77
    Context-Based Access Control (CBAC)
    Crashinfo Support
    Custom Queueing (CQ)
    Customer Profile Idle Timer Enhancements for Interesting Traffic
    Default Passive Interface
    DF Bit Override Functionality with IPSec Tunnels
    DHCP Client
    DHCP Client - Dynamic Subnet Allocation API
    DHCP Client on WAN Interfaces
    DHCP Proxy Client
    DHCP Relay - MPLS VPN Support
    DHCP Relay Agent Support for Unnumbered Interfaces
    DHCP Server - On Demand Address Pool Manager
    DHCP Server - Option to Ignore all BOOTP Requests
    DHCP Server Options - Import and Autoconfiguration
    DHCP Server-Easy IP Phase 2
    Dial backup
    Dial on Demand Authentication Enhancements
    Dialer CEF
    Dialer Idle Timer Inbound Traffic Configuration
    Dialer Persistent
    Dialer profiles
    Dialer Watch
    Dialer Watch Connect Delay
    Diffie-Hellman Group 5
    Diffserv Compliant WRED
    Direct http enroll with CA servers
    Distinguished Name Based Crypto Maps
    Double Authentication
    Easy IP (Phase 1)
    Easy VPN Remote
    Easy VPN Remote Enhancements
    Encrypted Vendor Specific Attributes
    Enhanced Password Security
    Enhanced Test Command
    Event Tracer
    Fast-Switched Policy Routing
    Firewall Authentication Proxy
    Firewall Authentication Proxy for FTP and Telnet Sessions
    Firewall Feature Set
    Firewall Intrusion Detection System
    Firewall N2H2 Support
    Firewall Support for SIP
    Firewall Websense URL Filtering
    Flow-Based WRED
    G.SHDSL Symmetric DSL Support
    Generic Routing Encapsulation (GRE)
    Generic Routing Encapsulation (GRE) Tunnel Keepalive
    Half bridge/half router for CPP and PPP
    HSRP - Hot Standby Router Protocol
    HSRP - Hot Standby Router Protocol and IPSec
    HSRP support for ICMP Redirects
    HSRP support for MPLS VPNs
    IGMP Fast Leave
    IGMP MIB Support Enhancements for SNMP
    IGMP Version 3
    IGMP Version 3 - Explicit Tracking of Hosts, Groups, and
    IKE - Initiate Aggressive Mode
    IKE Extended Authentication (Xauth)
    IKE Mode Configuration
    IKE Security Protocol
    IKE Shared Secret Using AAA Server
    Integrated routing and bridging (IRB)
    Interface Alias Long Name Support
    Interface Index Display
    Interface Index Persistence
    Interface Range Specification
    IP Multicast Load Splitting across Equal-Cost Paths
    IP Precedence Accounting
    IP Precedence for GRE Tunnels
    IP Routing
    IP Summary Address for RIPv2
    IP to ATM CoS, per-VC WFQ and CBWFQ
    IP-to-ATM CoS
    IPSec MIB Support for Cisco IPSec VPN Management
    IPSec Network Security
    IPSec Triple DES Encryption (3DES)
    IPSec VPN High Availability Enhancements
    L2TP Dial-Out
    L2TP Layer 2 Tunneling Protocol
    L2TP Security
    L2TP Tunnel Preservation of IP TOS
    Layer 2 Forwarding-Fast Switching
    Link Fragmentation and Interleaving (LFI) for Frame Relay and
    ATM Virtual Circuits
    Lock and Key
    Low Latency Queueing (LLQ)
    Low Latency Queueing (LLQ) with Priority Percentage Support
    LSDO: L2TP Large-Scale Dial-Out
    MD5 File Validation
    Message Banners for AAA Authentication
    Microsoft Point-to-Point Compression (MPPC)
    Modem Script and System Script Support in LSDO
    Modular QoS CLI (MQC)
    MS Callback
    MS-CHAP Version 1
    Multihop VPDN
    Multilink PPP
    Multilink PPP Enable/Disable via Radius for Preauthentication
    Multiple RSA Keypair Support
    Named Method Lists for AAA Authorization and Accounting
    NAT - Static Mapping Support with HSRP for High-Availability
    NAT-Ability to use Routes Maps with Static Translations
    NAT-Enhanced H.225/H.245 Forwarding Engine
    NAT-Network Address Translation
    NAT-Support for NetMeeting Directory (Internet Locator Service -
    NAT-Support of H.323v2 Call Signaling (FastConnect)
    NAT-Support of H.323v2 RAS
    NAT-Support of IP Phone to Cisco Call Manager
    NAT-Translation of external IP Addresses only
    NetFlow Aggregation
    Netflow Multiple Export Destinations
    NetFlow Policy Routing (NPR)
    NetFlow ToS-Based Router Aggregation
    Offload Server Accounting Enhancement
    On Demand Routing (ODR)
    Optimized PPP Negotiation
    Parse Bookmarks
    Parser Cache
    Password Authentication Protocol (PAP)
    Per-User Configuration
    PIM Dense Mode State Refresh
    PIM MIB Extension for IP Multicast
    PIM Multicast Scalability
    PIM Version 1
    PIM Version 2
    Policy-Based Routing (PBR)
    Port to Application Mapping (PAM)
    PPP over ATM
    PPP over ATM (IETF-Compliant)
    PPP over ATM SVCs
    PPPoA/PPPoE autosense for ATM PVCs
    PPPoE Client
    PPPoE MTU Adjustment
    PPPoE on Ethernet
    PPPoE over Gigabit Ethernet interface
    PPPoE Session limit
    Preauthentication with ISDN PRI and Channel-Associated
    Signalling Enhancements
    Priority Queueing (PQ)
    QoS for Virtual Private Networks
    QoS Packet Marking
    QoS Priority Percentage CLI Support
    Redial Enhancements
    Resource Pool Management with Direct Remote Services
    Response Time Reporter (RTR)
    Response Time Reporter (RTR) enhancements
    Reverse Route Injection (RRI)
    RGMP - Router-Port Group Management Protocol
    Rotating Through Dial Strings
    Secure Copy (SCP)
    Secure Shell SSH Terminal-line access
    Secure Shell SSH Version 1 Integrated Client
    Secure Shell SSH Version 1 Server Support
    Selective Packet Discard (SPD)
    Selective Virtual-Access Interface Creation
    Service Assurance Agent (SAA) DHCP Operation
    Service Assurance Agent (SAA) Distribution of Data
    Service Assurance Agent (SAA) DLSW Operation
    Service Assurance Agent (SAA) DNS Operation
    Service Assurance Agent (SAA) Frame Relay Operation
    Service Assurance Agent (SAA) FTP Operation
    Service Assurance Agent (SAA) History Statistics
    Service Assurance Agent (SAA) HTTP Operation
    Service Assurance Agent (SAA) ICMP Echo Operation
    Service Assurance Agent (SAA) ICMP Path Echo Operation
    Service Assurance Agent (SAA) Jitter Operation
    Service Assurance Agent (SAA) MPLS VPN Operation
    Service Assurance Agent (SAA) One Way Jitter
    Service Assurance Agent (SAA) Path Jitter
    Service Assurance Agent (SAA) Reaction Threshold
    Service Assurance Agent (SAA) Scheduling Operation
    Service Assurance Agent (SAA) SNA LU2 Echo
    Service Assurance Agent (SAA) SNMP Support
    Service Assurance Agent (SAA) TCP Connect Operation
    Service Assurance Agent (SAA) UDP Echo Operation
    Shell-Based Authentication of VPDN Users
    Simple Network Time Protocol (SNTP)
    Simple Network-enabled Auto Provisioning (SNAP)
    Snapshot routing
    SNMP (Simple Network Management Protocol)
    SNMP Support over VPN
    SNMP Version 3
    Source Specific Multicast (SSM)
    Source Specific Multicast (SSM) - IGMPv3,IGMP v3lite, and URD
    Spanning Tree Protocol (STP)
    Spanning Tree Protocol (STP) - Loop Guard
    Spanning Tree Protocol (STP) - Portfast
    Spanning Tree Protocol (STP) - Uplink Load Balancing
    Spanning Tree Protocol (STP) Extension
    Standard IP Access List Logging
    Stub IP Multicast Routing
    Tacacs SENDAUTH function
    Tacacs Single Connection
    TCP Window Scaling
    Time-Based Access Lists Using Time Ranges
    Timer and Retry Enhancements for L2TP and L2F
    Transparent Bridging
    Triggered RIP
    Trusted Root Certification Authority
    Trustpoint CLI
    Tunnel Endpoint Discovery
    Tunnel Type of Service (TOS)
    Turbo Flooding of UDP Datagrams
    TX Ring adjustment
    UDLR Tunnel ARP and IGMP Proxy
    Uni-Directional Link Routing (UDLR)
    Unicast Reverse Path Forwarding (uRPF)
    User Maximum Links
    Using 31-bit Prefixes on IPv4 Point-to-Point Links
    V.92 Modem on Hold
    Virtual Interface Template Service
    Virtual Private Dial-up Network (VPDN)
    Virtual Profile CEF Switched
    Virtual Profiles
    Virtual Router Redundancy Protocol (VRRP)
    VPDN Default Group Template
    VPDN Group Session Limiting
    VPN Routing Forwarding (VRF) Framed Route (Pool) Assignment via
    VPN Tunnel Management
    Weighted Fair Queueing (WFQ)
    Weighted RED (WRED)
    Wildcard Pre-Shared Key
    WRED Enhancement - Explicit Congestion Notification (ECN)
    x Digital Subscriber Line (xDSL) Bridge Support
    scott enwright, Dec 31, 2003
  4. Hank Arnold

    Hank Arnold Guest

    Thanks. For now the data and voice will be over different paths. Also, it is
    a DSL connection (one reason we chose this model). However, from what I
    read, there *is* QoS... From the first description of the series:

    The Cisco® 830 Series of secure broadband routers is ideal for providing
    secure Internet and corporate network connectivity to small remote offices
    and to teleworkers. Cisco 830 Series routers provide a wide range of
    integrated security services and advanced quality of service (QoS) features
    for high-quality data, voice, and video applications. They offer easy
    deployment and remote management features with Cisco IOS® Software.

    And in the first part of the table:

    IP QoS-Low Latency Queuing (LLQ), Pre-classify, Pre-fragmentation,
    Weighted Random Early Detection (WRED), Committed Access Rate (CAR), and
    Class-Based Traffic Shaping
    a.. Ensures consistent response times for multiple applications by
    intelligently allocating bandwidth
    b.. Allows for classification of applications and gives the most important
    applications priority use of the WAN line
    c.. Provides congestion avoidance by throttling down certain Transmission
    Control Protocol (TCP) sessions, depending on each session's
    priority level

    Is a "different" QoS than what you were thinking of??
    Hank Arnold, Dec 31, 2003
  5. Hank,

    My VoIP knowledge isnt that great, but I know that it is sensitivite to
    packet round trip times and packet delay. If you going to be putting VoIP
    over an internet connection you need to be carefull because sa soon as the
    packets leave your router (after they have been tagged as high priority and
    your router has queued them in the priority queue (giving them 1st class
    serice)) your ISPs will not honour the priority you have assigned it.
    Because the ISPs dont care about quality of your service VoIP can be flakey
    on the internet. Have a look at this URL from cisco's site
    http://www.cisco.com/en/US/about/ac..._cisco_packet_technology09186a00801016da.html ,
    it has some basic information on what your trying to do.


    scott enwright, Jan 1, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.