What's the difference between the CISCO837-SEC-K9 and the CISCO837-K9?

We are in the process of setting up a remote office with VoIP to connect to
our 3Com NBX system at our server room. We need to decide between the
CISCO837-SEC-K9 and the CISCO837-K9 systems. We've gone through the Cisco
site (am I crazy or do they work at making it hard to use/read??) but it's
not really clear what we would get for the extra $100. Does anyone have a
simple summary of what the
advantages are of the SEC-K9 version vs. the K9?

It will be connecting to our network through a Cisco 2620 router......



TIA.

 

:We are in the process of setting up a remote office with VoIP to connect to
ur 3Com NBX system at our server room. We need to decide between the
:CISCO837-SEC-K9 and the CISCO837-K9 systems. We've gone through the Cisco
:site (am I crazy or do they work at making it hard to use/read??) but it's
:not really clear what we would get for the extra $100. Does anyone have a
:simple summary of what the
:advantages are of the SEC-K9 version vs. the K9?

http://www.cisco.com/en/US/products/hw/routers/ps380/products_data_sheet09186a008010e5c5.html

See Table 4. The -SEC-K9 version has the PLUS feature set (second
column), the non-SEC -K9 version does not (first column).


I notice that neither has QoS, so if you are planning to run
data as well as voice, it might not be the best device for the task.
If, though, the transport between the two offices does not support QoS
[e.g., an internet link instead of a point-to-point link] then
it doesn't matter.

 

Hank,

The only difference I can see is the software included with the unit. The
CISCO837-SEC-K9 inclues IOS with IP/FW/PLUS 3DES software and the
CISCO837-K9 has IP/FW 3DES software. The following table outlines the
different features between the CISCO837-SEC-K9 (on the left) and the
CISCO837-K9 (on the right).

Scott.

Search Results
First Image Information Second Image Information

Image Name (Dram/Flash) c837-k9o3sy6-mz.12.2-13.ZH (32/8)

Enterprise Product Number
S837CHPK9-12213ZH
S837CHPK9-12213ZH=


Image Name (Dram/Flash) c837-k9o3y6-mz.12.2-13.ZH (32/8)

Enterprise Product Number
S837CHK9-12213ZH
S837CHK9-12213ZH=


Deferred Image View MIBs Release Notes
Deferred Image View MIBs Release Notes

Features Unique to First Image Features Unique to Second Image
Additional Vendor-Proprietary RADIUS Attributes
Class-Based Policing
Committed Access Rate (CAR)
Enhanced IGRP (EIGRP)
Enhanced IGRP Stub Routing
IP Enhanced IGRP Route Authentication
IP Named Access Control List
Multi-ISA
Next Hop Resolution Protocol (NHRP)
Policer Enhancement - Multiple Actions
PPPoE Radius Port Identification
RADIUS
RADIUS Attribute 44 (Accounting Session ID) in Access Requests
RADIUS Attribute 66 (Tunnel-Client-Endpoint) Enhancements
RADIUS Attribute 82: Tunnel Assignment Id
RADIUS Attribute Value Screening
RADIUS for Multiple User Datagram Protocol Ports
RADIUS Progress Codes
RADIUS Route Download
RADIUS Tunnel Attribute Extensions
RADIUS Tunnel Preference for Load Balancing and Fail-over
Reflexive Access Lists
Single Rate 3-Color Marker for Traffic Policing
Two-Rate Policer
WCCP Redirection on Inbound Interfaces
WCCP Version 1
WCCP Version 2

Common Features in Both Images
AAA Broadcast Accounting
AAA DNIS Map for Authorization
AAA Resource Accounting
AAA Server Group
AAA Server Group Deadtimer
AAA Server Group Enhancements
AAA Server Groups Based on DNIS
AAA-PPP-VPDN Non-Blocking
Ability to Disable Xauth for Static IPsec Peers
Accounting of VPDN Disconnect Cause
ACL Authentication of Incoming RSH and RCP
ACL Default Direction
Address Resolution Protocol (ARP)
ADSL - Asymmetric Digital Subscriber Line Support
Authentication Proxy Accounting for HTTP
AutoInstall Using DHCP for LAN Interfaces
Automatic modem configuration
Bandwidth Allocation Control Protocol (BACP)
Bidirectional PIM
CEF on Multipoint GRE Tunnels
CEF/dCEF - Cisco Express Forwarding
Certificate Auto-Enrollment
Certificate Enrollment Enhancements
Certification Authority Interoperability (CA)
Challege Handshake Authentication Protocol (CHAP)
Circuit Interface Identification Persistence for SNMP
Cisco Discovery Protocol (CDP)
Cisco Discovery Protocol (CDP) over ATM
Class Based Ethernet CoS Matching & Marking (802.1p & ISL CoS)
Class Based Weighted Fair Queuing (CBWFQ)
Class-Based Frame-Relay DE-Bit Matching and Marking
Class-Based Marking
CLI String Search
ClickStart
CNS Agents SSL Security
CNS Configuration Agent
CNS Event Agent
CNS Flow-Through Provisioning
Commented IP Access List Entries
Compression Control Protocol
Configurable per ATM-VC Hold Queue size
Connect-Info RADIUS Attribute 77
Context-Based Access Control (CBAC)
Crashinfo Support
Custom Queueing (CQ)
Customer Profile Idle Timer Enhancements for Interesting Traffic
Default Passive Interface
DF Bit Override Functionality with IPSec Tunnels
DHCP Client
DHCP Client - Dynamic Subnet Allocation API
DHCP Client on WAN Interfaces
DHCP Proxy Client
DHCP Relay - MPLS VPN Support
DHCP Relay Agent Support for Unnumbered Interfaces
DHCP Server - On Demand Address Pool Manager
DHCP Server - Option to Ignore all BOOTP Requests
DHCP Server Options - Import and Autoconfiguration
DHCP Server-Easy IP Phase 2
Dial backup
Dial on Demand Authentication Enhancements
Dial-on-demand
Dialer CEF
Dialer Idle Timer Inbound Traffic Configuration
Dialer Persistent
Dialer profiles
Dialer Watch
Dialer Watch Connect Delay
Diffie-Hellman Group 5
Diffserv Compliant WRED
Direct http enroll with CA servers
Distinguished Name Based Crypto Maps
Double Authentication
Easy IP (Phase 1)
Easy VPN Remote
Easy VPN Remote Enhancements
Encrypted Vendor Specific Attributes
Enhanced Password Security
Enhanced Test Command
Event Tracer
Fast-Switched Policy Routing
Firewall Authentication Proxy
Firewall Authentication Proxy for FTP and Telnet Sessions
Firewall Feature Set
Firewall Intrusion Detection System
Firewall N2H2 Support
Firewall Support for SIP
Firewall Websense URL Filtering
Flow-Based WRED
G.SHDSL Symmetric DSL Support
Generic Routing Encapsulation (GRE)
Generic Routing Encapsulation (GRE) Tunnel Keepalive
Half bridge/half router for CPP and PPP
HSRP - Hot Standby Router Protocol
HSRP - Hot Standby Router Protocol and IPSec
HSRP support for ICMP Redirects
HSRP support for MPLS VPNs
IGMP Fast Leave
IGMP MIB Support Enhancements for SNMP
IGMP Version 3
IGMP Version 3 - Explicit Tracking of Hosts, Groups, and
Channels
IKE - Initiate Aggressive Mode
IKE Extended Authentication (Xauth)
IKE Mode Configuration
IKE Security Protocol
IKE Shared Secret Using AAA Server
Integrated routing and bridging (IRB)
Interface Alias Long Name Support
Interface Index Display
Interface Index Persistence
Interface Range Specification
IP Multicast Load Splitting across Equal-Cost Paths
IP Precedence Accounting
IP Precedence for GRE Tunnels
IP Routing
IP Summary Address for RIPv2
IP to ATM CoS, per-VC WFQ and CBWFQ
IP-to-ATM CoS
IPSec MIB Support for Cisco IPSec VPN Management
IPSec Network Security
IPSec Triple DES Encryption (3DES)
IPSec VPN High Availability Enhancements
L2TP Dial-Out
L2TP Layer 2 Tunneling Protocol
L2TP Security
L2TP Tunnel Preservation of IP TOS
Layer 2 Forwarding-Fast Switching
Link Fragmentation and Interleaving (LFI) for Frame Relay and
ATM Virtual Circuits
Lock and Key
Low Latency Queueing (LLQ)
Low Latency Queueing (LLQ) with Priority Percentage Support
LSDO: L2TP Large-Scale Dial-Out
MD5 File Validation
Message Banners for AAA Authentication
Microsoft Point-to-Point Compression (MPPC)
Modem Script and System Script Support in LSDO
Modular QoS CLI (MQC)
MS Callback
MS-CHAP Version 1
Multihop VPDN
Multilink PPP
Multilink PPP Enable/Disable via Radius for Preauthentication
User
Multiple RSA Keypair Support
Named Method Lists for AAA Authorization and Accounting
NAT - Static Mapping Support with HSRP for High-Availability
NAT-Ability to use Routes Maps with Static Translations
NAT-Enhanced H.225/H.245 Forwarding Engine
NAT-Network Address Translation
NAT-Support for NetMeeting Directory (Internet Locator Service -
ILS)
NAT-Support of H.323v2 Call Signaling (FastConnect)
NAT-Support of H.323v2 RAS
NAT-Support of IP Phone to Cisco Call Manager
NAT-Translation of external IP Addresses only
Netflow
NetFlow Aggregation
Netflow Multiple Export Destinations
NetFlow Policy Routing (NPR)
NetFlow ToS-Based Router Aggregation
Offload Server Accounting Enhancement
On Demand Routing (ODR)
Optimized PPP Negotiation
Parse Bookmarks
Parser Cache
Password Authentication Protocol (PAP)
Per-User Configuration
PIM Dense Mode State Refresh
PIM MIB Extension for IP Multicast
PIM Multicast Scalability
PIM Version 1
PIM Version 2
Policy-Based Routing (PBR)
Port to Application Mapping (PAM)
PPP
PPP over ATM
PPP over ATM (IETF-Compliant)
PPP over ATM SVCs
PPPoA/PPPoE autosense for ATM PVCs
PPPoE Client
PPPoE MTU Adjustment
PPPoE on Ethernet
PPPoE over Gigabit Ethernet interface
PPPoE Session limit
Preauthentication with ISDN PRI and Channel-Associated
Signalling Enhancements
Priority Queueing (PQ)
QoS for Virtual Private Networks
QoS Packet Marking
QoS Priority Percentage CLI Support
Redial Enhancements
Resource Pool Management with Direct Remote Services
Response Time Reporter (RTR)
Response Time Reporter (RTR) enhancements
Reverse Route Injection (RRI)
RGMP - Router-Port Group Management Protocol
RIP
Rotating Through Dial Strings
Secure Copy (SCP)
Secure Shell SSH Terminal-line access
Secure Shell SSH Version 1 Integrated Client
Secure Shell SSH Version 1 Server Support
Selective Packet Discard (SPD)
Selective Virtual-Access Interface Creation
Service Assurance Agent (SAA) DHCP Operation
Service Assurance Agent (SAA) Distribution of Data
Service Assurance Agent (SAA) DLSW Operation
Service Assurance Agent (SAA) DNS Operation
Service Assurance Agent (SAA) Frame Relay Operation
Service Assurance Agent (SAA) FTP Operation
Service Assurance Agent (SAA) History Statistics
Service Assurance Agent (SAA) HTTP Operation
Service Assurance Agent (SAA) ICMP Echo Operation
Service Assurance Agent (SAA) ICMP Path Echo Operation
Service Assurance Agent (SAA) Jitter Operation
Service Assurance Agent (SAA) MPLS VPN Operation
Service Assurance Agent (SAA) One Way Jitter
Service Assurance Agent (SAA) Path Jitter
Service Assurance Agent (SAA) Reaction Threshold
Service Assurance Agent (SAA) Scheduling Operation
Service Assurance Agent (SAA) SNA LU2 Echo
Service Assurance Agent (SAA) SNMP Support
Service Assurance Agent (SAA) TCP Connect Operation
Service Assurance Agent (SAA) UDP Echo Operation
Shell-Based Authentication of VPDN Users
Simple Network Time Protocol (SNTP)
Simple Network-enabled Auto Provisioning (SNAP)
Snapshot routing
SNMP (Simple Network Management Protocol)
SNMP Support over VPN
SNMP Version 3
SNMPv2C
Source Specific Multicast (SSM)
Source Specific Multicast (SSM) - IGMPv3,IGMP v3lite, and URD
Spanning Tree Protocol (STP)
Spanning Tree Protocol (STP) - Loop Guard
Spanning Tree Protocol (STP) - Portfast
Spanning Tree Protocol (STP) - Uplink Load Balancing
Spanning Tree Protocol (STP) Extension
Standard IP Access List Logging
Stub IP Multicast Routing
Tacacs SENDAUTH function
Tacacs Single Connection
TACACS+
TCP Window Scaling
Time-Based Access Lists Using Time Ranges
Timer and Retry Enhancements for L2TP and L2F
Transparent Bridging
Triggered RIP
Trusted Root Certification Authority
Trustpoint CLI
Tunnel Endpoint Discovery
Tunnel Type of Service (TOS)
Turbo Flooding of UDP Datagrams
TX Ring adjustment
UDLR Tunnel ARP and IGMP Proxy
Uni-Directional Link Routing (UDLR)
Unicast Reverse Path Forwarding (uRPF)
User Maximum Links
Using 31-bit Prefixes on IPv4 Point-to-Point Links
V.92 Modem on Hold
Virtual Interface Template Service
Virtual Private Dial-up Network (VPDN)
Virtual Profile CEF Switched
Virtual Profiles
Virtual Router Redundancy Protocol (VRRP)
VPDN Default Group Template
VPDN Group Session Limiting
VPN Routing Forwarding (VRF) Framed Route (Pool) Assignment via
PPP
VPN Tunnel Management
Weighted Fair Queueing (WFQ)
Weighted RED (WRED)
Wildcard Pre-Shared Key
WRED Enhancement - Explicit Congestion Notification (ECN)
x Digital Subscriber Line (xDSL) Bridge Support

 

Thanks. For now the data and voice will be over different paths. Also, it is
a DSL connection (one reason we chose this model). However, from what I
read, there *is* QoS... From the first description of the series:

The Cisco® 830 Series of secure broadband routers is ideal for providing
secure Internet and corporate network connectivity to small remote offices
and to teleworkers. Cisco 830 Series routers provide a wide range of
integrated security services and advanced quality of service (QoS) features
for high-quality data, voice, and video applications. They offer easy
deployment and remote management features with Cisco IOS® Software.

And in the first part of the table:

IP QoS-Low Latency Queuing (LLQ), Pre-classify, Pre-fragmentation,
Weighted Random Early Detection (WRED), Committed Access Rate (CAR), and
Class-Based Traffic Shaping
a.. Ensures consistent response times for multiple applications by
intelligently allocating bandwidth
b.. Allows for classification of applications and gives the most important
applications priority use of the WAN line
c.. Provides congestion avoidance by throttling down certain Transmission
Control Protocol (TCP) sessions, depending on each session's
priority level


Is a "different" QoS than what you were thinking of??

 

Hank,

My VoIP knowledge isnt that great, but I know that it is sensitivite to
packet round trip times and packet delay. If you going to be putting VoIP
over an internet connection you need to be carefull because sa soon as the
packets leave your router (after they have been tagged as high priority and
your router has queued them in the priority queue (giving them 1st class
serice)) your ISPs will not honour the priority you have assigned it.
Because the ISPs dont care about quality of your service VoIP can be flakey
on the internet. Have a look at this URL from cisco's site
http://www.cisco.com/en/US/about/ac..._cisco_packet_technology09186a00801016da.html ,
it has some basic information on what your trying to do.

Scott.