However, for NAC to function the router must have a connection via RADIUS to a system running Cisco’s Secure ACS (access control server). This separate component maintains NAC access policies and combines with a Cisco Trust Agent (CTA) running on each host. Each client is permitted or denied access by Cisco’s NAD (network access device) and this component runs on the 877W.
IPSec VPNs features are extensive as the 877W offers hardware assisted 3DES and AES encryption and supports up to ten simultaneous tunnels. Even here Cisco doesn’t let the side down as it offers masses of wizards for site-to-site tunnels and mobile client connections. The latter also includes the WebVPN feature for creating SSL VPNs which will require the remote user to have Cisco’s client software installed.
Setting up wireless access is a little more tricky as SDM fires up a separate interface for this function where you can elect to use bridging or routing. For the latter the 877W supports no less than sixteen SSIDs allowing you to decide what services wireless users can access dependant on the SSID they connect to. Security is top notch as you get the usual WEP and WPA encryption, SSID masking and MAC address filters but these are augmented with IP filters, support for 802.1x, a database for local user authentication and user connection limits.
At any time you can run a security audit from SDM which checks your configuration, advises on any security holes and offers to fix them. Intrusion prevention is also on the menu and this uses an attack signature database resident on the router’s flash memory which can be updated regularly from Cisco’s support site.
The 877W is offering a stunning level of security features all accessed and configured from a well designed management console packed to the gills with wizards. Some features require additional components to be running separately but small businesses and remote offices that want the best money can buy need look no further.