Cisco 3845 ISR with CallManager Express

The launch of Cisco's new ISR (integrated services router) family see the networking giant take on centralised network security and services across the entire SMB, mid-range and enterprise markets.

At the entry point, you have the new Series 800 appliances. This is followed by the Series 2800, which takes on the SMB and enterprise branch office markets, and it all culminates in the Series 3800, which targets mid-size businesses and enterprises. In this review, we take an exclusive look at the top dog 3845 ISR platform along with Cisco's latest Unified CallManager Express and VoiceMail features.

For IP telephony, the 3845 supports up to 240 IP phones and can accept a huge range of optional modules with over 90 currently available. Four small slots arranged along the top of the rear panel accept Cisco's single-wide and double-wide HWICs (high-speed WAN interface cards), and there are plenty to choose from. For example, you have ISDN, E1 and T1 with four- and nine-port WAN modules.

There are also ADSL modules available, the latest of which is a single-wide module with ADSL2/2+ support and ISDN dial-up backup. Wireless is also supported, with the router able to act as a central administrative point for multiple Cisco AiroNet access points.

Underneath these slots are four larger ones for Cisco's network modules with 16 and 36-port 10/100BaseTX modules available and PoE with the optional power supply upgrade fitted.

Using the EVM (extension voice module) slot, you can fit a module that'll provide standard analogue and digital voice and fax services, and there are expansion cards that add IP telephony with support for both H.323 and SIP protocols. The latter can bring into play a wide range of Cisco IP phones, all managed using the Unified CallManager Express tools.

Wizard stuff

You don't need to access the IOS for initial installation. You just point a web browser at the router's default IP address, where you're greeted by Cisco's new SDM (security device manager) Express. This offers wizards to help set up basic LAN, WAN and firewall configuration after which you can install the full SDM utility on a PC and firmware using the router's CompactFlash memory card.

The main SDR interface kicks off with an overview of the router showing the status of flash memory, LAN and WAN interfaces, firewall policies and so on. The Configure tab provides access to all features and you can start by setting up the various interfaces.

The firewall is turned off by default, but the basic setup wizard will have it running in seconds as you select the internal and external interfaces and choose from three predefined settings. The highest of these employs standard SPI firewalling but augments it with application inspection allowing you to block traffic such as IM and P2P. The firewall can be customised with your own rules using an advanced wizard and this includes options for DMZs using specific interfaces.

Rules can also be created using the router's application inspection abilities, so you can inspect email, block or allow P2P and IM traffic, filter URLs locally or add details of external filtering servers. You can also request alerts to be sent when traffic such as multimedia or FTP is detected.

Intrusion prevention uses regularly downloaded signature files, while QoS can be applied on the WAN interfaces. Again, a wizard takes you through this process and allows you to select real-time traffic such as VoIP or business-critical traffic including database and network management traffic. The 3845 offers extensive IPSec VPN features too, including 3DES and AES hardware encryption.