Cisco 2621XM - Physical and Cryptographic Module Details

To Next Page

To Previous Page

Cisco 2621XM and Cisco 2651XM Modular Access Routers with AIM-VPN/EP FIPS 140-2 Non-Proprietary Security Policy

OL-6262-01

The 2621XM/2651XM Router

2621XM and 2651XM provide a scalable, secure, manageable remote access server that meets FIPS

140-2 Level 2 requirements. This section describes the general features and functionality provided by

the Cisco 2621XM and 2651XM routers.

The 2621XM/2651XM Cryptographic Module

Figure 1 The 2621XM/2651XM Router

The 2621XM and 2651XM Routers are multiple-chip standalone cryptographic modules. The

cryptographic boundary is defined as encompassing the "top," "front," "left," "right," and "bottom"

surfaces of the case; all portions of the "backplane" of the case which are not designed to accommodate

a WIC or Network Module; and the inverse of the three-dimensional space within the case that would be

occupied by an installed WIC or Network Module. The cryptographic boundary includes the connection

apparatus between the WIC or Network Module and the motherboard/daughterboard that hosts the WIC

or Network Module, but the boundary does not include the WIC or Network Module itself. In other

words, the cryptographic boundary encompasses all hardware components within the case of the device

except any installed modular WICs or Network Modules. All of the functionality discussed in this

document is provided by components within this cryptographic boundary.

The Cisco 2621XM and 2651XM routers incorporate an AIM-VPN/EP cryptographic accelerator card.

The AIM-VPN/EP is located inside the module chassis, and is installed directly on the motherboard.

Cisco IOS features such as tunneling, data encryption, and termination of Remote Access WANs via

IPSec, Layer 2 Forwarding (L2F) and Layer 2 Tunneling Protocols (L2TP) make the Cisco 2600 an ideal

platform for building virtual private networks or outsourced dial solutions. Cisco 2600`s RISC-based

processor provides the power needed for the dynamic requirements of the remote branch office,

achieving wire speed Ethernet to Ethernet routing with up to 30 thousand packets per second (Kpps)

throughput capacity for the 2621XM, and 40 Kpps for the 2651XM.

Module Interfaces

The interfaces for the router are located on the rear panel as shown in Figure 2.

POWER

RPS

ACTIVITY

Cisco 2600

SERIES

9493

Other manuals for Cisco 2621XM