index_226
Router Security Configuration Guide
UNCLASSIFIED
226
UNCLASSIFIED
Version 1.0g
you to download it. Be very careful to check these requirements against the router on
which you hope to run the software, ensure that amounts of installed memory meet or
exceed the requirements before attempting to load the IOS release.
8.3.2. Major Releases and their Features
There are at least five major releases of Cisco IOS software currently in use in
operational environments: 11.1, 11.2, 11.3, 12.0, and 12.1. The lists below describe
some of the major features introduced into IOS in each of these releases, with
emphasis on security-relevant features.
All earlier Cisco IOS releases, 11.0 and 10.x, are now unsupported by Cisco,
although they are still available for download.
IOS 11.1
The 11.1 release was the last IOS release to use the old ‘classic’ or monolithic
architecture. While exceedingly stable and robust, it did not offer extensive security
features. IOS 11.1 was first deployed in 1996, and engineering development for it
was dropped in 1999. Some of the important features
§ RIPv2 (see Section 4.5)
§ The IOS web server and web browser management interface [11.1(5) and
later]
§ RADIUS support (as part of AAA, see Section 4.7)
§ RMON support (see Section 4.6)
§ Lock-and-Key dynamic access lists
IOS 11.1 is available as a GD release for all older Cisco routers, but is not available
for some of the popular newer models (e.g. 7500, 1605, 3660).
IOS 11.2
The 11.2 release was the first IOS version to fully implement Cisco’s modular
architecture for router software. A great many new features were added to IOS over
the lifetime of 11.2, a few of them are listed below.
§ Named access control lists (See Section 4.4)
§ Network address translation (NAT)
§ Support for RSVP and IP Quality-of-Service (see Section 7.5)
§ Support for LANE (IP over ATM)
§ Various OSPF and BGP4 enhancements