IPSec
Cisco VPN solutions

IPsec VPN capabilities are included in many models of Cisco routers, as well as in the PIX Security Appliance. The following products also have IPSec capabilities.

VPN 3000 Series Concentrators
The Cisco VPN 3000 Series offers best-in-class remote-access VPN devices that provide businesses with flexible, reliable, and high-performance remote-access solutions. The Cisco VPN 3000 Series offers solutions for diverse remote-access deployments by offering both IPSec and SSL-based VPN connectivity on a single platform. The VPN 3005 Concentrator is shown in Figure .

VPN Software Client
The Cisco VPN Client allows organizations to establish end-to-end, encrypted VPN tunnels for secure connectivity for mobile employees or teleworkers. This IPSec client is compatible with all Cisco VPN products.

The Cisco VPN Client can be preconfigured for mass deployments, and initial logins require little user intervention. It supports Cisco Easy VPN capabilities, delivering an easy-to-manage remote access VPN architecture that eliminates the operational costs associated with maintaining a consistent policy and key management method. The Cisco Easy VPN feature allows the Cisco VPN Client to receive security policies upon a VPN tunnel connection from the central site VPN device, configured as the Cisco Easy VPN Server, minimizing configuration requirements at the remote location. This simple and highly scalable solution is ideal for large remote access deployments where it is impractical to individually configure policies for multiple remote PCs.

The Cisco VPN Client supports Windows 98, ME, NT 4.0, 2000, XP; Linux (Intel); Solaris (UltraSparc 32- and 64-bit); and Mac OS X, 10.1, and 10.2. The Cisco VPN Client is compatible with the following Cisco products:

  • Cisco VPN 3000 Series Concentrators
  • Cisco VPN 3000 Series Concentrator Software version 3.0 and higher
  • Cisco IOS Software releases 12.2(8)T and higher
  • Cisco PIX Firewall Software version 6.0 and higher

VPN 3002 Hardware Client
The Cisco VPN 3002 Hardware Client combines the ease-of-use and high-scalability features of a software VPN client while providing the reliability and stability of a hardware platform. The Cisco VPN 3002 Hardware Client is designed for organizations with many remote office environments because it easily scales to tens of thousands of devices. The Cisco VPN 3002 Hardware Client is a full-featured VPN client in a hardware platform that supports 56-bit DES, 168-bit Triple DES, or up to 256-bit AES encryption.

The Cisco VPN 3002 Hardware Client supports the Cisco Unified Client protocol allowing it to act as a Cisco Easy VPN Remote device and connect to any Cisco Easy VPN Server, such as a VPN 3000 Concentrator, PIX Security Appliance, or IOS Router.

Available in two modes, client and network extension, the Cisco VPN 3002 can be configured to either emulate the operation of the Cisco VPN client, or to establish a secure site-to-site connection with the central site Cisco Easy VPN Server device. Both modes use the Cisco Easy VPN push-policy features and scale to large deployments. The Cisco VPN 3002 Hardware Client is available with or without an 8-port switch .

IPSec VPN Services Module
The Cisco IPSec VPN Services Module is a high-speed module for the Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Router that provides infrastructure-integrated IPSec VPN services to meet the need for ubiquitous connectivity and increased bandwidth requirements.

The IPSec VPN Services Module delivers cost-effective VPN performance on the Cisco Catalyst 6500 Series and is suitable for various deployments. For example, in WAN edge deployments, the VPN module provides VPN termination services on the WAN aggregator router.


Interactive Media Activity

Demonstration Activity: Cisco VPN Devices

In this activity, students will learn about Cisco VPN devices.

Web Links