IPsec VPN capabilities are included in many models of Cisco
routers, as well as in the PIX Security Appliance. The following products also
have IPSec capabilities.
VPN 3000 Series Concentrators
The
Cisco VPN 3000 Series offers best-in-class remote-access VPN devices that
provide businesses with flexible, reliable, and high-performance remote-access
solutions. The Cisco VPN 3000 Series offers solutions for diverse remote-access
deployments by offering both IPSec and SSL-based VPN connectivity on a single
platform. The VPN 3005 Concentrator is shown in Figure
.
VPN
Software Client
The Cisco VPN Client allows organizations to establish
end-to-end, encrypted VPN tunnels for secure connectivity for mobile employees
or teleworkers. This IPSec client is compatible with all Cisco VPN
products.
The Cisco VPN Client can be preconfigured for mass deployments,
and initial logins require little user intervention. It supports Cisco Easy VPN
capabilities, delivering an easy-to-manage remote access VPN architecture that
eliminates the operational costs associated with maintaining a consistent
policy and key management method. The Cisco Easy VPN feature allows the Cisco
VPN Client to receive security policies upon a VPN tunnel connection from the
central site VPN device, configured as the Cisco Easy VPN Server, minimizing
configuration requirements at the remote location. This simple and highly
scalable solution is ideal for large remote access deployments where it is
impractical to individually configure policies for multiple remote PCs.
The Cisco VPN Client supports Windows 98, ME, NT 4.0, 2000, XP; Linux
(Intel); Solaris (UltraSparc 32- and 64-bit); and Mac OS X, 10.1, and 10.2. The
Cisco VPN Client is compatible with the following Cisco products:
- Cisco VPN 3000 Series Concentrators
- Cisco VPN 3000 Series Concentrator Software version 3.0 and higher
- Cisco IOS Software releases 12.2(8)T and higher
- Cisco PIX Firewall Software version 6.0 and higher
VPN 3002 Hardware Client
The Cisco VPN 3002 Hardware Client
combines the ease-of-use and high-scalability features of a software VPN client
while providing the reliability and stability of a hardware platform. The Cisco
VPN 3002 Hardware Client is designed for organizations with many remote office
environments because it easily scales to tens of thousands of devices. The
Cisco VPN 3002 Hardware Client is a full-featured VPN client in a hardware
platform that supports 56-bit DES, 168-bit Triple DES, or up to 256-bit AES
encryption.
The Cisco VPN 3002 Hardware Client supports the Cisco Unified
Client protocol allowing it to act as a Cisco Easy VPN Remote device and
connect to any Cisco Easy VPN Server, such as a VPN 3000 Concentrator, PIX
Security Appliance, or IOS Router.
Available in two modes, client and
network extension, the Cisco VPN 3002 can be configured to either emulate the
operation of the Cisco VPN client, or to establish a secure site-to-site
connection with the central site Cisco Easy VPN Server device. Both modes use
the Cisco Easy VPN push-policy features and scale to large deployments. The
Cisco VPN 3002 Hardware Client is available with or without an 8-port switch
.
IPSec VPN Services Module
The Cisco IPSec VPN Services Module is
a high-speed module for the Cisco Catalyst 6500 Series Switch and the Cisco
7600 Series Internet Router that provides infrastructure-integrated IPSec VPN
services to meet the need for ubiquitous connectivity and increased bandwidth
requirements.
The IPSec VPN Services Module delivers cost-effective VPN
performance on the Cisco Catalyst 6500 Series and is suitable for various
deployments. For example, in WAN edge deployments, the VPN module provides VPN
termination services on the WAN aggregator router.