[ Up ] [ Firewalls ] [ VPNs ] [ Intrusion Detection ] [ Scanning ] [ Access Control ] [ Policy Management ] [ Consulting Services ]

VPNs

VPNs come in two main types, Site-to-Site and Remote Access (VPN Concentrator and Client). In the physical security analogy below, VPNs are like secured tunnels between building or armored transport cars, permitting secure, confidential transit between two locations.

Cisco Site-to-Site VPNs

Site-to-Site VPNs are an alternative WAN infrastructure that replace and augment existing private networks that utilize leased lines, Frame Relay, or ATM to connect remote and branch offices and central site(s). VPNs do not inherently change private WAN requirements, such as support for multiple protocols, high reliability, and extensive scalability, but instead meet these requirements more cost effectively and with greater flrxibility. Site-so-Site VPNs can utilize the most pervasive transport technologies available today, such as the public Internet or service provider IP networks, by employing tunneling and encryption for data privacy and quality of service (QoS) for transport reliability.

Products

Site-to-site VPNs are best constructed using Cisco VPN-optimized routers. VPN-optimized routers provide scalability through optional encryption acceleration. Furthermore, Cisco VPN-optimized routers provide the wealth of routing, security, and QoS features resident in Cisco IOS software required for a secure, scalable, and reliable site-to-site VPN deployment. The Cisco VPN-optimized router portfolio provides solutions for small office / home office (SOHO) access through central-site VPN aggregation, including platforms for fast-emerging cable and digital subscriber line (DSL) access technologies. The table below outlines the Cisco VPN-optimized router portfolio by deployment segment.

Key Strengths / Features / Benefits

• Device integration for a comprehensive VPN solution — Cisco site-to-site VPN solutions integrate all features required for secure, scalable, and reliable VPN deployments in a single device. Many competitive solutions require multiple devices to provide a comprehensive site-to-site VPN solution, increasing deployment complexity. Cisco integrated, single-device, site-to-site VPN solutions simplify network architectures and lower total cost of ownership for the VPN solution. Key features provided by Cisco VPN solutions for site-to-site VPN deployment include:

  • Tunneling and encryption support using industry-standard protocols such as IPSec.

  • Strong perimeter security for the VPN, including stateful firewall and intrusion detection provided by the Cisco IOS firewall.

  • Application-aware QoS and bandwidth management for VPN transport reliability.

  • Full Layer 3 routing, includin exterior routing protocols such as Border Gateway Protocol (BGP) for Internet / VPN access.

  • Diverse WAN and LAN interfaces for Internet / VPN access and LAN network connectivity.

• Scalable performance — The range of Cisco VPN-optimized routers scale to meet any site-specific VPN deployment requirements from ISDN to DS3 speeds.

• Feature interoperability — By delivering a comprehensive site-to-site VPN solution in a single device, Cisco VPN-optimized routers ensure greater interoperability of VPN features such as firewall, QoS, and tunneling / encryption than multidevice solutions offered by competitors.

• Self-healing VPN — Cisco VPN-optimized routers utilize the wealth of network resiliency features resident in Cisco IOS software — such as tunnel keepalives, tunnel endpoint discovery (TED), and dynamic route discovery via generic routing encapsulation (GRE) tunnels — to provide unsurpassed VPN redundancy and dynamic recovery.

• Investment protection — Cisco site-to-site VPN solutions offer LAN / WAN interface and hardware acceleration modularity, as well as a wealth of input / output (I/O) options. This modularity provides investment protection by enabling users to adapt Cisco VPN-optimized routers for solutions evolving network and scalability requirements.

[ E-Commerce ] [ LAN ] [ Security ] [ WAN ] [ Solusi ]