Cisco Systems on Monday announced an Enterprise Virtual Private Network (E-VPN) strategy and suite of VPN products.
The company's strategy includes a "five-point, multiphase" VPN product roadmap. The strategy spans five components that Cisco claims are required for successful deployment of a VPN: scalable platforms, security, services, appliances and management.
New products to buttress the roadmap include Cisco IOS software enhancements, including IP Security (IPSec) acceleration on the Cisco 7500 and 7200 high-end router series, as well as firewall extensions and VPN service-level agreement (SLA) monitoring services.
Also announced were enhancements to Cisco's security appliances, including the NetSonar2.0 security scanner for Windows NT and NetRanger 2.2 intrusion detection system. In addition, Cisco rolled out a suite of management tools, including Security Manager 1.0, Access Control List (ACL) Manager 1.0 and Internetwork Performance Monitor (IPM) 2.0.
To provide scalable performance for VPN applications, Cisco is offering distributed IPSec software acceleration for Cisco 7500 series routers, using its advanced Versatile Interface Processor (VIP) series line cards.
Integrated hardware-based acceleration for IPSec encryption is also available -- first implemented as an integrated service adapter (ISA) card for the Cisco 7500 and 7200 systems, followed by the Cisco 3600, 2600 and 1700 series. Integrating Data Encryption Standard and 3DES IPSec encryption and IPPCP compression services with industry-standard IPPCP protocols, the ISA card enables data compression before encryption activities to reduce the amount of data sent over the network, Cisco officials said.
To enable secure virtual private networking, Cisco has added tunnels and encryption, packet authentication, firewalls and intrusion detection, as well as user authentication in Cisco IOS. New security services include 3DES, time-based ACLs, CiscoSecure with public-key infrastructure support, as well as the Cisco IOS firewall feature set extensions, which increase network security and lower the cost of firewall operation.
Cisco's firewall feature set software is now supported on the Cisco 7200, in addition to previous availability on the Cisco 1600, 1700, 2500, 2600 and 3600 routers. To validate and monitor service providers' adherence to SLAs, Cisco is embedding a service-level monitoring Response Time Reporter (RTR) to allow measurement of round-trip latencies through a virtual private network.
For VPN security, Cisco's Security Manager 1.0 policy management software enables an administrator to define, enforce and audit security policies for multiple distributed Cisco PIX Firewalls. The CiscoWorks2000 line adds WAN monitoring extensions, while IPM and ACL Manager reduce access list management and complexity.
IP quality of service, 3DES and RTR features are incorporated within Cisco IOS software v12.0, and are available now. Software IPSec acceleration for the Cisco 7500 will be available in a subsequent release of Cisco IOS 12.0, followed by hardware acceleration for the Cisco 7200 and 7500 systems beginning in the first half of 1999.
NetSonar 2.0 and the firewall software for the Cisco 7200 router series is available now. Cisco did not disclose availability of the other products.