Cisco Systems 2600, 3600, 3700, and 7200, Cisco 1700 Cisco VPN 3000 Concentrators Series, VPN Access through Port Address Translation firewalls , Cisco VPN 3002 Hardware Client, Cisco VPN 3002 Hardware Client supports up to 253 users/stations per VPN 3002, Works with most operating systems including Windows, Linux, Solaris, and MAC OS X, central site concentrator, enabling virtually unlimited scalability, Cisco VPN 3000 Series Concentrators

Chapter5 V PN and Security Products

5-6

Cisco VPN 3000 Family

Key Features

•Cisco VPN 3000 Concentrators Series

–Support for industry standard IPSec DES/3DES/AES and Cisco IPSec/NAT for

VPN Access through Port Address Translation firewalls

–Unlimited-use license for Cisco VPN Client distribution included at no cost with

multiple OS support including Windows, MAC OS X, Linux and Solaris; also integrates with Zone Alarms personal firewall

–Supports standard authentication: RADIUS, SDI Tokens, and Digital Certificates

–VPN load balancing allows for multiple units to cluster as a single shared pool

•Cisco VPN 3002 Hardware Client supports up to 253 users/stations per VPN 3002

–

Works with most operating systems including Windows, Linux, Solaris, and MAC OS X

–Auto-upgrade capability automates upgrades with no user intervention required

–Client technology employs push policy and automatic address assignment from the

central site concentrator, enabling virtually unlimited scalability

Competitive Products

Specifications

Cisco VPN 3000 Series ConcentratorsCisco VPN 3002 Hardware Client

• Nortel: Contivity products

• Netscreen: LAN to LAN environments •Nokia

Feature VPN 3005 VPN 3015 VPN 3030 VPN 3060 VPN 3080

Simultaneous Users 100 100 1500 5000 10,000

Encryption Throughput 4 Mbps 4 Mbps 50 Mbps 100 Mbps 100 Mbps

Encryption Method Software Software Hardware Hardware Hardware

Encryption (SEP) Module 00124

Redundant SEP No No Optional Optional Yes

Expansion Slots 0432N/A

Upgradeable No Yes Yes N/A N/A

Memory 32 MB 12 8 MB 128 MB 256 MB 256 MB

Hardware Configuration 1U, Fixed 2U, Scalable 2U, Scalable 2U, Scalable 2U

Power Supply Single Single, with a dual

option Single, with a dual

option Dual

Client License Unlimited Unlimited Unlimited Unlimited Unlimited

LAN-to-LAN Connections

(internal user database) 100 100 500 1000 1000

Dimensions (HxWXD) 1.75 x 17.5 x 11.5 in. 3.5 x 17.5 x 14.5 in. 3.5 x 17.5 x 14.5 in. 3.5 x 17.5 x 14.5 in. 3.5 x 17.5 x 14.5 in.

Feature VPN 3002 Hardware Client

Hardware Processor Motorola PowerPC processor; Dual flash image architecture

Network Interfaces CPVN3002-K9: One Public 10/100Mbps RJ-45 Ethernet Interface and One Private Port 10/100Mbps

RJ-45 Ethernet Interface

CVPN3002-8E-K9: One Public 10/100Mbps RJ-45 Ethernet Interface and Eight Private Port

10/100Mbps RJ-45

Ethernet Interfaces via AUTO-MDIX switch

Physical Dimensions 1.967 x 8.6 x 6.5 in. (5 x 8.6 x 16.51 cm)

Power Supply External AC Operation: 100-240V at 50/60 Hz with universal power factor correction; 4 foot cord

included and international “pigtail” power cord selection

Tunneling Protocol Support IPsec with IKE key management

Monitoring & Configuration Event logging; SNMP MIB-II support

Embedded management interface is accessible via console port or local web browser; SSH/SSL

Encryption Algorithms, Key

Management & Authentication

Algorithms

56-bit DES (IPsec); 168-bit Triple DES (IPsec); AES 128 & 256-bit (IPsec)