Chapter 12 Administration

Administration Certificate Management

Certificate Authorities Table

This table shows root and subordinate CA certificates installed on the VPN 3002.

Fields

These fields appear in the Certificate Authorities table:

Field

Content

Subject/Issuer

The Common Name (CN) or Organizational Unit (OU) (if present), plus the

 

Organization (O) in the Subject and Issuer fields of the certificate. The

 

format is CN at O, OU at O, or just O; for example, Root 2 at CyberTrust.

 

The CN, OU, and O fields display a maximum of 33 characters each. See

 

Administration Certificate Management Certificates View.

Expiration

The expiration date of the certificate. The date format is MM/DD/YYYY.

SCEP Issuer

In order for a certificate to be available for SCEP enrollment, it must be

 

installed via SCEP. This field indicates if the certificate is SCEP-enabled.

 

Yes = This certificate can issue identity and SSL certificates via SCEP.

 

No = This certificate cannot issue certificates via SCEP.

 

 

 

 

 

Note If you want to use a certificate for SCEP enrollment, but that

 

 

 

certificate is not SCEP-enabled, reinstall it using SCEP.

 

 

 

Actions

This column allows you to manage particular certificates. The actions

 

available vary with type and status of the certificate.

 

View = View details of this certificate.

 

Configure = Enable CRL (Certificate Revocation List) checking for this

 

 

CA certificate, modify SCEP parameters, or enable acceptance of

 

 

subordinate CA certificates.

 

Delete = Delete this certificate from the VPN 3002.

 

Show RAs = SCEP-enabled CA certificates sometimes have supporting

 

 

(RA) certificates. View details of these certificates. (Only available for

 

 

CA certificates.)

 

Hide RAs = Hide the details of the RA certificates.

Identity Certificates Table

This table shows installed server identity certificates. For a description of the fields in this table, see the “Certificate Authorities Table” section, above.

 

VPN 3002 Hardware Client Reference

12-32

OL-1893-01

Page 158
Image 158
Cisco Systems VPN 3002 manual Certificate Authorities Table, Identity Certificates Table, Fields, 12-32

VPN 3002 specifications

Cisco Systems VPN 3002 is a versatile hardware device designed to provide secure remote access to corporate networks. As part of Cisco's family of VPN concentrators, the VPN 3002 is aimed at small to medium-sized businesses seeking to establish secure communications over the Internet.

One of the key features of the VPN 3002 is its ability to support a wide range of VPN protocols, including IPsec and L2TP. This flexibility allows businesses to tailor their security solutions to meet specific needs, thereby ensuring robust encryption and integrity for data in transit. The device also supports innovative technologies such as Clientless SSL VPN, enabling users to access corporate resources without the need for a full client installation.

Another vital characteristic of the VPN 3002 is its scalability. It can support multiple users while maintaining optimal performance due to its integrated firewall capabilities. This functionality allows organizations to manage user traffic effectively, ensuring that both security and efficiency are maintained during peak access periods.

Additionally, the VPN 3002 boasts advanced features like NAT traversal, which helps ensure that VPN connections can penetrate network address translation firewalls and other similar devices, thereby enhancing connectivity. It also features strong authentication mechanisms, including support for RADIUS and TACACS+, providing businesses with the ability to implement stringent user verification processes.

The device is designed with ease of use in mind. The setup process is relatively simple, and Cisco's intuitive web-based management interface makes it easy to configure and monitor VPN connections. Furthermore, the VPN 3002 comes with a variety of integrated tools for logging and reporting, allowing administrators to maintain comprehensive oversight of network activities.

In terms of hardware, the VPN 3002 is equipped with multiple Ethernet ports for network connectivity and can support a range of configurations to meet diverse organizational requirements. Its robust design ensures longevity and dependable operation, making it an ideal solution for businesses seeking reliable remote access capabilities.

In conclusion, Cisco Systems VPN 3002 provides a comprehensive solution for organizations looking to secure their remote connections. With its support for various protocols, scalable architecture, advanced security features, and ease of use, it stands out as a reliable choice for enhancing corporate network security.