Chapter 12 Administration

Administration Certificate Management View Enrollment Request

Enrollment Request Fields

An enrollment request contains some or all of the following fields:

Field

Content

Subject

The person or system that uses the certificate.

Issuer

The CA or other entity (jurisdiction) from whom the certificate is being

 

requested.

 

Subject and Issuer consist of a specific-to-general identification hierarchy: CN,

 

OU, O, L, SP, and C. These labels and acronyms conform to X.520

 

terminology, and they echo the fields on the Administration Certificate

 

Management Enrollment screen.

CN

Common Name: the name of a person, system, or other entity. This is the

 

lowest (most specific) level in the identification hierarchy.

 

For the VPN 3002 self-signed SSL certificate, the CN is the IP address on the

 

Ethernet 1 (Private) interface at the time the certificate is generated. SSL

 

compares this CN with the address you use to connect to the VPN 3002 via

 

HTTPS, as part of its validation.

OU

Organizational Unit: the subgroup within the organization (O).

O

Organization: the name of the company, institution, agency, association, or

 

other entity.

L

Locality: the city or town where the organization is located.

SP

State/Province: the state or province where the organization is located.

C

Country: the two-letter country abbreviation. These codes conform to ISO

 

3166 country abbreviations.

Public Key Type

The algorithm and size of the public key that the CA or other issuer used in

 

generating this certificate.

Request Usage

The type of certificate: Identity or SSL.

MD5 Thumbprint

A 128-bit MD5 hash of the complete certificate contents, shown as a 16-byte

 

string. This value is unique for every certificate, and it positively identifies the

 

certificate. If you question a certificate’s authenticity, you can check this value

 

with the issuer.

SHA1 Thumbprint

A 160-bit SHA-1 hash of the complete certificate contents, shown as a 20-byte

 

string. This value is unique for every certificate, and it positively identifies the

 

certificate. If you question a certificate’s authenticity, you can check this value

 

with the issuer.

Generated

The date the request was initiated.

 

 

VPN 3002 Hardware Client Reference

 

 

 

 

 

 

 

OL-1893-01

 

 

12-59

 

 

 

 

 

Page 185
Image 185
Cisco Systems VPN 3002 manual Enrollment Request Fields, 12-59

VPN 3002 specifications

Cisco Systems VPN 3002 is a versatile hardware device designed to provide secure remote access to corporate networks. As part of Cisco's family of VPN concentrators, the VPN 3002 is aimed at small to medium-sized businesses seeking to establish secure communications over the Internet.

One of the key features of the VPN 3002 is its ability to support a wide range of VPN protocols, including IPsec and L2TP. This flexibility allows businesses to tailor their security solutions to meet specific needs, thereby ensuring robust encryption and integrity for data in transit. The device also supports innovative technologies such as Clientless SSL VPN, enabling users to access corporate resources without the need for a full client installation.

Another vital characteristic of the VPN 3002 is its scalability. It can support multiple users while maintaining optimal performance due to its integrated firewall capabilities. This functionality allows organizations to manage user traffic effectively, ensuring that both security and efficiency are maintained during peak access periods.

Additionally, the VPN 3002 boasts advanced features like NAT traversal, which helps ensure that VPN connections can penetrate network address translation firewalls and other similar devices, thereby enhancing connectivity. It also features strong authentication mechanisms, including support for RADIUS and TACACS+, providing businesses with the ability to implement stringent user verification processes.

The device is designed with ease of use in mind. The setup process is relatively simple, and Cisco's intuitive web-based management interface makes it easy to configure and monitor VPN connections. Furthermore, the VPN 3002 comes with a variety of integrated tools for logging and reporting, allowing administrators to maintain comprehensive oversight of network activities.

In terms of hardware, the VPN 3002 is equipped with multiple Ethernet ports for network connectivity and can support a range of configurations to meet diverse organizational requirements. Its robust design ensures longevity and dependable operation, making it an ideal solution for businesses seeking reliable remote access capabilities.

In conclusion, Cisco Systems VPN 3002 provides a comprehensive solution for organizations looking to secure their remote connections. With its support for various protocols, scalable architecture, advanced security features, and ease of use, it stands out as a reliable choice for enhancing corporate network security.