Cisco Continues to Beef Up Security

The company launched a raft of security-related products and software enhancements this week.

Cisco Systems Inc. on Tuesday continued to deliver on its strategy to integrate security functions across its product line with 12 new offerings that address a range of customers.

"This is part of our overall strategy to bring best-of-breed security into Cisco access routers. Customers are looking for a single device with WAN connectivity, routing, (Virtual Private Networking) and firewall functionality, and were bringing that into the access routers," said Paulette Altmaier, vice president and general manager of Cisco access routers, in San Jose, Calif.

The integration of security functions within networking devices eases deployment and "reduces security administrative overhead," believes Cisco user David Roessler, director of IS at Quay Corporation, a contract electronics manufacturer, in Eatontown, N.J.

Toward that end, Cisco added a pair of low-end routers for Small Office/Home Office (SOHO) installations that include embedded VPN acceleration. The routers, which start at $350, are part of the Cisco 800 Series and SOHO 90 Series secure broadband router lines. The VPN acceleration offers 10 times the performance of existing Cisco products, according to another Cisco official. Cisco also added plug-in VPN acceleration modules for its 2691, 3660 and 3700 midrange routers. The acceleration modules, which boost performance between five and 10 times, are intended to improve performance for voice and video over IP networks.

Cisco also extended its voice and video-over-IP support to its VPN products, making Cisco unique in combining such functionality in a single device, according to Cisco. A combination of new hardware acceleration and robust queuing mechanisms, along with redundancy features, make the combination possible.

One Cisco user running voice over IP on a VPN found that hardware acceleration is necessary for adequate voice quality. "We terminated IP tunnels on a Pix software-based firewall that had no acceleration. Without it, it delayed the packets and caused jitter, which is no good for voice. So we re-pointed our IP tunnels to the hardware accelerator in the 3640 and that solved our voice VPN jitter problems," described Doug Haluza, PE, director of engineering at Lexent Inc., in N.Y.

On the secure sockets layer (SSL) front, Cisco introduced the Cisco SCA 11000 Series Secure Content Accelerator II, a new appliance that offloads SSL processing from back-end Web servers. It can process up to 800 SSL transactions per second.

As Quay Corp. looks to extend the services it can offer its customers by leveraging the public Internet, integrated security is key to drawing customers to those new services, believes Roessler. "The last question is always, How secure is it? This is a great way to present services to the customer base that are rock solid," he added. Quay is evaluating the new SSL appliance as a means to better manage SSL certificates, he said.