Overview of VPNs and VPN Technologies
Cisco products support the latest in VPN technology. A VPN is a service that offers secure, reliable connectivity over a shared public network infrastructure such as the Internet.
Figure 1-1 shows various VPNs between a main site and branch offices and small office, home office (SOHO) workers.
VPNs maintain the same security and management policies as a private network. They are the most cost effective method of establishing a virtual point-to-point connection between remote users and an enterprise customer's network. There are three main types of VPNs.
- Access VPNs—Provide remote access to an enterprise customer's intranet or extranet over a shared infrastructure. Access VPNs use analog, dial, ISDN, digital subscriber line (DSL), mobile IP, and cable technologies to securely connect mobile users, telecommuters, and branch offices.
- Intranet VPNs—Link enterprise customer headquarters, remote offices, and branch offices to an internal network over a shared infrastructure using dedicated connections. Intranet VPNs differ from extranet VPNs in that they allow access only to the enterprise customer's employees.
- Extranet VPNs—Link outside customers, suppliers, partners, or communities of interest to an enterprise customer's network over a shared infrastructure using dedicated connections. Extranet VPNs differ from intranet VPNs in that they allow access to users outside the enterprise.
Figure 1-1 Examples of VPNs
The following main components make up Cisco's VPN offerings:
- Cisco VPN routers—Use Cisco IOS software IPSec support to enable a secure VPN. VPN-optimized routers leverage existing Cisco investment, perfect for the hybrid WAN.
- Cisco Secure PIX Firewall—Offers a VPN gateway alternative when the security group "owns" the VPN.
- Cisco VPN Concentrator series—Offers powerful remote access and site-to-site VPN capability, easy-to-use management interface, and a VPN client.
- Cisco Secure VPN Client—Enables secure remote access to Cisco router and PIX Firewalls and runs on the Windows operating system.
- Cisco Secure Intrusion Detection System (CSIDS) and Cisco Secure Scanner—Can be used to monitor and audit the security of the VPN.
- Cisco Secure Policy Manager and Cisco Works 2000—Provide VPN-wide system management.
These components can all be seen in Figure 1-2.
Figure 1-2 Cisco Secure VPN Components