Cisco rolls out VPN platform for small offices
Cisco Systems at its Partner Summit meeting here on Wednesday released an enterprise VPN device for small satellite offices that emphasizes ease of use.
Cisco VPN 3002 gateway device is intended for branch offices with fewer than 10 users or home offices. The device lets enterprises centrally manage and administer VPN configurations, thereby saving on deployment and maintenance costs.
"The VPN 3002 has all the benefits of a software client plus the benefits of a hardware client," said Greg Marcotte, marketing director of Cisco's VPN group. "It creates security associations dynamically upon connection. The remote user doesn't configure anything; it's configured at the central office. You don't have to redeploy or reconnect to any remote devices to make changes." Marcotte cited user passwords as an example, saying that with the VPN 3002, a company can set and change all password settings at its main office.
The VPN 3002 operates with all OSes, according to Marcotte, as well as with devices like cash registers and printers. He added that the device will be especially useful in settings where VPNs previously could not be deployed, such as auto dealerships and doctors offices that either do not own their networks or do not have qualified IT staff on hand. "You can separate the security element of VPN from the computer itself," Marcotte noted. Two versions of the product are available. A dual Ethernet model sells for $995, while an 8-port Fast Ethernet switch version costs $1,195.
According to Jim Slaby, a senior analyst at Giga Information Group in Cambridge, Mass., the VPN 3002 is the first of its kind.
"None of Cisco's competitors has a good solution for small, remote offices, where you want another gateway that establishes the tunnel, and everyone in that office just connects to the corporate office," Slaby said. "When you get more than a few users, that's the kind of platform that you want, so the users don't have to do anything. And amazingly, Cisco's leading the market."
As part of the offering, Cisco also detailed a new "unified client" VPN strategy that will allegedly simplify VPN network management by extending VPN connectivity to all client machines and Cisco central site equipment, such as concentrators, routers, and firewalls.
"The client framework allows us to have the same connectivity between VPN clients across all Cisco equipment, whether it be at the enterprise or the service provider," Marcotte explained.
Dave Kosiur, a senior analyst at the Midvale, Utah-based Burton Group research firm, lauded Cisco's move toward interoperability.
"Cisco has acquired a whole bunch of companies that offer different VPN products," Kosiur said, "and some of them used different software clients for anyone who wanted to dial into a VPN. They didn't interoperate, and that's been a standing problem with VPNs for some time. I think this a good move."
To some analysts, the unified client strategy simply represents an attempt to goad customers into buying Cisco equipment from end to end. But others argue differently, asserting that any form of interoperability is good for the VPN market.
"Most enterprises are on to the fact that Cisco will lead them down the proprietary bridle path," Slaby said, "but that doesn't mean that unifying the client is a bad thing. It makes sense to rationalize disparate technology sets."
To Kosiur, much will depend on whether Cisco shares its interoperability specifications with other vendors. "If they make this an opeen spec, it will be easier for other vendors to embrace it and end up with a single software client, regardless of what mix of Cisco VPN hardware they have at their different sites."
But Slaby doubts that the company will share its technology. "I'd be very surprised if Cisco did that," he said. "It's just not their way."