CISCO IPSEC VPN SERVICES MODULE FOR THE CISCO CATALYST 6500 SERIES AND CISCO 7600 SERIES



Similar documents
Cisco IOS Public-Key Infrastructure: Deployment Benefits and Features

CISCO PIX SECURITY APPLIANCE LICENSING

CISCO CONTENT SWITCHING MODULE SOFTWARE VERSION 4.1(1) FOR THE CISCO CATALYST 6500 SERIES SWITCH AND CISCO 7600 SERIES ROUTER

CISCO METRO ETHERNET SERVICES AND SUPPORT

How To Get A New Phone System For Your Business

Cisco 2-Port OC-3/STM-1 Packet-over-SONET Port Adapter

Cisco 7600 Series/Catalyst 6500 Series IPSEC VPN Shared Port Adapter

Cisco Catalyst 6500 Series/Cisco 7600 Series Supervisor Engine 720-3BXL

THE CISCO CRM COMMUNICATIONS CONNECTOR GIVES EMPLOYEES SECURE, RELIABLE, AND CONVENIENT ACCESS TO CUSTOMER INFORMATION

Cisco CNS NetFlow Collection Engine Version 4.0

Cisco Conference Connection

NetFlow Feature Acceleration

CISCO IP PHONE SERVICES SOFTWARE DEVELOPMENT KIT (SDK)

CISCO SMALL AND MEDIUM BUSINESS CLASS VOICE SOLUTIONS: CISCO CALLMANAGER EXPRESS BUNDLES

Cisco VPN Security Routers Setting the Standard in Site-to-Site VPN Solutions

Cisco Secure Access Control Server Solution Engine

Cisco 7200 Series Enterprise WAN Aggregation Application

Cisco CNS NetFlow Collection Engine Version 5.0

CISCO NETWORK CONNECTIVITY CENTER

THE BUSINESS CASE FOR MANAGED SERVICES IN SMALL AND MEDIUM-SIZED BUSINESSES

PUBLIC KEY INFRASTRUCTURE CERTIFICATE REVOCATION LIST VERSUS ONLINE CERTIFICATE STATUS PROTOCOL

CISCO MDS 9000 FAMILY PERFORMANCE MANAGEMENT

Cisco Systems GigaStack Gigabit Interface Converter

HIGH-DENSITY PACKET VOICE DIGITAL SIGNAL PROCESSOR MODULE FOR CISCO IP COMMUNICATIONS SOLUTION

CISCO IOS IP SERVICE LEVEL AGREEMENT

IP Networking and the Advantages of consolidation

CISCO WIRELESS SECURITY SUITE

Cisco 2600XM DSL Router Bundles

Cisco 7200 and 7500 Series Routers

Cisco IT Data Center and Operations Control Center Tour

CISCO AIRONET POWER INJECTOR

CISCO IOS SOFTWARE FEATURE PACKS FOR THE CISCO 1700 SERIES MODULAR ACCESS ROUTERS AND CISCO 1800 SERIES (MODULAR) INTEGRATED SERVICES ROUTERS

CISCO CATALYST 3750 SERIES SWITCHES

CISCO 7304 SERIES ROUTER PORT ADAPTER CARRIER CARD

CISCO CATALYST 6500 SERIES CONTENT SWITCHING MODULE

It looks like your regular telephone.

Optical Service Modules: OC-3/STM-1, OC-12/STM-4 and OC-48/STM-16 POS, OC-12/STM-4 ATM, Gigabit Ethernet WAN, Channelized T3 (CT3) and OC12/STM-4

Cisco Router and Security Device Manager File Management

CISCO 7609 ROUTER ENHANCED 9-SLOT CHASSIS

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 3800 SERIES ROUTERS

CISCO CATALYST 6500 SUPERVISOR ENGINE 32

Cisco Blended Agent: Bringing Call Blending Capability to Your Enterprise

Cisco IOS Telephony Services Survivable/Standby Remote Site Telephony

CISCO SFP OPTICS FOR PACKET-OVER-SONET/SDH AND ATM APPLICATIONS

NETWORK AVAILABILITY IMPROVEMENT SUPPORT OPERATIONAL RISK MANAGEMENT ANALYSIS

Figure 1. The Cisco Aironet Power Injectors Provide Inline Power to Cisco Aironet Access Points and Bridges

E-Seminar. Financial Management Internet Business Solution Seminar

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 2800 SERIES ROUTERS

Cisco WebEx Social Compatibility Guide

IS YOUR OLD PHONE SYSTEM HANGING UP YOUR DISTRICT? CISCO K 12 DIRECT LINE SOLUTION FOR IP COMMUNICATIONS

Combined voice and data solution supports Orange s ongoing success in the UK business market

Cisco SMB Class Solutions Your Next Phone System Purchase

Cisco Router and Security Device Manager Dial-Backup Solution

Cisco PIX Device Manager v3.0

CISCO ATA 186 ANALOG TELEPHONE ADAPTOR

Cisco GLBP Load Balancing Options

Cisco CSS Series Content Services Switch

Cisco Intelligent Contact Management Enterprise Edition

How To Outtask Metro Ether To A Managed Service Provider

Serial Connectivity Network Modules for the 2600, 3600, and 3700 Series (NM-1HSSI, NM-4T, NM-4A/S, NM-8A/S, NM-16A/S, NM-16A, NM-32A)

CISCO IP PHONE EXPANSION MODULE 7914

Cisco Aironet 1130AG Series

SOUTH BAY BMW ACHIEVES UNMATCHED AVAILABILITY AND SECURITY WITH ITS CISCO NETWORK

CISCO NETWORK CONNECTIVITY CENTER MPLS MANAGER 1.0

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

Cisco Outbound Option

CISCO ATA 188 ANALOG TELEPHONE ADAPTOR

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

Cisco IOS Firewall Intrusion Detection System

The Palace of Versailles Goes Digital, Increasing Revenue and Enhancing Overall Visitor Experience

Cisco AVVID Network Enterprise Data Center Solution Overview

CISCO 10GBASE X2 MODULES

Cisco PBX Interoperability: Lucent/Avaya Definity G3si V7 PBX with CallManager using Analog FXS and FXO Interfaces as an MGCP Gateway

CONNECT TO COMPREHENSIVE NETWORK SECURITY SOLUTIONS WITH THE CISCO IP NETWORK DEFENDER PROGRAM.

Enabling High Availability for Voice Services in Cable Networks

Internal IT Staff at a Serbian Children s Hospital Takes Innovative Approach to Outpatient Care

CISCO CALLMANAGER EXPRESS 3.2

PREVENTING WORM AND VIRUS OUTBREAKS WITH CISCO SELF-DEFENDING NETWORKS

CISCO 100BASE-X SFP FOR FAST ETHERNET SFP PORTS

Cisco Secure Policy Manager Version 3.1

CISCO MEETINGPLACE MANAGED SERVICE

CISCO MEETINGPLACE FOR OUTLOOK 5.3

DATA SHEET. GigaStack GBIC THE CISCO SYSTEMS GIGASTACK GIGABIT INTERFACE CONVERTER (GBIC) IS A VERSATILE, LOW-COST,

Cisco Solution Incentive Program Asia Pacific

What is network convergence all about?

IP Communications for Small Offices Using Cisco CallManager Express and Cisco Unity Express

Cisco Systems Brings World-Class Online Banking Solutions to State Bank of India

networks (VPNs). models, the Cisco 800 series of routers addresses wide range Figure 1 Cisco 800 Series Routers give Small Offices and Corporate

E-Seminar. E-Commerce Internet Business Solution Seminar

CISCO NETWORK ANALYSIS SOFTWARE 3.4

End-of-Sale and End-of-Life Announcement for the Cisco Catalyst 2970 Series Switches

How To Connect A Cisco Aironet 350 Series Wireless Bridge To A Network With A Wireless Bridge

Cisco Unified IP Conference Station 7936

SERIAL AND ASYNCHRONOUS HIGH-SPEED WAN INTERFACE CARDS FOR CISCO 1800, 2800, AND 3800 SERIES INTEGRATED SERVICES ROUTERS

Enterprise Reporting

Transcription:

DATA SHEET CISCO IPSEC VPN SERVICES MODULE FOR THE CISCO CATALYST 6500 SERIES AND CISCO 7600 SERIES Critical high-bandwidth business applications have created a need for ubiquitous connectivity and increased bandwidth. Shared campuses, metro area networks and Internet data centers require high performance and secure connectivity. Many enterprises augment or replace their traditional WANs with site-to-site and remote-access virtual private networks (VPNs) to better accommodate these new connectivity requirements. The Cisco IPSec VPN Services Module (VPNSM) delivers cost-effective VPN performance for the Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers. Primary VPN features delivered by the VPNSM include: Security integrated into network infrastructure The Cisco VPNSM supports both Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers. By integrating VPNs into these infrastructure platforms, the network can be secured without extra overlay equipment or network alterations. Furthermore, the broad range of LAN and WAN interfaces, as well as the entire line of security services modules (VPN, Firewall, Network Anomaly Detection, Intrusion Detection, Content Services, and Secure Sockets Layer [SSL]) can now be used within the same platform. High performance and scalability Using the latest in encryption hardware-acceleration technology, each Cisco VPNSM can deliver up to 1.9 Gbps of Triple Data Encryption Standard (3DES) traffic at large packet sizes (more than 500 bytes) and 1.6 Gbps of 3DES traffic at average packet sizes (300 bytes). In addition, a platform equipped with a Cisco VPNSM can terminate 8000 site-to-site or remoteaccess IP Security (IPSec) tunnels simultaneously and can set up those tunnels at up to 60 new tunnels per second. Furthermore, up to 10 Cisco VPNSM modules can be installed in a single platform for increased throughput. VPN resiliency and high availability Using innovative features, such as Stateful Failover for both IP Security (IPSec) and generic routing encapsulation (GRE), Hot-Standby Router Protocol with Reverse Route Injection (HSRP+RRI), Dead Peer Detection (DPD), and support of dynamic routing updates over site-to-site tunnels, the Cisco VPNSM provides superior VPN resiliency and high availability. Provides advanced security services Adding encryption, authentication, and integrity to network services is easy with the Cisco VPNSM. Secured campus and provider-edge VPN termination applications and secured converged network services such as integrated data, voice, and video, [V3PN = VOICE AND VIDEO ENABLED VPN. ] and storage area networks now are easily deployable. The module provides both site-to-site and remote access IPSec services over both LAN and WAN interfaces. All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 1 of 5

CISCO IPSEC VPN SERVICES MODULE OVERVIEW The Cisco IPSec VPN Services Module is a full-slot card that fits into Cisco Catalyst 6500 Series and Cisco 7600 Series chassis. It does not have physical WAN or LAN interfaces. It uses virtual LANs (VLANs) to connect to platform LAN and WAN interfaces. Cisco VPNSM features are detailed in Table 1, and part numbers are listed in Table 2. Table 1 Cisco IPSec VPN Services Module Features Feature High-speed VPN Performance VPN is Integrated into the Infrastructure Comprehensive VPN Features Can Accommodate Diverse Network Traffic Types and Topologies Ensures VPN Resiliency and High Availability VPN and Network Infrastructure Management Description High-speed VPN performance provides up to 1.9 Gbps 3DES IPSec throughput at large packets and 1.6 Gbps at 300 byte packets. This feature supports Cisco Catalyst 6500 Series and Cisco 7600 Series chassis as well as both LAN and WAN interfaces, enabling an integrated security approach to building a VPN in your infrastructure. No separate VPN devices are needed within your campus, intranet, Internet data center, or point of presence (POP). This feature provides hardware acceleration for both IPSec and GRE, comprehensive site-to-site IPSec, remote-access IPSec, and public key infrastructure (PKI). Cisco IOS Software supports secure, reliable transport of virtually any type of network traffic, including multiprotocol, multicast, and IP telephony across the IPSec VPN. Rich routing capabilities enable meshed and hierarchical network topologies. Routing over IPSec tunnels, DPD, HSRP+RRI, intrachassis and interchassis stateful failover for both IPSec and GRE provide superior VPN resiliency and high availability. Comprehensive systems for managing solutions from a single platform to hundreds or even thousands of platforms. Element management using the router Management Center and VPN monitor components of the CiscoWorks VPN/Security Management Solution. Comprehensive end-to-end VPN management of numerous platforms throughout your network using the Cisco IP Solution Center for service provider and large enterprise VPN, security, and quality-of-service. Table 2 Part Numbers and Ordering Information Cisco Part Number WS-SVC-IPSEC-1 WS-C6503-IPSEC-K9 WS-C6506-IPSEC-K9 WS-C6509-FW-VPN-K9 Description IPSec VPN Services Module for the Cisco Catalyst 6500 Series and Cisco 7600 Series Cisco Catalyst 6503 VPN system: Cisco Catalyst 6503 chassis, Cisco Catalyst 6500 Series Supervisor Engine 2 (512 MB memory), Multilayer Switch Feature Card (MSFC) 2, integrated dual gigabit interface converter (GBIC), VPN services module, and single AC power supply with one open slot for expansion Cisco Catalyst 6506 VPN system: Cisco Catalyst 6506 chassis, Cisco Catalyst 6500 Series Supervisor Engine 2 (512 MB memory), integrated dual GBIC, VPN services module, and single AC power supply with four open slots for expansion Cisco Catalyst 6509 Firewall and VPN security system: Cisco Catalyst 6509 chassis, Cisco Catalyst 6500 Series Supervisor Engine 720 (512 MB memory), integrated dual GBIC, firewall services module, VPN services module, and CiscoWorks VPN/Security Management Solution 2.2 Basic 5 user license. All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 2 of 5

TECHNICAL SUMMARY VPN Tunneling IPSec (RFC 2401-2411, 2451) Encryption Extended Services Processor (ESP), DES, and 3DES (RFC 2406, 2451) Authentication X.509 digital certificates (RSA signatures) Preshared keys Simple Certificate Enrollment Protocol RADIUS (RFC 2138) TACACS+ Challenge Handshake Authentication Protocol/Password Authentication Protocol (RFC 1994) Integrity Hashed Message Authentication Code with MD5 (HMAC-MD5) and with Secure Hash Algorithm-1 (HMAC-SHA-1) (RFC 2403-2404) Key Management Internet Key Exchange (RFC 2407-2409) IKE-XAUTH IKE-CFG-MODE Certificate Authority/PKI Support Entrust VeriSign Microsoft Netscape IPlanet Baltimore Technologies Resiliency and High Availability HSRP+RRI Intrachassis (blade to blade) Active/Active IPSec stateful failover Interchassis Active/Standby IPSec stateful failover DPD Dynamic Routing across IPSec (see Routing Protocols section) All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 3 of 5

Management Options CiscoWorks VMS and Router MC Cisco IP Solution Center (ISC) Secure command-line interface using Secure Shell (SSH) Protocol or Kerberized Telnet Routing Protocols Border Gateway Protocol Version 4 Routing Information Protocol (RIP) and RIP Version 2 (RIP2) Open Shortest Path First Protocol Enhanced Interior Gateway Routing Protocol (EIGRP) and IGRP Intermediate System-to-Intermediate System Embedded Interfaces None Supported Supervisor Engines Cisco Catalyst 6500 Series Supervisor Engine 2 with MSFC2 Cisco Catalyst 6500 Series Supervisor Engine 720 with policy feature card (PFC)-3A or PFC-3BXL Supported Modules and Interfaces LAN Interfaces Multiport Fast Ethernet Multiport Fast Ethernet with inline power Multiport Gigabit Ethernet WAN Interfaces FlexWAN and Enhanced FlexWAN Optical Services Module (OSM) and Enhanced OSM GE-WAN and Enhanced GE-WAN Single and dual-port T3/E3 Single and dual-port High-Speed Serial Interface Multiport T1/E1 Multichannel T1/T3/E3 OC-3 ATM single and multimode OC-3 packet over SONET (POS) single and multimode OC-12 ATM single and multimode OC-12 POS single and multimode OC-48 POS single mode OC-48 POS-Dynamic Packet Transport single mode All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 4 of 5

Additional Security and Network Services Modules in the Same Chassis Cisco Catalyst 6500 Series Firewall Services Module Cisco Catalyst 6500 Series Intrusion Detection Services Module 2 Cisco Catalyst 6500 Series Network Analysis Module (NAM-1 and NAM-2) Cisco Catalyst 6500 Series SSL Services Module Cisco Catalyst 6500 Series Content Switching Module Cisco Catalyst 6500 Series Multiprocessor WAN Application Module Cisco IOS Software Support (native Cisco IOS Software mode) Cisco IOS Software Release 12.2(17d)SXB (Cisco Catalyst 6500 Series Supervisor Engine 2 and Catalyst 6500 Series Supervisor Engine 720) Cisco IOS Software Release 12.2(17b)SXA (Cisco Catalyst 6500 Series Supervisor Engine 720 only) Cisco IOS Software Release 12.2(14)SY (Cisco Catalyst 6500 Series Supervisor Engine 2 only) Corporate Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA Tel: 408 526-7660 Fax: 408 527-0883 Asia Pacific Headquarters 168 Robinson Road #28-01 Capital Tower Singapore 068912 Tel: +65 6317 7777 Fax: +65 6317 7799 Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Web site at /go/offices Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand T urkey Ukraine United Kingdom United States V enezuela Vietnam Zimbabwe Copyright 2004 All rights reserved. Cisco, Cisco Systems, the Cisco Systems logo, Catalyst, and Cisco IOS are registered trademarks or trademarks of and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0402R) 203102_ETMG_WH_03.04

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information