Table of Contents
Advertisement
Feature
Secure Connectivity Services
Cisco Easy VPN Server
and IPSec Remote-Access
Concentrator Services
Cisco VPN Client
WebVPN (SSL VPN)
Remote-Access
Concentrator Services
Remote-Access VPN
Clustering and Load
Balancing
Native Integration with
Popular User
Authentication Services
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Benefit
•
Provides market-leading IPSec remote-access VPN concentrator services for up to 5000 simultaneous remote
software- or hardware-based VPN clients (on Cisco ASA 5540 appliances with VPN Premium license)
•
Pushes VPN policy dynamically to Cisco Easy VPN Remote-enabled solutions (such as the Cisco VPN Client)
upon connection, eliminating the need to manage each client separately and therefore helping ensure
enforcement of the latest corporate VPN security policies
•
Performs VPN client security posture checks when a VPN connection attempt is received, including enforcing
usage of authorized host-based security products (such as the Cisco Security Agent)
•
Provides administrators precise control over the types of VPN clients (software client, router, Cisco VPN 3002,
®
and Cisco PIX
Security Appliance) that are allowed to connect based on type of client and version of VPN client
software
•
Supports automatic software updates of Cisco VPN clients and Cisco VPN 3002 hardware clients, with the ability
to trigger updates when VPN connections are established, or on demand for currently connected VPN clients
•
Extends VPN reach into environments using NAT or PAT, through support for the IETF UDP wrapper mechanism
for safe traversal through NAT and PAT boundaries as well as Cisco TCP and UDP NAT traversal methods
•
Allows administrators to require that all traffic from a remote VPN client be sent up to the Cisco ASA 5500 Series
appliance, allowing Internet-destined traffic from remote-access user VPN tunnels to leave through the same
interface it arrived at (after firewall rules, URL filtering policies, and other security checks have been optionally
applied)
•
Supports Lempel-Ziv Standard (LZS) compression for optimizing performance over low-bandwidth connections
•
Includes a free unlimited license for the highly acclaimed, industry-leading Cisco VPN Client
•
Available on wide range of platforms, including Microsoft Windows 98, ME, NT, 2000, and XP; Sun Solaris; Intel-
based Linux distributions; and Apple Macintosh OS X
•
Provides many innovative features, including dynamic security policy downloading from Cisco Easy VPN Server-
enabled products, automatic failover to back up Easy VPN Servers, administrator customizable distributions, and
more
•
Integrates with the award-winning Cisco Security Agent for comprehensive endpoint security
•
Provides SSL VPN-based remote-access connectivity from almost any Internet-enabled location, using only a
Web browser and its native SSL encryption
•
Gives remote users access to network resources from non-corporate-managed machines such as home PCs,
Internet kiosks, or wireless hotspots, without relying on preinstalled VPN client software
•
Supports up to 2500 simultaneous SSL VPN connections (on Cisco ASA 5540 appliances with VPN Premium
license)
•
Allows administrators to customize Web interface for remote-access users
•
Provides CIFS (Microsoft Windows) file share access through an easy-to-use Web interface
•
Enforces granular, group-based access control, limiting users to specific network resources
•
Provides access to TCP-based applications, such as Telnet and Windows Terminal Services, with the SSL-VPN
Port Forwarding Java applet (on systems running Sun Java Runtime Environment [JRE] 1.4 or later)
The WebVPN features in this software release are currently provided as a free trial, and future major
software releases will require the purchase and installation of a WebVPN feature license to use these and future
WebVPN features.
•
Supports improved IPSec and Cisco WebVPN remote-access scalability and reliability through integrated VPN
clustering and load-balancing services, with support to join Cisco VPN 3000 Series Concentrator clusters, or
create clusters based on the Cisco ASA 5500 Series
•
Provides convenient method for authenticating VPN users through native integration with popular authentication
services, including Microsoft Active Directory, Microsoft Windows Domains, Kerberos, LDAP, and RSA SecurID
(without requiring a separate RADIUS or TACACS+ server to act as an intermediary)
© 2005 Cisco Systems, Inc. All rights reserved.
Page 10 of 20
Advertisement
Table of Contents
