Overview of Cisco VPN Software Client 3.x


In reality, we believe that Cisco Easy VPN is most likely going to be used with Cisco VPN Software Clients. The reason is that on most hardware platforms, you preconfigure the remote VPN device and simply ship it to the remote office. There will be no need to push policies to these hardware devices because you will have already configured the policies on the remote device. However, because you cannot configure a number of parameters that cannot be configured on a VPN Software Client, you will want to push your security policies to these clients .

The following sections discuss the 3.5 Client in more detail. However, it is important to remember that some features supported by the 3.5 Client are not supported by Easy VPN.

Features and Benefits

The Cisco VPN Software Client release 3.5 is compatible with Sun Solaris on Sparc systems, Linux on Intel systems, MAC OS X 10.1, and Windows. The supported Windows operating system versions are 95, 98, NT 4.0, ME, 2000, and XP. Another benefit of the 3.5 Client is that you can use it to create IPSec tunnels to IOS routers (IOS version 12.2(8)T and later), PIX Firewalls (version 6.0 and later), and Cisco VPN 3000 Concentrators (version 3.0 and later).

Specifications

Another good feature of the 3.5 Client is that it comes with an integrated firewall called the Cisco Integrated Client (CIC) firewall. The CIC firewall is actually a zone alarm firewall and is stateful in nature.

If you want to use digital certificates with the 3.5 Client, you have the option of doing manual certificate enrollment or using the SCEP. SCEP automates the process of requesting and installing certificates on the client.

The 3.5 Clients supports only ESP using DES or 3DES and SHA or MD5. Also, it supports D-H groups 1, 2 and 7. Because firewalls, NAT, and PAT can interfere with IPSec operations, the 3.5 Client supports IPSec over TCP and IPSec over UDP.

For token card support, only RSA SecurID is currently supported. However, if you want to use smart cards, you have more options. Activcard, Datakey, eAladdin, and Gemplus are the supported smart cards.



CCSP SECUR Exam Cram 2
CCSP SECUR Exam Cram 2 (642-501)
ISBN: B000MU86IQ
EAN: N/A
Year: 2003
Pages: 291
Authors: Raman Sud

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net