Cisco Cisco VPN Services Adapter Brochure
Hardware Acceleration Elevates Cisco 7200
Series VPN Performance and Scalability
Series VPN Performance and Scalability
Computer data networks rely on IPsec VPN for data
security and regulatory compliance in all sectors.
Businesses, governments, and educational institutions
all expect optimum performance and scalability on a
cryptographic system that enables the network, instead
of requiring that the network conform to cryptographic
limitations.
security and regulatory compliance in all sectors.
Businesses, governments, and educational institutions
all expect optimum performance and scalability on a
cryptographic system that enables the network, instead
of requiring that the network conform to cryptographic
limitations.
Cisco
®
midrange routing platforms with the Cisco VPN
Services Adapter (VSA) or the Cisco VPN Acceleration
Module 2+ (VAM2+) deliver the performance and
scalability to address enterprise requirements, while
Cisco IOS
Module 2+ (VAM2+) deliver the performance and
scalability to address enterprise requirements, while
Cisco IOS
®
Software offers VPN topology options that
can answer most typical functional requirements. VPN
capabilities interoperate with other Cisco IOS Software-
based router features to provide industry-certified,
regulation-compliant security with the industry’s
broadest set of network infrastructure features and WAN
connectivity options.
capabilities interoperate with other Cisco IOS Software-
based router features to provide industry-certified,
regulation-compliant security with the industry’s
broadest set of network infrastructure features and WAN
connectivity options.
Security certifications: Common Criteria and FIPS 140-2
x
Ease of use: Cisco Router and Security Device
x
Manager (SDM) and Cisco Security Manager offer
simplified configuration
Feature interoperability: Multiple VPN options support
simplified configuration
Feature interoperability: Multiple VPN options support
x
multicast traffic, dynamic routing, and QoS
More information is available at
More information is available at
x
http://www.cisco.com/go/vpn
Cisco VSA and Cisco VAM2+ Comparison
Feature
NPE-G2/
VAM2+
NPE-G2/
VSA
Form Factor
Port adapter
I/O controller slot
Network Processing
Engine (NPE) Support
400, G1, G2
G2
IPsec Performance*
(Max/IMIX)
260 Mbps/200
Mbps
960 Mbps/830
Mbps
GRE/IPsec
Performance*
(Max/IMIX)
240 Mbps/140
Mbps
960 Mbps/630
Mbps
Scale
Up to 5000 IPsec
tunnels
Up to 5000 IPsec
tunnels
SADB Lookup
NPE-G1/NPE-G2
On-board TCAM
IPPCP (Compression)
Yes
No
IPsec High
Availability
Chassis 2 Chassis
Chassis 2 Chassis
IPsec+IPv6
Cisco IOS
Software Release
12.4(4)T
Future Cisco IOS
Software release
GET VPN
Yes
Yes
* Aggregate performance at 1000 tunnels
At-A-Glance
Cisco IPsec VPN Hardware for Cisco 7200 Series Routers
Secure Communications from Anywhere
Cisco IOS
Software
Software
C
isc
o S
ec
urit
y M
ARS
Cisco
Sec
uri
ty
M
an
ag
er
N
et
Fl
ow
C
isco SDM
IP
S
LA
P
ac
ke
t
NAC
Secu
re
N
FP
Filterin
g
Fle
xib
le
M
atc
hin
g
Voice
Fi
re
w
al
l
IPS
Web
VP
N
Cisco IPsec VPN Feature Set
Details
Site-to-Site IPsec
Standards-compliant IPsec offers multivendor interoperability
•
Addition of GRE introduces dynamic routing and multicast capabilities
•
Easy VPN
Offers remote-access connectivity for mobile users, telecommuters, and centrally
•
managed site-to-site connections using a PC/Mac/Linux-based software client and
hardware-device client
Centrally stored security policies are pushed to remote users
Centrally stored security policies are pushed to remote users
•
Integrates VPN traffic with QoS, high scalability, and performance through hardware-
•
assisted cryptography
Dynamic Multipoint VPN
(DMVPN)
Ideal for large-scale VPNs that require voice, multicast, and dynamic routing capabilities
•
Supports spoke-to-spoke on-demand connectivity for VPN deployments over public
•
networks
Integrates with dynamic routing to establish VPN connectivity
Integrates with dynamic routing to establish VPN connectivity
•
Group Encrypted Transport VPN
(GET VPN)
Provides full-mesh tunnelless encryption for large-scale routable network deployments
•
Offers any-to-any connectivity without the administrative, scale, or performance burdens
•
that are typically associated with full-mesh capability on large VPNs
Tunnelless VPN applies centrally managed encryption and QoS policies to answer
Tunnelless VPN applies centrally managed encryption and QoS policies to answer
•
traffic prioritization requirements