Cisco Cisco IOS Software Release 12.1(1c) Guide D’Information
Cisco Systems, Inc.
All contents are Copyright © 1992–2005 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 1 of 3
END-OF-LIFE NOTICE, NO. 1118
CET-CISCO ENCRYPTION TECHNOLOGY END-OF-LIFE ANNOUNCEMENT
OVERVIEW
This Product Bulletin announces the End-of-Life of Cisco
®
Encryption Technology (CET), the 40- and 56-bit Data Encryption Standard (DES)
network layer encryption available since Cisco IOS
®
Software Release 11.2. The last Cisco IOS images supporting CET will be Cisco IOS
Release 12.1 and certain 12.1 early deployment images. These releases will remain fully supported by the Technical Assistance Center (TAC)
for a minimum of two years from the date of this announcement or until End of SW Maintenance Support of Cisco IOS Release 12.1. CET will
be removed effective the next major Cisco IOS mainline and early deployment release (subsequent to Cisco IOS Release 12.1). In addition, all
existing 12.0 and earlier Cisco IOS images with CET will continue to be available for customers already using the feature.
CET appears in images with the following naming conventions:
56, e.g., ENTERPRISE PLUS 56
40, e.g., ENTERPRISE PLUS 40
IPSec 56, e.g., ENTERPRISE PLUS IPSec 56
IPSec 3DES, e.g., ENTERPRISE PLUS IPSec 3DES
Customers who wish to add network layer encryption in the future should deploy the Internet Engineering Task Force (IETF) standard IPSec
(IP Security) instead of CET. While specific CET images will no longer be available in release 12.1, CET will continue to be included as part of
the IPSec images. This enables a smooth migration for customers using CET to move to the standards-based IPSec with a simple software
configuration change. Cisco IOS IPSec images are identified by “IPSec” in the image description and by “56i” or “k” in the image name.
Current CET customers can switch to IPSec at no additional software charge by moving to these images.
WHY WE ARE MAKING THIS ANNOUNCEMENT
Cisco has been offering CET in Cisco IOS images for several years to provide early deployment of network layer encryption. CET was
introduced to address this need while there was not a standards-based alternative for encryption functionality. In light of the increasing
popularity of the IPSec standards (available since Cisco IOS Release 11.3T), Cisco has decided to End-of-Life the proprietary CET feature in
favor of the standards-based IPSec.
CUSTOMER TRANSITION
Customers deploying encryption solutions for the first time should deploy an IPSec solution. Existing CET customers should move to IPSec if
they require new Cisco IOS features that appear in 12.1 and later images.
Transition steps include:
1. Select the new IPSec-based image from Cisco Connection Online (CCO), and review the Flash and DRAM requirements for this image.
2. Changes will be required to the CET-based configuration.
–
Add Internet Key Exchange (IKE) policy
–
Create new IPSec transform policies