Table of Contents
Advertisement
Chapter 2
Deployment Considerations
•
•
•
Figure 2-7
There are two types of VPN access into a network:
•
•
Generally speaking, site-to-site VPNs can be viewed as a typical WAN connection
and are not usually configured to use AAA to secure the initial connection and are
likely to use the device-oriented IPSec tunneling protocol. Remote access VPNs,
however, are similar to classic remote connection technology (modem/ISDN) and
lend themselves to using the AAA model very effectively
78-16592-01
Security—VPNs provide the highest level of security using advanced
encryption and authentication protocols that protect data from unauthorized
access.
Scalability—VPNs allow corporations to use remote access infrastructure
within ISPs; therefore, corporations can add a large amount of capacity
without adding significant infrastructure.
Compatibility with Broadband Technology—VPNs allow mobile workers
and telecommuters to take advantage of high-speed, broadband connectivity,
such as DSL and cable, when gaining access to their corporate networks,
providing workers significant flexibility and efficiency.
Simple VPN Configuration
Network
Cisco Secure
Access Control Server
Site-to-Site VPNs—Extend the classic WAN by providing large-scale
encryption between multiple fixed sites such as remote offices and central
offices, over a public network, such as the Internet.
Remote Access VPNs—Permit secure, encrypted connections between
mobile or remote users and their corporate networks via a third-party
network, such as an ISP, via VPN client software.
User Guide for Cisco Secure ACS for Windows Server
Basic Deployment Factors for Cisco Secure ACS
VPN concentrator
WAN
Tunnel
(Figure
2-8).
2-13
Advertisement
Table of Contents
Troubleshooting
