SAFE-ty is a growing matter for Cisco

Installing a double dead-bolt on the front door of your home only to leave your backdoor secured with a flimsy chainlink is generally not the best way to keep your property safe. The same analogy goes for corporate headquarters and large branch offices securing their remote sites. The focus has often been on getting the latest and greatest in terms of security for the central site building, while teleworkers and small branch offices were left open and susceptible to virtual break-ins.

To ensure the same level of security at both large and small sites, Cisco Systems last month released two product enhancements under its SAFE security blueprint. Released last September, the SAFE Security blueprint is built on Cisco Architecture for Voice, Video and Integrated Data (AVVID), uses a modular approach to securing the enterprise network and offers guidelines for implementation of security solutions. Under the SAFE blueprint, Cisco last month announced the 806 Broadband Gateway Router for small offices and corporate teleworkers as well as the 1710 Security Access Router for addressing VPNs.

“A secure network does not rely on a certain component. It takes the overall infrastructure,” said Watson Poon, systems engineer, security specialist for Cisco Systems Canada in Toronto. “One weak point in your design would be an explosion. That is what we are trying to resolve (with the SAFE blueprint).”

Poon explained that the 806 Broadband Gateway Router is a cost-effective VPN gateway with a firewall feature set on a very small platform for small offices and teleworkers. The router offers one Ethernet WAN port and a four-port Ethernet hub for LAN connections and provides multi-user network access through Network Address Translation (NAT).

The 1710 Security Access Router is more powerful than the 806, Poon said and it offers VPN capabilities, a firewall feature set, one Ethernet WAN port, 10/100 fast Ethernet port for high-speed connection to the LAN, as well as additional routing capabilities. The dual-Ethernet design allows enterprise customers to deploy a standardized security access device across large numbers of geographically dispersed sites for use with broadband DSL or cable modems.

“When we launched the (SAFE) security blueprint, the design was geared to large enterprises,” Poon said. “We have a lot of network resilience built into the design. What I mean is dual devices everywhere – dual-Ethernet, dual firewalls, dual VPN routers. That is great for a large enterprise but for small and medium businesses, that would be too costly to implement. (This version) was designed so that someone with a limited budget won’t balk at implementing a secure network.”

In the security space, there is a lot of growth in connecting broadband-connected offices, telecommuters, and small offices, said Jeff Wilson, executive director of Infonetics Research Inc. in San Jose, Calif.

“Basically what it boils down to is that Cisco has got a pretty solid line of high-end security products for headquarters,” Wilson said. “What they needed to boost was what they had at the low-end. They were feeling a lot of pressure from their customers to offer some lower-end products. Cisco didn’t have a strong offering (in that space)…and it now takes the whole notion of security everywhere and really drives it down to the low-cost products for broadband connections.”

Wilson added that the two routers are best used in new sites where routers have not yet been in place. But, he said that customers looking to secure remote sites who already have routers in place may want to look at products to add on to the router instead of replacing it completely.

“That is a place where Cisco is still working – building low-end products to go along with sites that already have a router…but this (release) is great for new deployments and new sites,” he said.

The Cisco 806 Broadband Gateway Router lists at approximately $1,019, and the 1710 Security Access Router is available for approximately $2,975. Visit Cisco on the Web at