Users say new Cisco VPN device cuts network costs

While network administrators grapple with the complexities of managing the remote-user end of virtual private network (VPN) connections, pilot users of a new hardware product from Cisco Systems Inc. claim they have found a way to ease the effort and even lower the cost.

The new product, the Cisco VPN 3002 Hardware Client, was unveiled last week at Cisco’s Global Partner Summit in Las Vegas.

The device, which the company said is now available, connects to a cable or Digital Subscriber Line (DSL) modem at a remote office and communicates over the Internet through an encrypted tunnel linked to a Cisco VPN concentrator device at the user’s corporate data center.

The 3002 has VPN logic built in, including support for the IPSec protocol for encryption and authentication over the Internet. It’s a single hardware box that’s an alternative to software VPNs installed on PCs at remote sites, Cisco officials said.

John Mettey, a network administrator at TriHealth Inc., has been testing the 3002 to link physicians’ offices to the Cincinnati-based health care group’s data network that includes the Good Samaritan Hospital and the Bethesda North Hospital.

TriHealth’s remote users had previously been connected over frame relay. Although that option is secure, Mettey said, the service through a local telephone provider is costly: US$200 per month for each of the almost 100 physicians’ offices connected.

“The 3002 lets us plug in a box and run data over the public Internet using DSL or cable at a cost of $59 per month, per office,” Mettey said. And the devices can be centrally monitored and managed, which he said eliminates the need to send technicians to physicians’ offices to troubleshoot software-based VPNs or to set up new network policies.

Centralized management of the VPN devices was what convinced Elliot Zeltzer to test the product. Zeltzer is manager of telecommunications and data services at Gedas Inc. in Auburn Hills, Mich. Gedas is a systems integrator that’s dedicated to providing data communications for Volkswagen of America Inc., also based in Auburn Hills.

Zeltzer said that during the next year or two, he’ll be placing the Cisco VPN devices in approximately 950 VW offices and dealerships throughout the United States and Canada. He said it would permit LAN-to-LAN connections and replace a variety of remote connections being used, including some satellite links.

Joel Conover, a senior analyst at Giga Information Group Inc. in Cambridge, Mass., said the VPN 3002 is consistent with Cisco’s goal of creating VPN interoperability across a broad range of operating systems. According to Conover, while other manufacturers make hardware VPN clients, the Cisco unit is the first that allows users to configure VPN policies on such a device from a central location. He said that might be why Cisco is charging $995 for the device, which he considers “a little high.”

Yet Bob Brace, vice president of product and channel marketing at Espoo, Finland-based Nokia Corp., said his company’s CC 500, a $1,495 VPN hardware appliance, is similar in functionality to the Cisco device.

Brace said Nokia’s higher price is a function of a patented clustering feature that permits stringing multiple CC 500s together to ensure that the VPN stays up even if one of the appliances fails.

Cisco abandons optical router

Cisco disclosed last week that it will discontinue its ONS 15900 Wavelength Router, a product that routes network traffic by manipulating wavelengths of light. The technology was acquired through Cisco’s purchase of Richardson, Texas-based Monterey Networks Inc. in 1999.

Explaining the decision, Carl Russo, Cisco’s vice president of optical networking, said service providers weren’t willing to deploy the technology as quickly as Cisco had anticipated. Russo attributed the soft market for the product to a slowdown in capital spending by service providers.

A source at Cisco said that WorldCom Inc. and Fairfax, Va.-based metropolitan-area-network provider Cambrian Communications LLC had purchased the ONS 15900.

Worldcom officials weren’t immediately available for comment. Doug Butler, chief financial officer at Cambrian, downplayed the Cisco move.

“Their decision won’t affect our network deployment, and our relationship with Cisco remains solid,” Butler said. He declined to say whether his company would continue to use the ONS 15900.