Installing a double dead-bolt on the front door of your home only to leave your backdoor secured with a flimsy chainlink is generally not the best way to keep your property safe. The same analogy goes for corporate headquarters and large branch offices securing their remote sites. The focus has often been on getting the latest and greatest in terms of security for the central site building, while teleworkers and small branch offices were left open and susceptible to virtual break-ins.
To ensure the same level of security at both large and small sites, Cisco Systems last month released two product enhancements under its SAFE security blueprint. Released last September, the SAFE Security blueprint is built on Cisco Architecture for Voice, Video and Integrated Data (AVVID), uses a modular approach to securing the enterprise network and offers guidelines for implementation of security solutions. Under the SAFE blueprint, Cisco last month announced the 806 Broadband Gateway Router for small offices and corporate teleworkers as well as the 1710 Security Access Router for addressing VPNs.
"A secure network does not rely on a certain component. It takes the overall infrastructure," said Watson Poon, systems engineer, security specialist for Cisco Systems Canada in Toronto. "One weak point in your design would be an explosion. That is what we are trying to resolve (with the SAFE blueprint)."
Poon explained that the 806 Broadband Gateway Router is a cost-effective VPN gateway with a firewall feature set on a very small platform for small offices and teleworkers. The router offers one Ethernet WAN port and a four-port Ethernet hub for LAN connections and provides multi-user network access through Network Address Translation (NAT).
The 1710 Security Access Router is more powerful than the 806, Poon said and it offers VPN capabilities, a firewall feature set, one Ethernet WAN port, 10/100 fast Ethernet port for high-speed connection to the LAN, as well as additional routing capabilities. The dual-Ethernet design allows enterprise customers to deploy a standardized security access device across large numbers of geographically dispersed sites for use with broadband DSL or cable modems.
"When we launched the (SAFE) security blueprint, the design was geared to large enterprises," Poon said. "We have a lot of network resilience built into the design. What I mean is dual devices everywhere - dual-Ethernet, dual firewalls, dual VPN routers. That is great for a large enterprise but for small and medium businesses, that would be too costly to implement. (This version) was designed so that someone with a limited budget won't balk at implementing a secure network."