Cisco touts variety of security routers for VPNs

Cisco is wheeling out new security routers for small offices this week that make it possible to network small and home offices into corporate VPNs.

SAN JOSE – Cisco is wheeling out new security routers for small offices this week that make it possible to network small and home offices into corporate VPNs.

Two low-end devices called the SOHO 91 and SOHO 97 routers are meant for telecommuter offices with dedicated Internet connections and support up to 300K bit/sec of Triple-DES encrypted VPN traffic. The devices include firewalls and four-port 10/100M bit/sec Ethernet switches. The SOHO 91 has an Ethernet WAN port, while the SOHO 97 has a built-in asymmetric DSL (ADSL) modem. Prices start at $350 and $450, respectively.

These fixed-configuration boxes are smaller than Cisco’s VPN 3002 hard client, which comes with an eight-port switch. They compete with SonicWall’s TELE3 gear, which costs about $500, and WatchGuard’s SOHO gear, which costs about $600.

For sites needing higher throughput, the Cisco 831 and 837 routers can include firewalls, VPNs and hardware to accelerate encryption and support voice, video and data. They are capable of 2M bit/sec Triple-DES encryption. Both boxes include four-port 10/100 Ethernet switches. The 831 has an Ethernet port to connect to WAN devices such as a DSL modem or DSU/CSU. The 837 has an built-in ADSL modem to directly connect to a DSL.

The 831 comes with hardware acceleration for encryption. An option to add other features – such as the ability to deliver quality of service for voice and video, intrusion detection and an Easy VPN feature that makes it simpler to set policies on individual devices – costs extra. The same software package is available for the 837, and it also turns on the hardware acceleration for encryption, which is turned off in the basic model. This package costs an extra $150 more than the base price of $800. The 831 costs $650. All are scheduled to be available this week.

These devices are part of a Cisco security announcement that includes hardware to speed VPN traffic on routers, a Secure Sockets Layer (SSL) acceleration appliance and upgrades to Cisco IOS software.

Two new accelerator cards can be added to Cisco 2691, 3660 and 3700 routers to improve VPN throughput and lighten the load on the routers’ CPUs. With throughput of 80M bit/sec, the EP II card handles Triple-DES and Advanced Encryption Standard encryption, and compression. The HP II has throughput of 90M bit/sec. The EP II costs $2,500, and the HP II costs $3,500. Both will be available next month with the release of IOS 12.2(14T).

The SSL appliance, called Secure Content Accelerator II, performs 800 SSL transactions per second and works with any switch, router or Layer 4 to 7 device. It costs $18,000 and will available this week.

IOS upgrades include failover between routers that support VPNs, so if one router dies or the connection breaks, a back-up router takes over without dropping sessions. The upgrade also includes dynamic multipoint meshing of VPNs, in which a hub router in a hub-and-spoke network sets up VPN tunnels on the fly as they are requested. That lets businesses set up VPN links just between the spoke sites and the hub, leaving the hub router to connect spokes to spokes as the need arises. This reduces the amount of VPN tunnel provisioning administrators have to perform.