Cisco Looks to Lock Down Remote Workers

By Sean Michael Kerner | Sep 10, 2008 | Print this Page
http://www.enterprisenetworkingplanet.com/news/article.php/3770681/Cisco-Looks-to-Lock-Down-Remote-Workers.htm

Remote workers are proliferating in organizations around the world. Yet how do you easily ensure that they are connecting seamlessly and securely to the enterprise infrastructure?

It's a question that networking juggernaut Cisco (NASDAQ: CSCO) believes it's already answered for more than 12,000 of its employees across 70 countries. After seeing success with a server, hardware and software bundle, it's now taking the same solution it uses internally and selling it under the name "Cisco Virtual Office" (CVO).

The CVO includes a router and VoIP phone that together sit in the remote office, along with a services router that's housed in the enterprise.

As remote workers become an increasing presence in businesses -- thanks to the cost savings, ease and environmental benefits of trends like telecommuting -- the setup is intended to help distant workers become seamless, secure extensions of the enterprise in ways that a traditional virtual private network (VPN) alone cannot provide.

"One of the things we've really gone after here is, 'How we solve the security problem?" Fred Kost, director of security solutions marketing at Cisco, told InternetNews.com, adding that one of the ways it seeks to address the issue is by simplifying setup.

"Maintaining the secure environment can be a challenge, expecting end users to configure it and maintain it," he said. "With this solution, we can really enforce a lot of the security beyond just the VPN and have a much more secure environment."

For one thing, Kost explained that the CVO solution is intended to be what he called a "zero-touch" deployment.

"When I plug the Cisco router into my broadband connection, it automatically connects to the Internet, and in my case, Cisco establishes a secure tunnel, downloads configuration information and basically builds a sustained VPN tunnel," he said. "The phone plugs in and also downloads configuration information, so all services are on the endpoint."

He added that with a traditional, off-the-shelf VPN approach to remote office worker connectivity, there are still configuration issues that could lead to insecurity.

The CVO's persistent connection differs from the classical VPN connection due to Cisco's long history in VPNs. Cisco has been a leader in the VPN market for years, and has been on a path toward making the technology simpler for users to deploy and use with its Cisco AnyConnect VPN client.

Since remote workers often are at home, the CVO solution also has extra port for existing home traffic. The solution creates a split tunnel, ensuring that the home traffic has its own separate access to the Internet and isn't "backhauled" across the corporate VPN.

Kost argued that by separating out the home network, risk to the enterprise is further reduced.

CVO is built on hardware solutions that Cisco already has in the market. Among them are the Cisco 800-series Internet Services Routers and the Cisco 7970G IP phone for the remote worker. At the head end, CVO relies on a Cisco 7200-series router for managing the remote connections. Then there is the software, which enables the policy management and access control to the network.

Kost noted that while the hardware was all available publicly before, the software and the integrated bundle are both new.

He also said the solution continues to be extensively field tested, with some thousands of Cisco workers already using CVO. It's proven so successful that Cisco also expects to expand that figure dramatically within the next two years.

"Our intention is to take it to 30,000 by 2010," Kost said. "So we will have 50 percent of our workforce enabled."

Article courtesy of InternetNews.com