Cisco to add SSL networking to products

The company is expected to announce Monday that it will start shipping secure networking features based on Secure Sockets Layer, or SSL, encryption.

Robert Lemos
Robert Lemos Staff Writer, CNET News.com

Robert Lemos
covers viruses, worms and other security threats.

2 min read
Networking giant Cisco Systems will be the latest company to offer virtual private networking using the widespread browser encryption technology known as Secure Sockets Layer, or SSL.

The company confirmed that it plans to announce that it will offer an upgrade to the Cisco VPN 3000 Concentrator to add SSL network functionality.

Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

The news appeared in a release posted briefly to the company's Web site but has been removed. The WebVPN feature will be offered as part of the basic configuration for the concentrator, network hardware that acts as a central connection point for virtual private networks.

Traditional virtual private networks have used a technology known as Internet protocol security (IPSec) to secure telecommuter and remote-office connections to the main corporate network. That method requires that each telecommuter has specialized software installed on his or her PC. SSL-based VPNs can use the software already built into major Internet browsers and thus companies can forgo the administrative hassle of setting up every user with new software.

"We really see this as extending the remote access capabilities of our products," Scott Pope, manager of VPN technologies for Cisco, told CNET News.com. "It makes a lot of sense to have both built on the same box."

Pope sees the two types of secure access as addressing specific types of users.

"An IPSec user is a power user that stays connected for a long time, while the SSL user is the more occasional user," Pope said. "IPSec lets users work just like they were sitting on the (corporate network). SSL VPNs are a little bit different, as they are geared more toward users who want to access specific applications."

In addition to requiring no other software besides a modern Web browser, virtual private networks based on SSL can be accessed from a variety of operating systems, including Windows, the Mac OS and Linux.

Cisco is the latest networking company to add browser-based access to corporate VPNs as a feature in its products.

In October, security software company Symantec said it planned to buy secure network provider SafeWeb for $25 million for its SSL virtual private network (VPN) technology. The deal came after network security company NetScreen Technologies' announcement that it would shell out $265 million for Neoteris, a major provider of the same VPN technology.

Network security provider SafeNet also said in late October that it would buy Rainbow Technologies, which makes encryption hardware that enables SSL networks, a similar product to those Neoteris and SafeWeb sell.

Cisco users will be able to upgrade their devices with the next service pack available to subscribers of the company's maintenance plan.