cisco security

While designing a LAN or WAN how different security protocols (encryption etc.) are configured? Are they built in CISCO device or separately added (using software/hardware)?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

For each device you can find what types of encryption or any other security options that device supports. Many network devices have hardware support for some types of encryption (like VPN cards). You can also add devices beside network infrastructure like RADIUS servers to centralize security.

For Cisco many devices have integrated hardware parts for encryption (software support exists I guess in all devices), but there are also add on cards for devices - like this one, that can be separately added (but you need to check what cards fit to specific device).

Some examples:
Onboard VPN Encryption Acceleration :
The Cisco 2800 Series supports IPSec Digital Encryption Standard (DES), Triple DES (3DES), Advanced Encryption Standard (AES) 128, AES 192, and AES 256 cryptology without consuming an AIM slot
Risk mitigation with multilevel security (Cisco 890 series):
●  Network perimeter security with integrated application inspection firewall
●  Data privacy through high-speed IP Security (IPsec) Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) encryption
●  Enforced security policy with intrusion prevention
●  Security hardware acceleration
●  FlexVPN
●  Next-generation encryption for secure network communications systems, reliable for the next decade
●  Cisco ISR Web Security with Cisco ScanSafe, designed to prevent zero-day malware from reaching corporate networks

But, also you should always check are security options that you need available on device you are planning to use. For example port access control list (PACL) are usually not there on ISR router's switching module ...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.