Cisco Blogs


Cisco Blog > Inside Cisco IT

How Cisco IT Delivers Teleworker Services

What does it actually take to enable the 89 percent of Cisco employees who do at least some of their work remotely? For Cisco IT, this challenge means supporting products and services on both sides of the connection: in the teleworker’s home (and on their mobile devices) and in the Cisco corporate network.

Cisco Teleworkers Solutions in Employee Homes

We currently support three solutions to meet the teleworking needs of our mobile and remote employees:

  • Cisco AnyConnect Secure Mobility Client: Installed on the employee’s laptop or mobile device, this software client provides a secure VPN connection to the Cisco network. It is available to any Cisco employee and we currently support 30,000 users.
  • Cisco OfficeExtend: This solution includes a wireless access point that secures connectivity for the employee’s laptop and Cisco Unified IP Phone 9971 over a home network while reducing congestion, wireless interference, and security risks from other devices. We use this solution primarily for contact center agents, contractors, and employees who don’t require the HD-quality video of Cisco TelePresence for their work.
  • Cisco Virtual Office: This solution uses a Cisco 881 Integrated Services Router in the home to connect an employee’s laptop and Cisco Unified IP Phone 9971 to the Cisco network over an encrypted VPN. It also delivers HD video for the Cisco Jabber Video for TelePresence client or a separate Cisco EX 90 personal video endpoint. Cisco Virtual Office is used by employees who telework extensively and we currently support over 26,000 users.

The diagram below shows how these solutions connect to the Cisco network via the employee’s residential broadband Internet access service.

Read More »

Tags: , , , , ,

Network World’s Top VPN Choice: Cisco ASA and AnyConnect

Network World recently completed a competitive review of the leading Virtual Private Networking (VPN) products and the Cisco® Adaptive Security Appliance (ASA) and AnyConnect™.  With a long history of providing market-leading remote access VPN capabilities and optimal usability, Cisco is honored to receive this recognition from Network World based on their hands-on product testing.  Read More »

Tags: , , , , ,

AnyConnect 3.0 for Android Product Announcement

Following up on my last note about BYOD at Cisco, I wanted to update you on the latest numbers here at Cisco. As Sheila Jordan had pointed out here, we have surpassed the 20% tablet penetration among our workforce and mobile devices continue to grow at a rate of 1,000 each month. I highly recommend you doing a quick read on her six steps of approaching device deluge. Meanwhile, the latest IDC report (Aug 8, 2012) reaffirms the 2-horse race in the smartphone world. Android and iOS powered 85% of all smartphones shipped in the second quarter of 2012 (2Q2012).

Maintaining our market leadership in supporting the broadest set of Operating Systems (desktop and mobile) and Web Browsers, Cisco Security is excited to announce the availability of AnyConnect 3.0 for Android (Download here). As in the past, we have worked with the market leading Android device makers along with supporting the Android VPN Framework (AVF) to ensure the latest AnyConnect functionality. These new features are now available on any Android device running on version 4.0 (Ice Cream Sandwich) or higher (including Jelly Bean).

SOME KEY FEATURES OF ANYCONNECT 3.0 FOR ANDROID:

  • Intel Android (IA): The Android VPN Framework (AVF) image is now compatible with x86 Intel Android devices.
  • IPsec IKEv2: AnyConnect users can connect via IPsec IKEv2 connections to their corporate Cisco ASA in addition to SSL (TLS or DTLS). (Requires ASA 9.0+)
  • Suite B Cryptography: AnyConnect users who need NSA’s recommended Suite B Cryptography will be now able to do so from their mobile devices. (Requires ASA 9.0 and AnyConnect Premium Licenses.)
  • Untrusted Certificate Warnings: Reduces Man-in-the-Middle attack risk by rejecting untrusted certificates by default and requiring end-users to acknowledge risks before connecting to a gateway with an untrusted certificate.
  • SCEP Proxy: AnyConnect users can enroll their mobile device with an internal Certificate Authority (CA) Server, using SCEP without opening up the CA Server directly to external threats. (To embed the identity of the mobile endpoint in the certificate request, Mobile Host Scan must be utilized, which is an AnyConnect Premium License feature).
  • FIPS 140-2 Compliant: AnyConnect users now have access to the latest FIPS 140-2 cryptographic compliant module to meet industry compliance/mandates.

Read More »

Tags: , , , , ,

Bring Your Own Margarita (I Mean Device) – Architectures, Design, and Operation

November 1, 2012 at 10:51 am PST

Mobility allows the expansion of Information Technology (IT) resources and application availability at anytime, anywhere, and in any possible way. Historically, many thought that “the movement” of bring your own device (BYOD) was simply a marketing tactic. However, BYOD is definitely a reality that has become crucial when trying to improve efficiency in the workplace.

Every single day a new mobile gadget is released to the market (for example, tablets, mobile phones, and many other mobile systems) and we all live in a connected world 24 hours a day 7 days a week. All these devices and social applications are introducing many security risks for enterprises and public sector organizations. These risks include threats of data theft, not only with very sophisticated attacks, but also with incidents as simple as just stealing mobile devices. Many of these devices can contain private and corporate information.

The question now is, how can we provide the benefits of  improving user productivity and flexibility without compromising network security? The Cisco AnyConnect Secure Mobility client and the Cisco ASA 5500 Adaptive Security Appliances allow users to connect to their corporate network from any device based on comprehensive secure access policies. The Cisco AnyConnect Secure Mobility Client can work in conjunction with the Cisco IronPort Web security appliances and provides integration with ScanSafe.

Read More »

Tags: , , , , , ,

New Cisco AnyConnect Secure Mobility Client 3.1

Following up on our Data Center launch on Sept. 12, there have been significant enhancements to Cisco AnyConnect Secure Mobility Solution, the industry recognized SSL/VPN solution. With a track record of leading the traditional VPN market, Cisco hit market milestones in the past with built-in features to the AnyConnect Secure Mobility Client, such as network access manager that offers administrators the ability to control which network end points are able to connect to and other built-in modules that enable web security either through the on-premises Cisco Web Security Appliance (WSA) or the cloud-based Cisco Cloud Web Security offering.

Now, with AnyConnect Secure Mobility Client 3.1, Cisco continues to help enterprise customers with their business transformation needs (ie-BYOD) securely.  As long as ‘consumerization of IT’ continues to gain inroads into the corporate network, IT professionals will seek investments in tools that will help support their attitude change from mandate to choice.  Having a mobile DNA has been a significant attribute for Cisco as AnyConnect continues to support one of the broadest OS (desktop and mobile) and browser portfolios in the market today.

Read More »

Tags: , , , , ,