|
The VPN Accelerator Card (VAC) for the Cisco Secure PIX Firewall series provides high-performance, tunneling and encryption services suitable for site-to-site and remote access applications. This hardware-based VPN accelerator is optimized to handle the repetitive but voluminous mathematical functions required for IPsec. Offloading encryption functions to the card not only improves IPsec encryption processing, but also maintains high-end firewall performance. As an integral component of the Cisco virtual private network (VPN) solution, the VPN Accelerator Card provides platform scalability and security while working seamlessly with services necessary for successful VPN deployments?encryption, tunneling, and firewall.
High Performance
The VPN Accelerator Card, which fits in a PCI slot inside the PIX chassis, encrypts data using the 56-bit Data Encryption Standard (DES) or 168-bit 3DES algorithms at speeds up to 100 Mbps. A PIX equipped with a VAC supports as many as 2,000 encrypted tunnels for concurrent sessions with mobile users or other sites. In addition to encryption, the card handles a variety of other IPsec-related tasks?hashing, key exchange, and storage of security associations?which free the PIX main processor and memory to perform other perimeter security functions.
Encryption?DES and 3DES encryption are very CPU intensive, potentially impacting firewall performance in high-throughput configurations. The VAC makes it possible to send DES or 3DES encrypted data at high speed while still providing the full range of perimeter security services available from the Cisco Secure PIX Firewall.
Authentication?RSA and Diffie-Hellman are CPU-intensive protocols that are used when a new IPsec tunnel is established. RSA authenticates the remote device while Diffie-Hellman exchanges keys that will be used for DES or 3DES encryption. The VPN Accelerator Card implements these protocols in specialized hardware ensuring fast tunnel setup and high overall encryption throughput.
Tunneling?The PIX and VAC support IPsec tunneling protocol enabling high-performance, flexible network designs for both remote access and site-to-site VPNs. Site-to-site solutions can be designed with PIX or combinations of PIX with Cisco VPN appliances or VPN-enabled multi-service routers. Remote access solutions can utilize Cisco's VPN client or other 3rd party clients supporting the IPsec tunneling protocol.
Increased Security
The PIX VAC provides an extra level of security by segregating sensitive VPN information from standard system processing. Encryption, authentication, and key generation mechanisms are handled by onboard memory and processors. In addition, a hardware random number generator provides high quality input to crypto functions resulting in strong security while ensuring high throughput during process-intensive re-keying operations.
| All of our Cisco PIX-VPN-ACCEL's, used and preowned, are guaranteed to be in perfect working condition. All used, preowned, & refurbished Cisco PIX-VPN-ACCEL's, are put through rigorous tests and a refurbishment process. As such, we are able to offer a "Better Than New" one year warranty* on all used PIX-VPN-ACCEL's. Call (916) 784-3000 to determine availability. We are extremely interested in buying any excess networking equipment or Cisco PIX-VPN-ACCEL's, whether they new or used. Please keep T3 Systems, Inc. in mind for all of your networking requirements. Our professional sales staff will be pleased to provide a fair market value quotation. * End Users Only |
|
