Asia's Source for Enterprise Network Knowledge

Friday, April 25th, 2014

Enterprise mobility infrastructure

Cisco AnyConnect sets the bar for secure mobility

Cisco has been a leader in remote access VPNs since 1999, and its latest release, the AnyConnect Secure Mobility Solution, combines web security with next-generation remote access technology to help organizations manage the security risks of borderless networks.

The solution, which is part of Cisco's Borderless Networks initiative, consists of three seamlessly integrated products: The AnyConnect Secure Mobility Client for secure connectivity; the Adaptive Security Appliance (ASA) firewall/VPN; and the Cisco IronPort S-series Web Security Appliance (WSA) for security policy enforcement. Customers aren't required to buy all three products, but you get better performance and better functionality if you do.

In a nutshell, AnyConnect Secure Mobility Solution is all about managed end-point client software that's always active, protecting enterprise users and enforcing security policy no matter where they are, on a multitude of devices and platforms.

And enterprise network managers will be especially pleased with features such as optimal gateway selection (which automatically picks the best gateway for a user based on network characteristics), end-point posture assessment and better performance over more diverse types of networks.

ASA firewall

Let’s start with Cisco's ASA, which combines VPN, firewall and optional antimalware and IPS capabilities. The ASA appliance is required for enterprises seeking the benefit of the AnyConnect client's full feature set. All ASA appliances have SSL VPN features, including reverse proxying (gatewaying Web applications at the application layer) and application tunneling (using encrypted tunnels to expose single applications through the VPN device).

AnyConnect client

The next key component is the AnyConnect Secure Mobility client. The AnyConnect client has the basic feature set that one would expect in a mature product: End-point security detection and control, simplified deployment and policy downloading directly from the VPN gateway, wide-ranging user authentication options, and remote user policy enforcement features.

Cisco offers the AnyConnect client as an installed package available for all Windows versions back to XP, Mac OS X 10.5 and 10.6, Intel-based Linux distributions with the 2.6 kernel, Apple iOS 4 (the iPhone and iPad operating system), and Windows Mobile versions 5 and 6.