White Paper Abstract:
This document summarizes that IPsec Virtual Private Networks (VPNs) are realizing their potential to offer a high performance, functional alternative to costly dial- and leased-line based WANs. Small VPN deployments are fairly easy to manage in terms of the generation and management of suitable encryption keys and identity information; however, it becomes more difficult to generate and track unique cryptography information as a VPN grows. Larger scale VPNs require a more scalable and secure infrastructure to ease deployment and management burdens. Public Key Infrastructure (PKI) responds to this requirement for scalability and security, but presents its own challenges of complexity and cost. The integrated Certificate Server in Cisco IOS® Software addresses such challenges with a simple, scalable, easy-to-manage certification authority, which is built into the same hardware supporting the IPsec VPN.