Within the SAFE SMR model, the remote-user network design consists of four possible module options:
Remote-site firewall
Remote-site router
VPN hardware client
Cisco VPN Client
Table 17-2 describes each of the preceding options.
Option | Description |
|---|---|
Remote-site firewall | The remote site is protected by a dedicated firewall, which is IPSec-VPN enabled. WAN connectivity is provided by a broadband access device supplied by an ISP. |
Remote-site router | The remote site uses a router that has both firewall and IPSec-VPN functionality. The router normally terminates the WAN connectivity, but it can also be used to terminate to an ISP-supplied broadband access device. |
VPN hardware client | The remote site uses a dedicated VPN hardware client that provides IPSec-VPN connectivity. WAN connectivity is provided by a broadband access device supplied by an ISP. |
Cisco VPN Client | A remote user uses a Cisco VPN Client and personal firewall software on a PC. |
The functionality of each of these four design options is discussed in subsequent sections of this chapter.