[c-nsp] Link encryption and scalability kit etc

Nick Cutting ncutting at edgetg.com
Fri May 6 13:13:47 EDT 2016


Link encryption and scalability kit etc

We have many clients connecting back to our DC using mostly 3rd party L2 circuits.
There has been an increasing number of requests to encrypt these links - as they want to protect against the "possibly many" service providers that are in the transit path.

Management suggested firewalls (cisco only, no routed VPN's) - but I have two issues with this - no Routing protocols, and no VRF's on our Data Center end to terminate at a larger device.

I was think of little routers capable of encrypting 1 VTI tunnels @100 meg on the client side And ASR1k would fit the bill on the DC end - and maybe would suffice for 30 or so P2P's if it was connected back to our core at 10G, but these are too expensive for the MGT team.

What other technologies/products could I consider at either end, that are available in the enterprise space?

Any direction greatly appreciated,
Nick


More information about the cisco-nsp mailing list