Guest

Cisco Security Modules for Routers and Switches

Cisco VPN Acceleration Module 2 Data Sheet

  • Viewing Options

  • PDF (47.7 KB)
  • Feedback
Data Sheet

The Cisco® VPN Acceleration Module 2 (VAM2) for Cisco 7200 Series routers provides high-performance encryption/
compression and key generation services for IP security (IPsec) VPN applications. The Cisco VAM2 features hardware acceleration for Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple DES (3DES), providing increased performance for site-to-site and remote-access IPsec VPN services. The Cisco VAM2 provides hardware-assisted Layer 3 compression services with its encryption services, conserving bandwidth and lowering network connection costs over secured links. A Cisco 7200 Series router equipped with the VAM2 extends beyond these critical VPN services with full Layer 3 routing, quality of service (QoS), multicast and multiprotocol traffic, and broad support of integrated LAN/WAN media. This combination of security features and advanced network services offers a flexible, integrated approach to accommodate the most diverse enterprise or service provider network environments.

Figure 1. VPN Acceleration Module 2

FEATURES AT A GLANCE

The Cisco VAM2 supports DES, 3DES, and AES IPsec encryption at up to 260 Mbps while maintaining support for 5000 simultaneous tunnels. For higher IPsec performance requirements, Cisco 7200 Series routers with the NPE-G1 processor support dual Cisco VAM2s for increased encryption throughput.
The Cisco VAM2 provides hardware-assisted IP Payload Compression Protocol (IPPCP) Lempel-Ziv-Stac (LZS) compression. In environments where bandwidthiscostly,theCiscoVAM2isable to compress network traffic before it is encrypted and sent over pay-per-byte WAN connections-saving transmission costs and improving overall throughput. Table 1 lists the features of the Cisco VAM2.

Table 1. Cisco VAM2 Features

Features

Description

Physical

Service adapter; installs in a single port-adapter slot on any Cisco 7200 Series router

Platform Support

Cisco 7200 Series with NPE G1, NPE-400, NPE-300, NPE-225, or NSE-1 processors

Throughput (Single VAM2*)

Up to 260 Mbps using 3DES

Number of IPsec Protected Tunnels**

Up to 5000 tunnels

Hardware-Based Encryption

Data protection: IPsec DES, 3DES, and AES Authentication***: RSA and Diffie-Hellman Data integrity: Secure Hash Algorithm 1 (SHA-1) and Message Digest 5 (MD5)

VPN Tunneling

IPsec tunnel mode; generic routing encapsulation (GRE) and Layer 2 Tunneling Protocol (L2TP) protected by IPsec

Hardware-Based Compression

Layer 3 IPPCP LZS

LAN/WAN Interface Selection

Works with most Cisco 7200 VXR-compatible port adapters

Minimum Cisco IOS ® Software Release Supported

Cisco IOS Software releases 12.3(1)M or 12.3(1)T

Standards Supported

IPsec/Internet Key Exchange (IKE): RFCs 2401-2411 and 2451 IPPCP: RFCs 2393 and 2395

* As measured with IPsec 3DES Hashed Message Authentication Code (HMAC)-SHA-1 on 1400-byte packets.
** 512 MB of memory is required to support 5000 tunnels.
*** 128-bit Advanced Encryption Standard (AES) in hardware and 192/256 bits in HSP software

ORDERING INFORMATION

Cisco VAM2 support is available beginning in Cisco IOS Software releases 12.3(1)M and 12.3.(1)T. Three Cisco 7200 Series VPN bundles, which include the VAM2 hardware accelerator and appropriate Cisco IOS Software release, are also available for easy ordering (Table 2).

Table 2. Ordering Information

Part Number

Description

SA-VAM2

VPN Acceleration Module 2 for the Cisco 7200 Series

7206VXRG1/2VPNK9

Cisco 7206VXR with the NPE-G1 processor and VAM2

7206VXR400/2VPNK9R

Cisco 7206VXR with the NPE-400 processor and VAM2

7206VXR225/2VPNK9

Cisco 7206VXR with the NPE-225 processor and VAM2

* All bundles include an SA-VAM2, a single AC power supply, and an IP IPsec Cisco IOS Software image.

EXPORT REGULATIONS

3DES software for the Cisco VAM2 is controlled by U.S. export regulations on encryption products. The module itself is not controlled. U.S. regulations require the recording of names and addresses of recipients of DES and 3DES software. For more information, visit: http://www.cisco.com/wwl/export/crypto/

ADDITIONAL INFORMATION

For more information about Cisco products, please contact your Cisco account manager and/or Cisco Channel Partner.
Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2006 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0601R)Printed in the USA	C78-347794-00   05/06 Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2006 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0601R)Printed in the USA	C78-347794-00   05/06