Guest

Cisco Secure Services Client

Cisco Secure Services Client Version 5.1

  • Viewing Options

  • PDF (106.2 KB)
  • Feedback

PB421396

This bulletin describes Cisco® Secure Services Client Version 5.1 for Windows Vista, a new release containing the features listed in Table 2.

New Features

Version 5.1 of the Cisco Secure Services Client (SSC) for Windows Vista includes the following new features.

Integrated Cisco IPSec VPN

The SSC can now be configured to automatically start the Cisco IPSec VPN. This improves the end user experience by initiating the VPN application automatically upon establishment of a success network connection without additional user intervention. The feature is accessible by the end user via the GUI (Figure 1), or the IT administrator can select this option in the XML file for enterprisewide deployment. Note that using the integrated Cisco IPSec VPN feature requires that the end station have version 5.0.03.0560 of the IPSec VPN preinstalled.

Figure 1. The Automatic VPN Connection Setting

Secure Services Client Feature Highlights

Here are some highlights of SSC features.

Graphical User Interface

The Cisco Secure Services Client graphical user interface provides a convenient "two-click connect" to office, home, and public wired and wireless networks. This allows end users to connect to the network more easily and eliminates the security concerns of connecting to an open (public) wireless network. End users no longer have to worry about overriding the office profile, while IT administrators are assured that the corporate policies will remain intact.
The user interface provides a comprehensive range of features and is accessible by right-clicking the taskbar icon or using the desktop icon. End users can view the connection status indicator for network name, strength, connection status, and IP address.

Enterprise Client Deployment

The Cisco Secure Services Client enables large-scale enterprise deployment through the use of a single XML configuration file. The deployment file is set up by the IT administrator using any standard XML editor or the Cisco-supplied management utility, a wizard that steps the IT administrator through the policy and configuration settings for users, devices, VPNs, and networks.
The XML configuration file contains:

• Policy restrictions

• Network profiles

• Users file

• Static Wired Equivalent Privacy (WEP) keys

• Wi-Fi Protected Access-Pre-Shared Keys (WPA-PSK)

• Trusted server validation rules

• Product license

• Integrated VPN policy and configuration settings

Automatic generation of configuration files is enabled by running scripts that configure the XML file elements according to the enterprise policy.
IT staff can use the Cisco-supplied management utility to create an .msi file containing the .exe and the .xml, which can be deployed using standard deployment tools, including Microsoft Active Directory group policy objects (GPOs), Microsoft SMS, and Altiris.

Filtering Unwanted Service Set Identifiers (SSIDs)

The ability to filter unwanted SSID networks also gives IT administrators more control.This feature is useful in an environment where there are multiple wireless networks.

No Wireless When Wired

The SSC helps maintain corporate security policy by not allowing two active network connections. This security feature helps prevent bridging wireless and wired networks, which can compromise network security.

Upgrade Paths and Trial Versions

Cisco Secure Services Client 5.1 for Windows Vista is the first version for the Windows Vista platform. To download a trial version of Version 5.1 for Windows, visit: http://www.cisco.com/en/US/products/ps7034/index.html.
Table 1 lists the trial versions that are available for the Cisco Secure Services Client.

Table 1. Trial Versions for Cisco Secure Services Client

License

Description

90-day trial license

A 90-day trial license is available for the full wired and wireless feature set of the Cisco Secure Services Client. Upon completion of the 90-day period, a valid license key must be purchased. The 90-day trial license key is posted in the download section of the site. This license key must be entered through the activation screen of the client.

Nonexpiring wired-only license

A nonexpiring license is available for the client with a limited feature set. (See the "New Features" section for more information.) This is the default license that comes in the download; it does not require a purchase.

Nonexpiring wired and wireless license

A nonexpiring license for the full feature set must be purchased using the Cisco standard ordering procedure.

Wired and Wireless Versus Wired-Only Feature Comparison

Table 2 provides a comparison between the features available in the fully licensed wired and wireless Cisco Secure Services Client and the basic feature set available with the wired-only nonexpiring license. Note: Support for Novell networks is not included in Version 5.1.

Table 2. Wired and Wireless Versus Wired-Only Feature Set Comparison

Features

Wired-Only License

Wired/Wireless License

Wi-Fi device compatibility

No

Yes

Support for all Wi-Fi encryption modes: WEP, Wi-Fi Protected Access-personal mode (WPA-personal mode), WPA2-personal mode, WPA-enterprise mode, WPA2-enterprise mode, Dynamic WEP (802.1X), Advanced Encryption Standard (AES), Temporal Key Integrity Protocol (TKIP)

No

Yes

Protection of user privacy with Extensible Authentication Protocol (EAP) "anonymous" access

No

Yes

Cisco Secure Access Control Server (ACS) compatibility

Yes

Yes

Centrally deploys Microsoft Active Directory machine or user group policies

Yes

Yes

Enables automatic configuration of VLANs

Yes

Yes

Windows single sign-on (SSO)

Yes

Yes

Interactive user passwords or Windows passwords

Yes

Yes

RSA SecureID tokens

Yes

Yes

One-time password (OTP) tokens

Yes

Yes

X.509 certificates

Yes

Yes

EAP Methods

EAP-Flexible Authentication via Secure Tunneling (FAST) (includes EAP-MSCHAPv2, EAP-GTC, and EAP-TLS)

Yes

Yes

Protected Extensible Authentication Protocol (PEAP) (includes EAP-MSCHAPv2 and EAP-GTC)

No

Yes

Cisco LEAP

No

Yes

Media Support

Wi-Fi 802.11a, 802.11b, 802.11g, 802.11n

No

Yes

Wired Ethernet 802.3

Yes

Yes

Microsoft Internet Authentication Service compatibility

Yes

Yes

Microsoft Active Directory and user authentication

Yes

Yes

Ordering Information

To place an order, you enter the product ID AIR-SSC-VISTA with a quantity of 1 into the form on standard Cisco ordering page. Then you select the option tier appropriate for the number of licenses required. For example, if you need 200 licenses, you should check the option AIR-SSC-VISTA-L1 and enter the quantity 200 in the Quantity field of the option.
Table 3 lists ordering information for Cisco Secure Services Client Version 5.1.

Table 3. Ordering Information for Cisco Secure Services Client 5.1

Part Number

Status

Description

AIR-SSC-VISTA

NONORD

Software Client 5.1 for Windows Vista for wired/wireless devices

AIR-SSC-VISTA-L1

ENABLE-OPT

Specified seat count up to 250

AIR-SSC-VISTA-L2

ENABLE-OPT

Specified seat count in range 251-1000

AIR-SSC-VISTA-L3

ENABLE-OPT

Specified seat count in range 1001-2500

AIR-SSC-VISTA-L4

ENABLE-OPT

Specified seat count in range 2501-5000

AIR-SSC-VISTA-L5

ENABLE-OPT

Specified seat count in range 5001-10,000

AIR-SSC-VISTA-L6

ENABLE-OPT

Specified seat count in range 10,001-25,000

AIR-SSC-VISTA-L7

ENABLE-OPT

Specified seat count in range 25,001-50,000

AIR-SSC-VISTA-L8

ENABLE-OPT

Specified seat count in range 50,001-100,000

For More Information

For more information about the Cisco Secure Services Client, visit http://www.cisco.com/en/US/products/ps7034/index.html or contact your local account representative.
For more information about the Cisco Unified Wireless Network framework, visit: http://www.cisco.com/go/unifiedwireless
For more information about the Cisco Wireless LAN Security Solution for large enterprises, visit: http://www.cisco.com/en/US/netsol/ns340/ns394/ns348/ns386/networking_solutions_package.html
For more information about the Cisco Self-Defending Network, visit: http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns413/networking_solutions_package.html
For more information about Network Admission Control, visit: http://www.cisco.com/en/US/netsol/ns466/networking_solutions_package.html
For more information about the Cisco Secure Access Control Server for Windows, visit: http://www.cisco.com/en/US/products/sw/secursw/ps2086/index.html
For more information about Cisco Wireless LAN Services, visit: http://www.cisco.com/go/wirelesslanservices