This white paper provides detailed design and implementation information relating to deployment of Cisco® Secure Services Client (SSC) with the Cisco Virtual Office. Please refer to the Cisco Virtual Office overview at http://www.cisco.com/go/cvo for further information about the solution, its architecture, and all of its components.
Cisco SSC and Cisco Virtual Office Integration
Cisco Virtual Office can be deployed with Cisco SSC for wireless and wired 802.1x networks. Cisco SSC provides a centralized management tool with digitally signed XML configuration files that enforce a specific authentication mechanism. With Cisco SSC's centralized management utility, changes in the Cisco Virtual Office security policy can be integrated with the old configuration and sent to all users at once. Cisco SSC lets the end user add hotspots and guest networks, and provides the flexibility of changing the configuration file through corporate windows update tools. Any new updates to the configuration file will not alter any user-defined networks.
Benefits of Using Cisco SSC For Cisco Virtual Office
• Centralized management tool allows administrators to manage all of a user's authentication methods to the corporate network.
• End users have the freedom to connect to hotspots, home networks, and other wireless networks.
• Configuration can be changed through corporate windows update tools.
Typically, corporate wired and wireless networks are deployed with 802.1x using Wi-Fi Protected Access (WPA)-Enterprise or WPA2-Enterprise with Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) or EAP-Protected EAP (EAP-PEAP). To improve security, a better option is to enable machine certificate validation and use Transport Layer Security (TLS). Cisco SSC also supports the use of certificates for both machine and user authentication.