Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to learn how Cisco Virtual Office Express provides an easier way to deploy and manage teleworker services with Cisco expert Pedro Leonardo. Pedro is the Cisco Virtual Office Security Solution manager in the access routing technology group (ARTG). Pedro's group focuses on providing router- and switch-based comprehensive solutions for teleworkers, mobile workers, small offices, branches, campuses, and service providers. Security is the basis of all solutions, on top of which are laid common applications and services including data, voice, video, telepresence, wireless, multicast, and more using the Zero Touch Deployment (ZTD) methodology. He joined Cisco in 2000. He holds a bachelor's degree in computer science and telecommunications, and a master's degree in information management from the University of Porto, Portugal.
Remember to use the rating system to let Pedro know if you have received an adequate response.
Pedro might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through April 10, 2009. Visit this forum often to view responses to your questions and the questions of other community members.
I would to know are there any docs in showing how to configure the sdp REGISTRAR and the virtual office management gateway .
Yes, we have documentation to show how the Secure Device Provisioning Registrar is configured.
Please take a look at this white paper:
From the end-user perspective, it depends on how long it takes the user to plug-in all the cables (meaning connecting the CVO router to the Internet modem/router).
After the cables are plugged-in, it takes less than a minute to have the box securely configured with VPN, Firewall, and PKI certificate, etc.
On the IT administrator side, the first time, it takes less than one hour to install the CVO Express head-end. After that, adding a users can take no time at all, or we can optionally add profiles on PKI-AAA for conditional access to the corporate site.
Yes, CVO Express has support for the Family (Spouse and Kids).
We configure 2 separate VLANs, one for corporate traffic and one for guest traffic.
Now the question is: how does a user/device gets apply to one VLAN or the other?
We have two ways: we can physically attached the two VLANs to separate switch port, two port per VLAN.
Or we can use 802.1x where we dynamically assign a VLAN to a port based on use device authentication.
For wireless, we can have two SSIDs, one for corporate and one for guest, and using two separate VLANs.
Yes, CVO Express supports zero-touch deployment and that is the deployment method that we recommend.
The Cisco routers can be shipped directly to the final location, with a factory (CVO configuration). The CVO default configuration only enables DHCP on the WAN port. So it is save to ship routes, because in case the fall in the wrong hands, the router will not have any company specif configuration.
The router only need to be order with the CVO option selected at the time that the order is place.