The Cisco® Managed Virtual Office solution provides secure, rich network services to workers at locations outside of the traditional corporate office, including teleworkers, full- and part-time home-office workers, mobile contractors, and executives. By providing extensible network services that include data, voice, video, and applications, the Managed Virtual Office effectively creates a comprehensive office environment for employees regardless of their location. As a result, teleworkers can access company information with a high degree of security. Cisco® integrated services routers package WAN connectivity, routing, security, wireless, IP telephony, and policy control technology into a centrally managed, business-grade product that provides highly secure video, voice, data, and wireless services.
Challenge
To be truly productive, teleworkers-whether working from home or on the go-require access to critical and sensitive business applications and data from private business networks. As millions of teleworkers become increasingly mobile and seek access to these business resources anywhere and at any time, sophisticated security to safeguard corporate assets is vital. The need for dependable security is even more critical when working at home, an airport, a hotel, a customer site, or even a coffee shop.
The teleworking solutions in the past have typically not been robust enough to handle communication and collaboration applications, have lacked the proper security controls to comply with corporate standards, or have not used unified communications or wireless technologies, making them far less useful. As depicted in Figure 1, businesses seek to provide secure workspace for teleworkers, but there are also other requirements. As many businesses embrace a going green initiative, reducing the carbon footprint is also very desirable, especially if cost efficiency is achieved. The final important requirement is that improving teleworkers' quality of life is a work benefit that businesses can offer to attract global talent.
Cisco has responded to the need for heightened security and access for remote workers with dependable solutions that provide security for teleworkers with identity management, firewall, VPN, intrusion prevention, and content encryption.
Figure 1. Business Requirements to Address with a Managed Virtual Office Solution
Solution
The Managed Virtual Office solution is a comprehensive set of products, technology, and services that provides secure, rich, and manageable network services to teleworkers and employees at remote locations:
• A remote-site presence: This customer premises equipment (CPE) includes a Cisco 800 Series Router and a Cisco Unified IP Phone 7965G, or a Cisco Unified Personal Communicator (soft-phone) to improve cost structure.
• A headend presence: This portion of the solution is responsible for remote-site aggregation; that can be hosted in a service provider data center or at the business's headquarters. It includes a VPN router to aggregate and terminate the secure, encrypted tunnels from each remote-site location. This infrastructure also supports other VPN technologies such as Secure Sockets Layer (SSL) and Layer 2 Tunneling Protocol (L2TP) over IP Security (IPsec) VPNs, effectively serving as a single point of convergence for multiple secure access technologies. The headend also includes centralized management software for policy, configuration, and identity controls.
• Deployment, monitoring, and maintenance: Cisco configuration engine-based zero-touch deployment (ZTD) for automated rollout where configurations of remote-site equipment are kept up-to-date and in compliance with corporate policies automatically[[NOTE: Please add verb.]]. There is no need to preconfigure the remote-site routers. When deployed, the router is programmed to automatically "call home" to the management servers at the headend to check for any relevant updates in configuration or software. These updates are then "pushed" securely to the devices without any need for human intervention on the remote site, enabling organizations to properly secure their remote worker environment while effectively delivering the applications and services necessary to keep the user base productive.
This technology is facilitated through the headend architecture, which includes a VPN aggregation point that is provided in the form of a Cisco VPN router (typically a Cisco 3800 Series Integrated Services Router, a Cisco 7200 Series Router, or a Cisco 7600 series router). This component also provides VPN convergence, terminating different VPN endpoints, devices, and technologies on a single device. In addition, the headend architecture includes Cisco Security Manager, the Cisco Secure Access Control Server (ACS), and the Cisco Configuration Engine. Together, these features incorporate the ability to define networkwide policy, use identity for authorization, and actively update configurations at remote sites through a zero-touch deployment model.
(See Figure 2.)
Figure 2. Teleworker Connecting with IPsec VPN to Managed Virtual Office, Fully Hosted by Service Provider
Cisco Virtual Office addresses the growing trend among midsized and large enterprises that have increasingly distributed workforces that need access to collaborative business applications and services outside of the corporate office. By providing extensible network services that include data, voice, video, and applications, Cisco Virtual Office effectively creates a comprehensive office environment for employees regardless of their location.
With applications such as secure voice, video, and wireless; secure IP multicast; and IP services such as quality of service (QoS), Network Address Translation (NAT), and split tunneling, Managed Virtual Office allows users to securely access:
• Unified communications
• IPTV
• Unified meeting solutions
• Dual-mode phones
The Managed Virtual Office solution for teleworkers offers:
• Zero-touch deployment and management
• Remote VPN access through the secure headend with a multilayer security device that integrates leading security and VPN technologies
• Layered secure identity with different layers of connections having secure authentication and encryption mechanisms
• Threat control features, including advanced firewall, IPS, content filtering, Cisco IOS® Software Flexible Packet Matching (FPM), Adaptive Control Technology (ACT), Transitory Messaging Services (TMS), and mitigation rules
With Managed Virtual Office, a service managed by either a company or a managed service provider, corporate and personal traffic can be accessed by teleworkers at home, with Cisco VPN split tunneling allowing spouses or other family members to access the Internet through a different, dedicated network segment. Then personal traffic is sent directly to the Internet, and the business traffic is securely routed to the corporate data center.
As depicted in Figure 3, offering a managed virtual office solution allows managed service providers to enable the green initiative, helping improve collaboration and productivity for the businesses. This really changes the relationship with the business, and the managed service provider can find itself in engaging with a C-type audience as a strategic advisor for the business.
Figure 3. Business Requirements Fully Addressed with a Managed Virtual Office Solution
Business Benefits
For teleworkers:
• Work schedule flexibility for better work-life balance
• Increased productivity and lower costs by reducing commuting hours, saving on gas and vehicle mileage, and insurance costs
• Improved collaboration capabilities while working on the go or from remote office or home office location
• When deployed at a home office, ability of spouses and children to access the Internet without introducing additional security risks to corporate policy
• Minimal setup and maintenance requirements through zero-touch deployment feature
For managed service providers:
• Extends real-time services such as voice, wireless, video, and data to remote locations without the need for IT staff
• Mitigates risks in split tunneling scenarios, permitting personal Internet access to be combined on the same device
• Simplified IT management and maintenance for greater consistency for policy configuration at the remote site
For businesses:
• Improved productivity for mobile employees and at remote locations
• Reduced operation costs
• Improved business resiliency with continuous, secure connectivity in the event of disasters, pandemics, or inclement weather
• Furthers Green business best practices
• Improves the opportunity to attract new talent
Why Cisco?
Cisco is dedicated to providing end-to-end flexible technology solutions that empower the mobile workforce with secure, office-caliber data, voice, video, and wireless. The Managed Virtual Office solution helps reduce commuting and IT costs and can significantly improve productivity.
Cisco is the most widely deployed remote access VPN solution for businesses worldwide, with more than 4 million Cisco integrated services routers, 1.5 million Cisco ASA 5500 Series, and Cisco PIX Firewall VPN gateways deployed.
