Cisco boxes up the remote office

Elegant, highly secure Cisco Virtual Office package aims to give remote workers that in-the-office experience

Telecommuting is on the rise in the U.S., according to a recent study by WorldatWork. That's good news for employees looking to reduce time wasted in the car and gas spent on fuel. It's also a boon for companies in terms of attracting and retaining talent, saving on real estate costs, and reducing their carbon footprint. One of the challenges, however, can be setting up employees with the technology resources they need not just to securely connect to the office network but with the office-caliber resources, including phone and application access, to do their jobs.

Cisco this week announced what I consider a promising solution to the problem, called Cisco Virtual Office (CVO). It's essentially a packages routing, switching, security, wireless, IP telephony, and policy control technology, aimed at providing employees with secure and reliable video, voice, data, and wireless service.

[ To learn more about the benefits of telecommuting, please read "Give telecommuting the green light." ]

Here's how it works: The employee receives a Cisco 881w Series Internet Services Router (ISR), along with a Cisco 7000-series IP phone. The phone plugs in to the back of the router. The ISR connects to the user's broadband connection. The employee's laptop connects to the ISR wirelessly. Beyond getting everything plugged in, nothing else is required of the worker (save for turning everything on), according to Fred Kost, director of security solutions, marketing, at Cisco.

The first time the ISR is online, it automatically "phones home" to the company network and downloads all necessary predefined configurations, both for router and phone, to ensure that the employee's systems are secure and set to work. Cisco calls this "zero-touch setup." The advantage here is it saves an employee from having to don an IT hat and attempt to set up his or her system, be it alone or with assistance from the help desk.

From then on, whenever the ISR is connected, the employee's system receives periodic security updates, patches, and any other maintenance it would receive if it were connected to the network in the office. Moreover, the employee doesn't need to launch a VPN each time he or she goes online; the system takes care of all the secure tunneling. He or she will simply be able to connect and have secure access to all the applications and services he or she would have when connected to the network at the office.

Among the ISR's functions, it has the smarts to identify traffic and determine which data has priority. For example, if you're on an IP phone call with a client while you're attempting to download a 10MB e-mail file, the system ensures you don't suffer any call degradation, something you can't necessarily expect if you've connected your IP phone straight to your ISP's Internet connection. (On a personal note, I must say that the call quality seems quite impressive, judging by the clarity of the call I had with Kost, who said he was using the CVO system from home and talking on a wireless VoIP phone).

Speaking of phones, one nuisance for telecommuters is not being able to easily migrate their office line into the home. Sure, you can forward calls from the office to your house, and you can use a dial-in number to retrieve your messages from the office. You can also set up a separate office phone number at home or a mobile phone, paid for by your company. But the easier solution is to have a reliable phone line at home that is effectively a double of your office line -- a phone that that rings when your office phone rings and offers all the same functionality. That's effectively what can happen with Cisco's CVO. It's designed to support the Cisco 7000 series of IP phones, but according to Kost, any SIP-enabled phone will work. Whether or not you get seamless integration that precisely replicates your office-phone experience, however, depends on your phone system.

In terms of portability, the router is a little larger than a laptop, meaning it can be taken on business trips to enable secure connections back to the company network.

On the back end, CVO requires a Cisco 7200 Series router, which serves as a converged platform for virtual private networking. It uses Cisco Dynamic Multipoint Virtual Private Networking (DMVPN), which secures the exchange of data between two locations. According to Cisco, it improves network performance and data delivery by offloading traffic demands from headquarters. In addition, the router supports SSL and L2TP over IPsec VPNs for robust all-around security.

According to Kost, the level of security provided by the system makes it a viable solution for organizations with extremely stringent security requirements, such as governmental and financial institutions. Although approaches using VPN tokens might not fly at those organizations, CVO does "because of way we implement security, persistently forcing [security polices] onto the router," Kost says.

Also on the back end, the CVO system includes management servers that push out the policies, identity, and configuration to the ISRs. Those include Cisco Configuration Engine for image distribution to as many as 10,000 Cisco ISRs; Cisco Security Manager for management of security policies; and Cisco Secure Access Control Server (ACS), which provides access policy control to meet regulatory and corporate compliance requirements, according to Cisco.

Kost says that Cisco is successfully using the CVO system for its own teleworkers: More than 12,000 workers are equipped with the system, and according to Kost, they're supported by just two full-time IT staffers. Among the benefits, Cisco says its workers are avoiding an average of 36.4 commuting miles per day and gaining an average of 2.75 "productive work hours per week from reduced commuting time." (It would be interesting to learn whether the company is enjoying cost savings on real-estate space through its telecommuting program the way Sun does.)

[ To find out how Sun and its employees have benefited from telework, please read "Sun, employees find big savings from Open Work telecommuting program." ]

All in all, I'm impressed by the package Cisco has put together to enable a secure, reliable telecommuting experience. Perhaps the InfoWorld Test Center will have an opportunity to give it a test-drive and see if it works as well as advertised. Oh, and pricing for the system is worth noting: $700 per seat, something to factor in to the potential cost-saving equation of telework.