Re: VPN policies.

[Yandro Chavez Rubio <yandro.chavez () ITESM MX>]

Timothy,

What solution you are going to get for a SSL (web-based) VPN? Do you already
make the decision or are you in the process? What options do you have?

I would like to know about it, because we have the same problem as you and I
guess we can give a better service with the web-based solution.

Yandro

---
Yandro Chavez Rubio
Information Security Services Manager
Information Technology
Tecnologico de Monterrey
http://www.itesm.mx
--------------------------
The content of this data transmission must not be considered an offer,
proposal, understanding or agreement unless it is confirmed in a document
signed by a legal representative of ITESM. The content of this data
transmission is confidential and is intended to be delivered only to the
addressees. Therefore, it shall not be distributed and/or disclosed through
any means without the authorization of the original sender. If you are not
the addressee, you are forbidden from using it, either totally or partially,
for any purpose.


-----Original Message-----
From: Timothy J. fairlie [mailto:fairlie () RIDER EDU]
Sent: Friday, April 20, 2007 1:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] VPN policies.

At the moment, we provide a VPN client to those that need access from
home. It isn't fun...
Nobody wants to touch an employees home machine anyway, and in some
cases they may want/need client software in addition to the VPN client
to access a resource they need.
We  "encourage" these employees to get laptops, as the VPN is the only
software we'll provide for a home machine.

So even though we've had few problems, when they do come up it's a major
hassle.

This summer we will be moving to an SSL (web-based) VPN, hopefully that
will eliminate the need to provide client software at all.

T..

Timothy J. Fairlie
Director, Network and Communication Services
Rider University            fairlie () rider edu

Matthew Gracie wrote:

> Like most institutions, I'm sure, we're getting more and more requests
> from people who want access to on-campus resources from off-campus. Our
> VPN concentrator is more than up to the task, but right now, we're
> discussing the best set of policies to allow people access to work from
> home without compromising data.
>
> How are people handling this? Are users accessing VPNs with their
> personally owned machines at your institution? Are you mandating laptops
> for users who work from home? An entirely different computer that stays
> at the employee's house? Who pays for the Internet connection? What
> about other hardware (routers, APs, etc.) that they need? Is IT
> supplying computers for off-campus use, or is it the job of the department?
>
> Any and all input is appreciated.
>
> --Matt