VPN Scaling Questions

Steve Brown sbrown at cw.net
Thu Sep 2 11:05:29 EDT 1999 

Hello,

     I was wondering if anyone has done any research/work in the scaling and
single sign on issues. I've currently worked on 3 VPN designs,1 20K, 1 30K+,
and 1 over 50K remote access VPN designs, but there are still problems in
these areas, and while customers want to use VPN technology, they cannot
afford the manpower to support the technology.

  1 - Scaling, customers have so many old legacy laptops, but in order to
allow them to use a remote access VPN, they need to upgrade, which many
organizations do not have the staff to do. I was wondering if some
combination of VPN software and compulsatory modes are the answer, so many
legacy application do not work on Win95,Win98, etc.

  2 - Single sign on, I know there has been some work, but a typical user
has to sign in to his/her ISP, sign on to the VPN device (hopefully using
some kind of authenticaion/authorization schemes, or by the use of digital
certificates, but that doesn't solve authorization, which may mean adding
LDAP servers, again it goes back to the companies support staff.

  It would better if we could provide seamless integration, instead of bits
and pieces of different technologies, both from a support standpoint and a
security standpoint

Thanks

Steven A. Brown, MBA., CCSA, CCSE,
VPN/Firewall & Internet Security Engineer
Cable&Wireless, 9000 Regency Parkway
Research Triangle Park, NC, 27511
sbrown at cw.net, Steven.Brown at cwusa.com
===================================
Author: Implementing Virtual Private Networks, McGraw-Hill
CoAuthor: CheckPoint Firewall-1, McGraw-Hill
http://www.itdiffusions.com

 "Only two things are infinite, the universe and
human stupidity, and I'm not sure about the former.

     -- Albert Einstein"



Steven A. Brown, MBA., CCSA, CCSE,
VPN/Firewall & Internet Security Engineer
Cable&Wireless, 9000 Regency Parkway
Research Triangle Park, NC, 27511
sbrown at cw.net, Steven.Brown at cwusa.com
===================================
Author: Implementing Virtual Private Networks, McGraw-Hill
CoAuthor: CheckPoint Firewall-1, McGraw-Hill
http://www.itdiffusions.com

 "Only two things are infinite, the universe and
human stupidity, and I'm not sure about the former.

     -- Albert Einstein"



****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com

The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/FAQ.html

We are currently experiencing "unsubscribe" difficulties.  If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com

****************************************************************

More information about the VPN mailing list