RE: Home users with VPN connections

[John Brightwell <brightwell_151 () yahoo co uk>]

Not being a windows guru ... is it possible to take a
copy of the home user's PC config and use that to
derive a new 'corporate' boot disk.

I can see a world of pain in users having to bring in
their PC .... but bringing in a backup (or even the
current boot disk) may be possible.

With the info described above and with the big
assumption that a new boot disk can be so derived ...
can this be a CD (or even a DVD) there are a number of
linux flavours that can boot from CD but I haven't
come across a windows boot CD

But even if all of the above is possible ... rebooting
to connect to the office won't go down well.

this may be pie in the sky...

Has anyone produced a VPN client that runs from its
own sandbox.

i.e. it creates a mini encrypted filesystem that is
only readable by the VPN client and only applications
and data installed in that filesystem can use the VPN 

Of course, the VPN client would have to be quite
clever as it would have to emulate the OS for the
applications running within the sandbox (otherwise the
outlook running within the VPN client may get confused
by the outlook configuration files and registry
settings on home user's PC) I'm not sure what would
need to be done to facilitate things like printing
(possibly the VPN client acts as  a proxy and passes
the data to the spool queue)

The advantage of this solution is that the VPN client
can be generic. We (in the IT dept) don't need to know
what sort of connection is being used (ADSL, Cable,
ISDN) and we shouldn't need to get involved in the low
level drivers.
  
Of course, if this hasn't been done then we're
scuppered cos I sure can't do it :-)

> From: "Brent Woodard" <bwoodard () omniva com>
> Here's the big management headache on this solution:
>
> Is the enduser going to bring their workstation in so
you can build
> the software config?  You need to install whatever OS
you have with
> the appropriate hardware.  Are you going to be
responsible for
> maintaining drivers for 300 different PCs for 300
different users?
> This is a scenario not out of the realm of
possibility for a large
> company.

Hmm, that would be kind of nasty, but you should be
able to write an 
unattended install script for them, and just have them
slap in your HDD, put 
in the CD and boot.  Once it's done, they connect to
the corporate network 
and it auto-installs any other necessary software. 
Another thought would be 
to use something like Knoppix that has an entire OS
contained on the CD.

> And what about a boot manager? What are you going to
use there?

Don't use one.  Use removeable hard drives.

> Once you open the Pandora's box of supporting users
home
> workstations, you open the way for a whole set of
support nightmare
> headaches.  Bad business for an IS staff trying to
keep costs
> down....

If you have home users, you're already supporting
them.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates


__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com

-------------------------------------------------------------------
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfsbl1