Educause Security Discussion mailing list archives
Re: The VPN question
From: "Flynn, Gary - flynngn" <flynngn () JMU EDU>
Date: Tue, 5 Jul 2011 19:01:47 +0000
Do those of you who manage hundreds of roles manage memberships manually on the VPN or through directory lookups? If through directory lookups, were the directory attributes or groups pre-existing or did you create them for the VPN? -----Original Message----- From: Julian Y Koh <kohster () NORTHWESTERN EDU> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Tue, 5 Jul 2011 18:53:10 +0000 To: <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] The VPN question
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue Jul 5 13:46:54 2011 Central Time, Jay Graham <jwg+ () PITT EDU> wrote:Yes. I know this is a ton of roles to manage.Another thing to point out is that the Juniper UI makes it really easy to manage all of this stuff on the concentrator side. Now, keep in mind that we did our eval/comparison back in 2007, and the gap has likely closed somewhat between then and now, but back then Juniper was light years ahead of everyone else in terms of ease of management. In our eval, I had the thing up and running in under an hour, authenticating to our LDAP directory and assigning people to different roles based on LDAP attributes. The other boxes we tried took close to half a day each. - -- Julian Y. Koh <mailto:kohster () northwestern edu> Manager, Network Transport <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAk4TXZcACgkQDlQHnMkeAWPLiwCfWy4YWM8rhVbGj2SlOh4fAXeJ 6LIAnjku3r6DWX25pJPH9mBmzYrnFEu3 =kTm0 -----END PGP SIGNATURE-----
-- Gary Flynn Security Engineer James Madison University
Attachment:
smime.p7s
Description:
Current thread:
- Re: The VPN question Jay Graham (Jul 05)
- Re: The VPN question Julian Y Koh (Jul 05)
- Re: The VPN question Flynn, Gary - flynngn (Jul 05)
- Re: The VPN question Julian Y Koh (Jul 05)
- Re: The VPN question Flynn, Gary - flynngn (Jul 05)
- Re: The VPN question Julian Y Koh (Jul 05)