Security Basics mailing list archives

RE: Home users with VPN connections

From: "Brent Woodard" <bwoodard () omniva com>
Date: Thu, 20 Mar 2003 11:01:03 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here's the big management headache on this solution:

Is the enduser going to bring their workstation in so you can build
the software config?  You need to install whatever OS you have with
the appropriate hardware.  Are you going to be responsible for
maintaining drivers for 300 different PCs for 300 different users? 
This is a scenario not out of the realm of possibility for a large
company.

And what about a boot manager? What are you going to use there?

Once you open the Pandora's box of supporting users home
workstations, you open the way for a whole set of support nightmare
headaches.  Bad business for an IS staff trying to keep costs
down....

- -----Original Message-----
From: Chris Berry [mailto:compjma () hotmail com]
Sent: Wednesday, March 19, 2003 10:35 AM
To: security-basics () securityfocus com
Subject: Re: Home users with VPN connections

From: "James Lee Gromoll" <jgromoll () hotmail com>
 If you are going to have home users VPN'd to your net, then the
easiest  
and cleanest way to do that is to set up the home machine with a
removable  HD bay. Provide a 'company' drive and let the home user
provide his own for  home use. Set his 'company' drive up how you
like, lock down the OS and  give him the normal user access he would
have at a company workstation.  This is about $100 per workstation.


I think that's probably the best solution I've heard to that problem.
 
Simple, cheap, and effective, I like it.  The user will grumble about
having 
to reboot to access company resources, but that's acceptable. 
Question 
though, how are you going to handle it if they have a complicated
home 
setup, or if they change their internet connection?

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"The packets involved in the transmission of this email were manually
inspected by: Bob Smith, stateful packet inspector #23."

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPnoP8E+kMbCp9bmREQLflgCfdxTUvoGCroUt3qXrksLPi2XqJMoAniOq
wkKZP3PUosEKi9cGVo4oSkr1
=0Dr/
-----END PGP SIGNATURE-----

Current thread:

Home users with VPN connections Jonathan Grotegut (Mar 13)
- Re: Home users with VPN connections Gene Yoo (Mar 17)
- Re: Home users with VPN connections Pierre A. Cadieux (Mar 17)
- Re: Home users with VPN connections David M. Fetter (Mar 17)
- Re: Home users with VPN connections lassal (Mar 17)
- Re: Home users with VPN connections camthompson (Mar 17)
- <Possible follow-ups>
- Re: Home users with VPN connections ladhanikarim (Mar 17)
- Re: Home users with VPN connections James Lee Gromoll (Mar 19)
- Re: Home users with VPN connections Chris Berry (Mar 20)
- RE: Home users with VPN connections Brent Woodard (Mar 21)
  - RE: Home users with VPN connections Mike Dresser (Mar 25)
    - RE: Home users with VPN connections Kevin Saenz (Mar 26)
- RE: Home users with VPN connections Chris Berry (Mar 24)
- RE: Home users with VPN connections John Brightwell (Mar 25)