Educause Security Discussion mailing list archives

Re: SSL VPN

From: "F.M. Taylor" <fmtaylor () PURDUE EDU>
Date: Thu, 26 Feb 2009 14:54:20 -0500

For most non-secure access we (Purdue) have been using standard 
username/password authentication.  We have also coupled that with the cisco 
vpn client to allow users to mount shares and the like.  some of our groups 
have implemented TFA using usb eTokens, but currently we are in the process 
of moving all authentication, vpn and otherwise, to RSA SecurID TFA tokens.  
It is slow going with each functional group having its own set of groups and 
users that need to be standardized across the enterprise, but the initial 
testing has gone well and resistance is limited. Some of our groups are using 
OpenVPN as opposed to the cisco vpn product, both seem to work well and 
function as intended.

On Thursday 26 February 2009, Russ Leathe formed electrons in this pattern:

Gordon College uses two products.



1.)    Juniper SSL VPN - clientless

2.)    XYTHOS - document management system



With the FTC's Red Flag Rule these tools have become very useful.



russ



From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Wilber
Sent: Tuesday, February 24, 2009 10:57 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] SSL VPN



I was wondering what other colleges and universities are using to allow
Faculty, staff and students to connect remotely (from off campus) to
their group and home directories to access their personal files?



Mike Wilber * Technical Director * CISSP, MCSE, CCNP, CCDP * St. Clair
County Community College

CONFIDENTIALITY: This email (including any attachments) may contain
confidential, proprietary
and privileged information, and unauthorized disclosure or use is
prohibited. If you received
this email in error, please notify the sender and delete this email from
your system. Thank you.




-- 
......\\|//........^^^^^........)))((........%%%%%........,,,,,......
......(- -)........(o o)........(- o)........(0-0)........(* *)......     
+--ooO-(_)-Ooo--oo0-(_)-0oo--ooO-(_)-Ooo--oo0-(_)-0oo--ooO-(_)-Ooo--+
| F.M. (Mike) Taylor........'Recedite, plebes! Gero rem imperialem!'|
| 'Ecce potestas casei'..............GIAC GSEC & GCFW Certified.....|
| Desk: 765-494-1872.....................C: 765-409-8140............|
+-------------------------------------------------------------------+

Current thread:

SSL VPN Mike Wilber (Feb 24)
- <Possible follow-ups>
- Re: SSL VPN Greene, Chip (Feb 24)
- Re: SSL VPN Gary Flynn (Feb 24)
- Re: SSL VPN Russ Leathe (Feb 26)
- Re: SSL VPN F.M. Taylor (Feb 26)
- Re: SSL VPN Adam Richard (Feb 26)
- Re: SSL VPN Karen Stopford (Feb 27)
- Re: SSL VPN James R. Pardonek (Feb 27)
- Re: SSL VPN David Hale (Feb 27)
- Re: SSL VPN Mike Wiseman (Feb 27)