1 / 12

CU-VPN Status

CU-VPN Status. Campus-wide VPN Service March 21, 2007. Overview. Provides VPN service for individuals remote to campus – provides encrypted session from the end user to the VPN concentrator Uses incumbent AAA backend services Roughly analogous to dial-up services. Service Scenarios.

shalin
Download Presentation

CU-VPN Status

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CU-VPN Status Campus-wide VPN Service March 21, 2007

  2. Overview • Provides VPN service for individuals remote to campus – provides encrypted session from the end user to the VPN concentrator • Uses incumbent AAA backend services • Roughly analogous to dial-up services

  3. Service Scenarios • Internet to campus private address space connectivity. • Encryption for traditionally non-ciphered applications (e.g. file service). • Additional access control to campus service.

  4. Scenario: campus private address space

  5. Scenario: campus private address space

  6. Scenario: campus private address space

  7. Scenario: encrypting non-encrypted services

  8. Initial Goals • Windows and OSX support. • Cisco VPN client software (IPSec). • Login with campus NetID. • Basic Login and Traffic accounting. • Network Quarantine support. • Dual, load-balancing servers. • On-campus testing through RedRover

  9. IPSec VPN Tunnels • IPSec requires Cisco VPN client. Native VPN clients not supported. • Split-tunnel routing. Tunnels campus-only traffic; all other remote traffic routes normally. • 3rd Party client required to insure split-tunneling, streamline support

  10. CU-VPN Pilot • Started December 2006 • Twelve participating departments • Responses positive, particularly where no remote-access solution in place • Wrap-up early-April for general availability

  11. Cisco VPN Client Screen

  12. Service Timeline • General availability mid-April • All members of the Cornell community have access • Phase 2 feature development to begin June 1

More Related