IT Knowledge Exchange Community Update for 03/31/09 - ITKE Community Blog 
0 pts. | Mar 31 2009 2:37PM GMT
[...] Managing access to supplier/customer networks [...]
Q:
Managing access to supplier/customer networks
Our manufacturing company has a lot of customers which may require access to information on their network. Information may include engineering change orders, bills of materials, design documentation, etc. In some cases we can get access through a secured web portal (preferred). In other cases we may configure a network to network VPN tunnel where the traffic must initiate on our network and the tunnel carries only specified protocols. Occasionally we are asked to install a VPN client software (e.g. Nortel Contivity, Cisco) on our devices. Since we cannot control the protocols once the VPN client starts, we do not do this on clients connected to the company network. We are also concerned about split tunneling issues. We configure a kiosk machine with a dedicated link for this purpose. This can get overwhelming and is not an elegant solution.
What methods do other organizations use for peer connections? Do you connect to them or do you have a solution you have built for this purpose? If using a self-managed solution, what did you implement and what issues have you seen?
Thanks for your time.
What methods do other organizations use for peer connections? Do you connect to them or do you have a solution you have built for this purpose? If using a self-managed solution, what did you implement and what issues have you seen?
Thanks for your time.
ASKED:
Mar 27 2009 5:44 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
A:
RATE THIS ANSWER
0
Click to Vote:
0
Click to Vote:
- 0
0
But...
1. You could create a standard customer access DMZ segment separated from the corporate network by the firewall. That segment would include the virtual farm of Virtual machines used as jump off boxes. So you could have site-to-site tunnels terminating in that environment and manage the VPN clients on the VMs.
To gain access to that segment from corporate network users would RDP from their PCs to the VMs in the DMZ. It can be set up so that VMs are allocated to the new sessions on the rotational basis allocating next available VM for the new session.
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
