Managing access to supplier/customer networks

32960 pts.
Tags:
Client management
Remote access security
secure access
VPN
VPN security
VPN Tunnel
Our manufacturing company has a lot of customers which may require access to information on their network. Information may include engineering change orders, bills of materials, design documentation, etc. In some cases we can get access through a secured web portal (preferred). In other cases we may configure a network to network VPN tunnel where the traffic must initiate on our network and the tunnel carries only specified protocols. Occasionally we are asked to install a VPN client software (e.g. Nortel Contivity, Cisco) on our devices. Since we cannot control the protocols once the VPN client starts, we do not do this on clients connected to the company network. We are also concerned about split tunneling issues. We configure a kiosk machine with a dedicated link for this purpose. This can get overwhelming and is not an elegant solution. What methods do other organizations use for peer connections? Do you connect to them or do you have a solution you have built for this purpose? If using a self-managed solution, what did you implement and what issues have you seen? Thanks for your time.

Answer Wiki

Thanks. We'll let you know when a new response is added.

There are multiple ways of doing this. Usually, elegant solution does not exist.

But…

1. You could create a standard customer access DMZ segment separated from the corporate network by the firewall. That segment would include the virtual farm of Virtual machines used as jump off boxes. So you could have site-to-site tunnels terminating in that environment and manage the VPN clients on the VMs.

To gain access to that segment from corporate network users would RDP from their PCs to the VMs in the DMZ. It can be set up so that VMs are allocated to the new sessions on the rotational basis allocating next available VM for the new session.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Labnuke99
    [...] Managing access to supplier/customer networks [...]
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following