Remote-User Design
This section discusses four options for providing remote users VPN connectivity to the headend sites within the SAFE design.
Remote connectivity applies to both mobile and home-office workers. The primary focus of these designs is to provide
connectivity from the remote site to the corporate headquarters and through some means, the Internet. The following four
options are available:
• Software access option—Remote user with a software VPN client and personal firewall software on the PC.
• Remote-site firewall option—Remote site protected with a dedicated firewall that provides firewalling and IPSec VPN
connectivity to corporate headquarters; WAN connectivity is provided via an ISP-provided broadband access device (that
is, DSL or cable modem).
• Hardware VPN client option—Remote site using a dedicated hardware VPN client that provides IPSec VPN connectivity
to corporate headquarters; WAN connectivity is provided via an ISP-provided broadband access device.
• Remote-site router option—Remote site using a router that provides both firewalling and IPSec VPN connectivity to
corporate headquarters. This router can either provide direct broadband access or go through and ISP-provided broadband
access device.
Each of these designs is discussed further in the design guidelines section below.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.