Remote Access Project - Villanova University

Download Report

Transcript Remote Access Project - Villanova University 

Remote Access Project
An Analysis of Villanova University’s
Emerging Need For An Effective &
Secure Remote Access System
May 5, 2004
The Team
•
The Professors
•
Dr. Stephen Andriole
•
Dr. Robert Nydick
Domain Expert
•
Mr. Timothy Ay, CTO
AHP / Hierarchy
•
Richard Bean
•
Claudia Donohue
•
Amanda Reardon
•
Jennifer Spataro
•
Timothy Sylvester
Documentation
•
Lesley Maffetone
•
Nate Weyl
Alternative Team
•
Stephanie Alloway
•
Hillary Cole
•
Christopher Figuccio
•
Joseph Jablonski
•
Mark Mielke
Communication / Presentation
•
Richard Bean
•
Eugene Cacovean
•
Pamela Mauti
•
Mark Mielke
•
Timothy Sylvester
Criteria Team
•
Eric DiMario
•
Mike Konnykh
•
Matthew Lucas
•
John Zech
Objective
To Find a Secure, Reliable, Remote Access
Architecture System for the University
Topics To Be Covered
What is Remote Access?
Criteria & Benchmarking
Alternatives
The Results
Sensitivity Analysis
Off Campus Student
Body
Remote Access
Server Farm
Faculty and Staff
Vast Sources of
Information
Benefits
Provide National Networking Opportunities
Provide Broadband Networking Compatibility
Extended Geographic Connectivity
Reduce Operational Costs Versus Traditional
WAN
Improve Productivity
Reduce Transit Time and Transportation for
Remote Users
Topics To Be Covered
What is Remote Access?
Criteria & Benchmarking
Alternatives
The Results
Sensitivity Analysis
Criteria
Total Cost of Ownership
Security
Speed
Operational Efficiency
Compatibility
Maintenance/Support
Alternatives
Dedicated Remote Access Services (RAS)
VPN (Virtual Private Network)
Dedicated Server
Public Internet or Managed Networks
Software Designed to Provide Remote
Control of Desktop Computers and
Collaborative Applications
Enterprise Portal Access
Peer / Other Schools
Wake Forest University – EZproxy
Boston College - VPN
University of Arizona – VPN
University of Maryland – VPN
University of Richmond – Modem & VPN
Loyola College – Student I.D. Card
University of Delaware – Cable, DSL, & Dial-up
Bucknell University – Dial-up
Lehigh University – Dial-up
Reach Schools
Carnegie Mellon University – Virtual “Public”
Network Through IP Address Extension Service
Duke University – Roadrunner & Intrex.Net
University of Notre Dame – Windows Terminal
Service or VNC Products Used in Conjunction With
VPN, Stunnel, or SSH to Provide Encryption
California Institute of Technology – VPN
Stanford University – VPN
Dartmouth College – Dial-up
Georgetown University – Dial-up
MIT – iPass & Dial-up
University of Pennsylvania – Dial-up
Topics To Be Covered
What is Remote Access?
Criteria & Benchmarking
Alternatives
The Results
Sensitivity Analysis
Alternatives
Down-selection Filters
Industry Leading Companies
Unique Features
Features Necessary for Villanova
Vendor Viability
Vision of Products
Ability to Execute Vision
Ease of Implementation
Ability to Perform
And the Contestants Are …
In-Sourcing
Netscreen-SA 5000
Series
Cisco AS5400 Series
Universal Gateway
Microsoft Active
Directory
Out-Sourcing
iPass
GRIC
(I)
Cisco Systems
Cisco AS5400 Series Universal Gateway





Public Switched Telephone Network Signaling
Gateway Signaling
Access VPN
Network Managers for Internetwork Packet
Exchange (IPX) and Appletalk, While
Supporting the Migration to New Universal
Port Services
Industry Leader in Customer Support
(I)
Juniper Networks
NetScreen-SA 5000





Access Privilege Management Allows for Powerful
Authentication and Authorization Policies With No
Additional Software Deployments
Secure Remote Access, Partner/Customer Extranets,
and Intranets From One Platform
Little to No Client Deployment, Server Changes, or
Application Integration/Customization
Netscreen-SA Central Manager Eases Administration
Tasks
On-board Secure Socket Layer (SSL) Acceleration
(I)
Microsoft
Active Directory





Centrally Manages Windows Users, Clients, and
Servers Through a Single Consistent Management
Interface, Reducing Redundancy and Maintenance
Costs
Support for LDAP Over SSL for Secure Directory
Transactions for Extranet and E-commerce
Applications.
Microsoft Backward Compatible
In Windows 2000, There Are No Restrictions on
Security Groups That Span Domain Partitions. This
Means That Groups Can Be Managed Centrally
Easily Integrates With Current Architecture
(O)
iPass
iPass Corporate Access





Consolidates ISPs Into a Single Global Virtual
Network
Connect to the Internet by Dialing a Local
Telephone Number
Available in Standard Modem Dial-up
Higher Speed Wireless
iPassConnect™ Ensures Client Is Running
Appropriate Security Measures
(O)
GRIC
Complete Portfolio of Secure Remote
Access Solutions From a Single Source
Provides Single Easy to Use Management
Platform
Allows Access to a Complete Global
Network
“Total Security Protection” Is a Policybased, Seamless Security Barrier
Topics To Be Covered
What is Remote Access?
Criteria & Benchmarking
Alternatives
The Results
Sensitivity Analysis
The Results
Juniper (I) – 23.3%
Microsoft (I) – 21.3%
Cisco (I) – 18.7%
GRIC (O) – 18.5%
iPass (O) – 18.1%
Topics To Be Covered
What is Remote Access?
Criteria & Benchmarking
Alternatives
The Results
Sensitivity Analysis
Sensitivity Analysis
Total Cost of Ownership: 26% to 61.3%

GRIC(O)
Security: 25.6% to 2.9%

GRIC (O)
Speed: no change +/
Juniper (I) Remains #1
Operational Efficiency: 13.4% to 38.3%

Microsoft (I)
Compatibility: 9.5% to 24.4%

Microsoft (I)
Maintenance/Support: 6.8% to 70.4%

Microsoft (I)
QUESTIONS?