I have 40 consultants on staff that are accessing an external db via a Web site while working within my network. I have a PIX FW and Nortel VPN. This method is allowed because our global address is permitted within the external firewall, which is CHECK POINT.
However once these consultant staff works externally from the office, access to the db via the Web site is denied.
Some of the consultant staff have dial-up, DSL, and cable modems. I would like the consultants to establish a direct access to the db site, but it's to many different IP addresses.
From an end user perspective the ideal experience would be for them to have access to my internal network as well as to their normal mail, which can be access through the web, intranet and whatever other network facilities that are required as part of their daily operational activity whether they are in the office or working remotely.
Is there a quick and clean suggested solution to this urgent matter?
Two possibilities suggest themselves to me:
First, if you have a Nortel VPN box already, why not use the Contivity client for your consultants? It takes some effort to set up and maintain, but should provide access to the same services remotely that you have locally.
Second, if all access is already through Web servers (mail, db, etc.), an SSL-based portal might be easy to deploy. Because it is SSL-based, it can be opened for direct external access. I would recommend using two-factor authentication (token or certificate) with either approach to ensure good security.
Dig Deeper on Network Administration
Related Q&A from Jack Keane
Our VPN expert answers the questions: What is the VPN Box? What is the relation between VPN Box and VPN module on the router? Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.