Why CITES is investigating the SSL VPN option
The first VPN option CITES provided to campus was manufactured by Cisco. The Cisco VPN required users to install client software and select the correct connection profile from a list, and users found it confusing and difficult to manage. Since then, Cisco has stopped providing support for that VPN system.
Next, CITES investigated a VPN system provided by Nortel. The Nortel system used the VPN tools built in to most modern operating systems, meaning that it wasn't necessary to install third-party software. However, the configuration process was complex enough that CITES provided configuration packages which looked like "client software" to end users. In addition, since the Nortel VPN used standard VPN ports, many coffeehouses and hotels and other travel locations were able to block the Nortel VPN connection easily. (Since the Cisco VPN used proprietary ports, it could connect from more places than the Nortel VPN could.)
Now CITES is testing a third option -- the Aventail SSL VPN system. The problems we hope to solve with this VPN include:
- Connection availability. Since the Aventail VPN connects using the SSL port (port 443), which is the same port used by secure websites, we hope that it will be able to connect from places that the Nortel VPN couldn't.
- Client software available for frequently used computers. For those who can install software on the computer they're using, the Aventail client will be a faster and easier connection method than the web interface. (The web interface is slow and sometimes unreliable, since it depends on Java, ActiveX, and other web technology that some people have disabled for web security purposes.)
- Interface choice. For those who can't install the client software, the web interface will provide a basic connection method available from most web browsers. Before this VPN's web interface, users who couldn't install or configure software couldn't connect to the VPN at all.
In order to be able to determine whether the Aventail VPN will work as a campus VPN solution, CITES needs to hear about your experience using the various VPN systems.
Please send your comments about your VPN experiences to: