Re: [Fed-Talk] VPN for Mac
Re: [Fed-Talk] VPN for Mac
- Subject: Re: [Fed-Talk] VPN for Mac
- From: David Poteet <email@hidden>
- Date: Wed, 16 Apr 2008 23:18:54 -0400
Bill,
I'm still confused... will RESCUE be required only with GFE or also
with personally-owned equipment?
On Apr 16, 2008, at 10:36 PM, William G. Cerniuk wrote:
It causes confusion but RESCUE is basically a VA IT branding of the
distribution of Cisco's Clean Access software inside the VA.. Clean
Access will communicate from the client to the Cisco Clean Access
server to vet the incoming system.
So Henry is on target. Clean Access, based on some programmable
characteristics will scan the host system based upon the request
from the server. It returns a thumbs up or down on the check. Thumbs
up means it passed and and our case, it verified that the Windows PC
seems to be a VA owned Windows PC. Then the Windows PC is let into
the VA network and any services promoted thru the VPN conection. If
it does not pass, "no soup for you!" and all the VA user will get is
access to a Citrix server.
As far as the Mac plan, the Cisco software "client" for Clean Access
runs on Mac but is not full featured like the Windows version..
Implementors must augment it with home brew code execution to
perform the Mac check.
Because a number of top VA Execs run Mac at the VA, It would be good
if the VA Mac execution is flawless prior to deployment. (!) Google
for Clean Access and Cisco and you will see it is not without its
issues in the Windows side.
V/R,
Wm. Cerniuk
Sent from my iPhone
On Apr 16, 2008, at 17:55, "Mensch, Henry" <email@hidden>
wrote:
RESCUE is a new VA thing which is a superset of VPN technology
along with
other containment technologies which ultimately ensure that no
sensitive
data ends up in the wrong hands.
Apparently there are two flavors of it: one for GFE and one for
OE. The GFE
stuff looks like VPN software along with other bits which enforce
various
requirements (like presence of an anti-malware tool, presence of
antivirus,
...). On the other hand, the OE tool (which I have not yet seen)
looks like
a self-contained environment from which you may neither export nor
import
data.
This is, afaik, not official policy yet, but it is on the way to
becoming
policy.
(and no, before you ask, I don't know what IRMS' plan for Macintosh
support
in this area will be. I expect that both the GFE and OE clients
will both
run in a virtual machine--I know that the One VA VPN works well
this way).
--
Henry Mensch / Storage Manager
Center for Imaging of Neurodegenerative Diseases
VA Medical Center, San Francisco CA USA
v: +1.415.221.4810 x2466 / f: +1.415.668.2864
e: email@hidden
w: http://www.cind.research.va.gov/
-----Original Message-----
From: fed-talk-bounces+henry.mensch=email@hidden
[mailto:fed-talk-bounces+henry.mensch=email@hidden] On
Behalf Of
Dave Schroeder
Sent: Wednesday, April 16, 2008 1:38 PM
To: Buxbaum, Laurence
Cc: email@hidden
Subject: Re: [Fed-Talk] VPN for Mac
On Apr 16, 2008, at 3:33 PM, Buxbaum, Laurence wrote:
The new VPN directive requires the use of RESCUE software. I assume
the
RESCUE software will not work on a Mac. Do we need Virtual PC (or
other
Windows emulation software)?
What is RESCUE? Whether you need Windows to run it depends on what it
is. If it is VPN software, I've never heard of it and didn't find it
in a brief Google search. Is it Windows-only? Instead of assuming,
why
not check? :-)
Also, Virtual PC is discontinued and only required for PowerPC-based
Macs. Windows no longer runs in emulation on Intel-based Macs.
- Dave
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden