•
Who Will Access Your VPN? on page 15
•
Which Types of Resources Should Users Have Access To? on page 16
•
Security Administration on page 18
•
End Point Control on page 22
•
Putting It All Together: Using Realms and Communities on page 23
About Designing Your VPN
To effectively design your VPN, you must identify who will use it, what types of resources to make available, and
which access methods to provide to users so they can reach your network.
Topics:
•
Who Will Access Your VPN? on page 15
•
Which Types of Resources Should Users Have Access To? on page 16
•
How Will Users Access Your Resources? on page 16
Who Will Access Your VPN?
A key consideration in planning your VPN is identifying the users who need to access your network resources.
Your user community will have a major impact on how you design and administer your VPN.
Most VPN users generally fall into one of two major categories:
• Remote employees. When serving remote and mobile employees, you'll probably give them relatively
open access to enterprise resources. Of course, you can also define a more granular access policy for
specific resources that contain sensitive information (such as a payroll application).
Employee computer systems under IT control provide the flexibility to install client software—such as the
Connect Tunnel client—on the desktop.
• Business partners. Suppliers, vendors, contractors, and other partners generally have restricted access to
resources on your network. This requires you to administer more granular resource definitions and
access control rules than those typically used for a remote access VPN.
For example, instead of simply defining a domain resource and granting open access privileges, you'll
often need to define specific host resources and manage a more complex access policy. When defining a
Web resource you may also want to obscure its internal host name to maintain the privacy of your
network.
Because of the administrative and support issues associated with installing client software on computers
outside the control of your IT organization, a Web‐based access method is often best for business
partners.
Planning Your VPN
SonicWall SMA Connect Tunnel 12.0 Deployment Planning Guide
3
15
Planning Your VPN