Wesley Alan Wright wrote:
> Maybe it would help if Lynne could reiterate why we chose Cisco, why we
> chose VPN, and maybe even answer Steve's questions (Does the VPN
> effectively help users ? Does the VPN help build out the wireless
> network and wireless applications ?)
The Cisco VPN solution was chosen prior to my arrival at Network
Services; however I believe Cisco was chosen for reliability, vendor
support, feature set, client support, and interoperability with other
A VPN solution was chosen for the following reasons:
- The VPN solution supports the widest range of both infrastructure
devices and clients.
- The authentication provided by the VPN lets us know who is using our
wireless network in addition to providing security for wireless.
- The VPN off-campus solution allows access to on-campus resources that
should only be accessible to UVM affiliates
- The VPN solution allows one solution for both on-campus wireless and
Other solutions have been developed over the past couple of years that
may eventually replace the VPN solution for wireless but we're certainly
not there yet. The replacement for WEP, WPA does have some potential,
however at this point it is not any simpler or easier than the VPN solution:
- WPA utlilizes 802.1X and EAP (Extensible Authentication Protocol).
Deploying 802.1X port access control requires support on all three
devices involved in the exchange: supplicant software on stations,
authenticator support in access point firmware, and an 802.1X-compatible
- All three devices must support the same versions of 802.1X and the
same authentication methods, and that's where 802.1X deployment gets
tricky. We would most likely have to replace our older Lucent APs on
the infrastructure side, and finding compatible supplicant software for
all our varied clients would be at best a challenge.
For all of the above reasons I would have to say that the VPN does
indeed both help users and build out the wireless network; without it we
would not be able to provide a secure wireless network or provide access
to certain UVM resources from off-campus.
It is interesting to note that Indiana University, recently named the
"Most Unwired College" in the country by Sperling's Best Places survey,
uses the exact same VPN solution that UVM does, for the exact same reasons.