45 lines
1.6 KiB
HTML
45 lines
1.6 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21">
|
|
<TITLE>Secure Boot CDs for VPN HOWTO: Features</TITLE>
|
|
<LINK HREF="Secure-BootCD-VPN-HOWTO-8.html" REL=next>
|
|
<LINK HREF="Secure-BootCD-VPN-HOWTO-6.html" REL=previous>
|
|
<LINK HREF="Secure-BootCD-VPN-HOWTO.html#toc7" REL=contents>
|
|
</HEAD>
|
|
<BODY>
|
|
<A HREF="Secure-BootCD-VPN-HOWTO-8.html">Next</A>
|
|
<A HREF="Secure-BootCD-VPN-HOWTO-6.html">Previous</A>
|
|
<A HREF="Secure-BootCD-VPN-HOWTO.html#toc7">Contents</A>
|
|
<HR>
|
|
<H2><A NAME="s7">7.</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc7">Features</A></H2>
|
|
|
|
<P>
|
|
<OL>
|
|
<LI>Ease of use for the end user:
|
|
<OL>
|
|
<LI>Put in CD</LI>
|
|
<LI>Boot machine</LI>
|
|
<LI>Type in private key password</LI>
|
|
<LI>Log into work desktop and work as usual</LI>
|
|
</OL>
|
|
</LI>
|
|
<LI>Ease of use for the administrator(s):
|
|
<OL>
|
|
<LI>Key generation is separate from use.</LI>
|
|
<LI>A user's access can be specifically revoked (without affecting their work desktop) using a single command.</LI>
|
|
<LI>All new users can be denied by shutting down the openVPN server process on the server.</LI>
|
|
<LI>All connections can be broken by shutting down the entire server; this will also deny future access until the server is brought back up and the end user reboots.</LI>
|
|
</OL>
|
|
</LI>
|
|
<LI>The CD build process can be automated for ease of creation.</LI>
|
|
<LI>The openVPN logs can be used to determine (or trace) nefarious or out-of-policy computer use.</LI>
|
|
</OL>
|
|
</P>
|
|
<HR>
|
|
<A HREF="Secure-BootCD-VPN-HOWTO-8.html">Next</A>
|
|
<A HREF="Secure-BootCD-VPN-HOWTO-6.html">Previous</A>
|
|
<A HREF="Secure-BootCD-VPN-HOWTO.html#toc7">Contents</A>
|
|
</BODY>
|
|
</HTML>
|