Our project was potentially very broad in scope. Any aspect of securely accessing a network from "outside" was acceptable to our client. We finally narrowed our focus to evaluating three access methods, Virtual Private Networks (VPNs), thin clients, and SSL-VPNs.
We began by meeting with several of the client's engineers and learning about their current security and networking practices. We also learned what they plan to change and improve in the near future. Then we began researching the pros and cons of these three security approaches against their intended changes. Our aim was to provide a broad sampling of security viewpoints from industry and security specialists to help management make good decisions for future technology development and its use.
We encountered some frustrations early on with the project when we received several divergent expectations of the future system from engineers and management. With some careful probing, we learned where management hoped to go with future developments and we felt comfortable moving on to evaluate these goals with our research.
The research phase of our project was diverse and fragmented because we all spread out on the web as we searched for information on VPNs, thin clients and SSL-VPNs. This fragmented effort was pulled together into a focused report for the client which we presented as a team in the final days of the project.
Tyler DomanJeffrey DunsterAnthony VanceBenjamin West