Description
NIH Wireless User with VPN Pattern Printer-Friendly Version Description The Logical Design Pattern for NIH Wireless User with VPN shows the logical view of how an NIH Wireless user uses VPN to connect to NIH networks and resources. The user establishes a VPN session using the On Ramp access method, which will require a user login. NIH users will then be granted access to NIH resources and networks through an encrypted VPN session, which will provide data privacy for all information being transmitted wirelessly through Advanced Encryption Standard 256 (AES 256).
Diagram
Benefits
- Supports multiple vendor client cards and access points
- The WLAN solution is scalable, can be centrally managed, meets security requirements, and adheres to NIH wireless policy
- Users must load and initiate VPN client software in order to establish connectivity securely
- As shown in the logical design patterns, this approach addresses different classes of users
Limitations
- Requires using a proprietary VPN to address security
- Addresses WiFi access through NIC cards; does not address integrated wireless devices such as Blackberries or RFID readers
- Rapidly evolving technology and standards will require NIH to revisit and update this pattern frequently so that NIH can obtain the newest security, capacity and functionality capabilities
Time Table
This architecture definition approved on:
February 8, 2005
The next review is scheduled in:
TBD