Klaus Vink Slott
2010-04-12 16:41:58 UTC
(sorry for this post is not in tread as I just subscribed to this list)
Explorer. I guess we had some 20 - 40 users logging in on a daily basis, using
different features in SSL-explorer. The use base was growing until 3sp pulled
the plug and we stopped promoting SSL-explorer.
I''ll state where SSL-explorer made a difference for us (most point has been
mentioned by other posts):
* The ability to work on locked down machines using the java client
* The ability to establish contact behind restrictive firewalls
* Ease of use (for end-users - mostly doctors and professors)
The user just launched the application from the web interface:
* Windows-remote desktop
* VNC-remote desktop
* web-proxy for accessing on-line libraries (IP based access)
* drive mapping for windows users.
* Ad-hoc solutions like when a user was on a network not allowing imaps we
could instruct over the phone how to configure a tunnel.
I have now moved to another department at the University. Here we use a Cisco-
vnp tingie (not sure - I have never used it, as ssh is sufficient for my
personal use) but I do think it looks troublesome to configure. We only
promote vpn to windows users who really really needs access to network drives
on the road.
The MUA is setup to use login over smtps/imaps so they work most places
(webmail used as fallback on restrictive networks)
If we look into the future:
The Microsoft guys told me that the new MS servers supports some kind of drive
mapping over SSL which solves the drive mapping issue for Windows users. They
also mentioned that new versions of outlook/exchange has some means of road-
warrior connectivity. So I guess when they get that monster airborne it will
solve most of the windows users problems.
Proxy access to other websites is currently provided by
http://sourceforge.net/projects/poxy/ on our web server.
For Linux users to access network drives I've successfully tested drive
mapping over ssh (sshfs) on Linux. But in many cases Dolphin, Nautilus or just
plain shell are sufficient. Many of our Linux users is powerusers anyway and
is not scared from using the shell
I'm unsure about MAC users.
On the remote desktop side we have not decided yet. NX machine look promising,
as it runs over ssh. But it has some issues with key mapping is f*****-up on
non us keyboards.
Luckily over time more and more services is moved to being web based, which
solves many of the above problems.
Still sometimes we have users ending up behind firewalls which do not allow
ssh, imaps or smtps. Here some kind of tunneling would be nice. Something like
http://ace-host.stuart.id.au/russell/files/http-proxy-tunnel/
might be able to solve the problem. But it seems not easy to configure on the
client machine.
Sorry this became a little long - I guess i just used this to summarized my
own thoughts on the subject.
Interesting post, kontro! So we have several alternatives. If the
project goes down the drain (as it seems to), I think as a last effort
we should document the alternatives which current Adito/ALS users have.
On my previous work at the university of Copenhagen we were using SSL-project goes down the drain (as it seems to), I think as a last effort
we should document the alternatives which current Adito/ALS users have.
Explorer. I guess we had some 20 - 40 users logging in on a daily basis, using
different features in SSL-explorer. The use base was growing until 3sp pulled
the plug and we stopped promoting SSL-explorer.
I''ll state where SSL-explorer made a difference for us (most point has been
mentioned by other posts):
* The ability to work on locked down machines using the java client
* The ability to establish contact behind restrictive firewalls
* Ease of use (for end-users - mostly doctors and professors)
The user just launched the application from the web interface:
* Windows-remote desktop
* VNC-remote desktop
* web-proxy for accessing on-line libraries (IP based access)
* drive mapping for windows users.
* Ad-hoc solutions like when a user was on a network not allowing imaps we
could instruct over the phone how to configure a tunnel.
I have now moved to another department at the University. Here we use a Cisco-
vnp tingie (not sure - I have never used it, as ssh is sufficient for my
personal use) but I do think it looks troublesome to configure. We only
promote vpn to windows users who really really needs access to network drives
on the road.
The MUA is setup to use login over smtps/imaps so they work most places
(webmail used as fallback on restrictive networks)
If we look into the future:
The Microsoft guys told me that the new MS servers supports some kind of drive
mapping over SSL which solves the drive mapping issue for Windows users. They
also mentioned that new versions of outlook/exchange has some means of road-
warrior connectivity. So I guess when they get that monster airborne it will
solve most of the windows users problems.
Proxy access to other websites is currently provided by
http://sourceforge.net/projects/poxy/ on our web server.
For Linux users to access network drives I've successfully tested drive
mapping over ssh (sshfs) on Linux. But in many cases Dolphin, Nautilus or just
plain shell are sufficient. Many of our Linux users is powerusers anyway and
is not scared from using the shell
I'm unsure about MAC users.
On the remote desktop side we have not decided yet. NX machine look promising,
as it runs over ssh. But it has some issues with key mapping is f*****-up on
non us keyboards.
Luckily over time more and more services is moved to being web based, which
solves many of the above problems.
Still sometimes we have users ending up behind firewalls which do not allow
ssh, imaps or smtps. Here some kind of tunneling would be nice. Something like
http://ace-host.stuart.id.au/russell/files/http-proxy-tunnel/
might be able to solve the problem. But it seems not easy to configure on the
client machine.
Sorry this became a little long - I guess i just used this to summarized my
own thoughts on the subject.
--
Regards
Klaus
Regards
Klaus