Avaya 3.7 ユーザーズマニュアル

ページ / 326
Overview of the VPN management hierarchy
Issue 4 May 2005
23
VPNmanager Enterprise Client. Use the Enterprise Client version for managing an 
unlimited number of security gateways and VPNremote Clients.
VPNmanager Service Provider Client. Use the Service Provider Client version to 
manage an unlimited number of security gateways and VPNremote Clients. The Service 
Provider also supports multiple VPN domains.
Overview of the VPN management hierarchy
With the VPNmanager software, you can configure and manage VPNs and firewalls from a 
central location. By focusing on security policy instead of individual device management, 
administration of large-scale networks is simplified. Central management allows you to make 
configuration updates automatically to all affected security gateways. This distributed approach 
also applies to firewall management.
The VPNmanager software is built on a policy-based architecture that allows the administrator 
to start at a high-level with a VPN domain, then move down the hierarchy to create user groups, 
IP groups for protected resources, and security groups that define membership and policies of 
the VPN.
Figure 1: Domain hierarchy
At the peak of the hierarchy is the VPN domain. A domain is assigned a name to identify it from 
other domains. Usually one domain is configured for an entire organization. A domain is built of 
one or more VPNs. 
Each VPN is built of users, user groups and IP groups. VPNs are assigned names. These 
names can associate the VPN to a regional location or purpose. 
Users are the individual remote access users who log in to the VPN through a security gateway. 
The VPNremote Client software is used to connect to the VPN services.
A User Group contains or organizes user accounts. These accounts are assigned to remote 
VPN members who dial in to the network and run VPNremote Client software to access the 
VPN.