Lenovo IBM Access Connections 3.3.0, Руководство по развертыванию

Страница: 13 / 28

Capitalizing on new profile-deployment capabilities to ease
administration
Access Connections has a feature to make location profile deployment centrally
manageable. Prior to having this capability, all client users were required to set up
their own location profiles. Although Access Connections software leads you
through the steps needed to create a profile, the entry of settings, especially
settings associated with security, can still be cumbersome. Now an IT administrator
can do the following:
v
Create location profiles and distribute them as part of a hard disk image or send
the profile files to client systems that have already been deployed, thereby
saving users from spending time individually setting up profiles.
v
Control policies—such as whether a distributed profile can be modified or
deleted—for all profiles in the system, which could prevent users from
inadvertently modifying or deleting a profile and then needing help-desk
support.
v
Establish rules to limit users who can import various deployment packages
using distribution control lists (selectively distribute the profiles based on
ThinkPad serial numbers).
v
Create secure profile deployment packages that are encrypted and password
protected so only authorized individuals can import the location profiles. This
feature is important because profiles may contain wireless security content such
as a WEP key or WPA TKIP PSK (Wi-Fi Protected Access Temporal Key Integrity
Protocol Pre Shared Key).
A standard installation of Access Connections software does not include the profile
distribution capability. The feature must be enabled using a separate software tool.
This enabler utility is available to IBM customers from a dedicated Web site for
registration and download. The enabler creates an additional menu item in the
Access Connections user interface called Profile Distribution. It is from this profile
distribution menu item that the IT administrator creates profiles to be distributed
and establishes appropriate user-access policy. If a selected profile contains a
wireless profile with encryption enabled, the administrator will be prompted to
re-enter the wireless security settings to be deployed, thus ensuring that the
administrator knows the security settings such as the WEP encryption key. If the
wrong WEP key is entered, that WEP key will be deployed but not usable.
With the profile deployment capability, Access Connections software provides a
significant benefit to IT administrators in terms of wireless security manageability.
Many organizations that use WEP security leave their WEP encryption keys static
simply because the updating of WEP keys across the entire client user base is a
daunting task. This practice can put an organization at risk because static WEP key
encryption can be broken. The Access Connections profile-deployment feature
enables system administrators to remotely change and deploy new security settings
including WEP keys. By frequently changing WEP keys, system administrators can
dramatically reduce the possibility of security breaches in a WLAN environment.
IBM Access Connections software facilitates fast, easy network connections by
using profiles to define the network adapter and associated networking parameters
for different locations. Easy to use and manage, Access Connections software
delivers a comprehensive network connectivity solution to help you improve total
cost of ownership and employee productivity. And with the Access Connections
software profile deployment feature, a system administrator can centrally create
profiles and remotely deploy them to the client user base—as opposed to setting
Chapter 2. Using Access Connections
7