<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21"> <TITLE>Secure Boot CDs for VPN HOWTO: Features</TITLE> <LINK HREF="Secure-BootCD-VPN-HOWTO-8.html" REL=next> <LINK HREF="Secure-BootCD-VPN-HOWTO-6.html" REL=previous> <LINK HREF="Secure-BootCD-VPN-HOWTO.html#toc7" REL=contents> </HEAD> <BODY> <A HREF="Secure-BootCD-VPN-HOWTO-8.html">Next</A> <A HREF="Secure-BootCD-VPN-HOWTO-6.html">Previous</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc7">Contents</A> <HR> <H2><A NAME="s7">7.</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc7">Features</A></H2> <P> <OL> <LI>Ease of use for the end user: <OL> <LI>Put in CD</LI> <LI>Boot machine</LI> <LI>Type in private key password</LI> <LI>Log into work desktop and work as usual</LI> </OL> </LI> <LI>Ease of use for the administrator(s): <OL> <LI>Key generation is separate from use.</LI> <LI>A user's access can be specifically revoked (without affecting their work desktop) using a single command.</LI> <LI>All new users can be denied by shutting down the openVPN server process on the server.</LI> <LI>All connections can be broken by shutting down the entire server; this will also deny future access until the server is brought back up and the end user reboots.</LI> </OL> </LI> <LI>The CD build process can be automated for ease of creation.</LI> <LI>The openVPN logs can be used to determine (or trace) nefarious or out-of-policy computer use.</LI> </OL> </P> <HR> <A HREF="Secure-BootCD-VPN-HOWTO-8.html">Next</A> <A HREF="Secure-BootCD-VPN-HOWTO-6.html">Previous</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc7">Contents</A> </BODY> </HTML>