Scope: All HP ES Permeo users supporting PCI environments in Charlotte, Auburn Hills, Plano, and Sacramento SMCs
Effective Date: 10/31/10 02:00 - 06:00 Eastern
Group Name: PCI
Affected Locations: Auburn Hills
Summary: PCI Permeo servers are EOL, and will be replaced with new SNX SSL VPN appliances. The Permeo replacement effort will begin with Auburn Hills. The Permeo 101 server usahspcig101 in Auburn Hills will be decomissioned this weekend and the new SNX installed. Permeo server usahspcig001 will remain active until January 2011, so there will be two ways of accessing the PCI environment for several months: Permeo 001 and the new SNX. The SNX user guide will be available on the PCI 2-Factor website, and is included with this USER COMM.
Justification: Current PCI Permeo gateway servers are EOL
Benefits to Users: SNX is more flexible than Permeo, supports multiple workstation OS (XP, Vista, Windows 7) and multiple IE versions (IE 6, 7, 8).
Details: The overall approach is to replace the current 2 Permeo server/SMC architecture with a single SNX instance at each SMC. The SNX solution will have a more robust cross-site capability: any PCI compartment currently accessed through Permeo will be available from any of the four SNX appliances. Details around the timing of the remaining SNX implementations (Charlotte, Plano, and Sacramento) will be provided in future USER COMMMs. The IP address(es) for the Permeo 101 servers will be reused for the new SNX devices, so no firewall rule changes are needed. Lastly, the current PCI RSA SecurID tokens will be user for both Permeo and SNX 2-factor authentication.
Primary Contact: Rachel Snyder rachel.snyder@hp.com
Secondary Contact: Bob Welder bob.welder@hp.com
|
Usercomm - Auburn Hills PCI Permeo Server Replacement 