Scope: All HP ES Permeo users supporting PCI environments in Charlotte, Auburn Hills, Plano, and Sacramento SMCs
Effective Date: 03/06/2011 Midnight - 05:00 Central
Group Name: PCI
Affected Locations: Sacramento
Summary: PCI Permeo servers are EOL, and will be replaced with new SNX SSL VPN appliances. The Permeo replacement effort will continue with Sacramento. The Permeo 101 server ussaspcig101 in Sacramento will be decommissioned on 3/06/11 and the new SNX ussaspcig002 installed. Permeo server ussaspcig001 will remain active for a period of time still TBD, so there will be two ways of accessing the PCI environment for several months: Permeo 001 and the new SNX. The SNX user guide will be available on the PCI 2-Factor website, and is included with this USER COMM
Justification: Current PCI Permeo gateway servers are EOL
Benefits to Users: SNX is more flexible than Permeo, supports multiple workstation OS (XP, Vista, Windows 7) and multiple IE versions (IE 6, 7, 8).
Details: The overall approach is to replace the current 2 Permeo server/SMC architecture with a single SNX instance at each SMC. The SNX solution will have a more robust cross-site capability: any PCI compartment currently accessed through Permeo will be available from any of the four SNX appliances. Details around the timing of the remaining SNX implementations (Plano and Charlotte) will be provided in future USER COMMMs. The IP address(es) for the Permeo 101 servers will be reused for the new SNX devices, so no firewall rule changes are needed. Lastly, the current PCI RSA SecurID tokens will be used for both Permeo and SNX 2-factor authentication.
Primary Contact: Bob Welder bob.welder@hp.com
Secondary Contact: Tina Carter tina.carter@hp.com
|
Usercomm - Sacramento PCI Permeo Server Replacement 