Guidance and Resources for Connectivity

From OpenCommons
Revision as of 23:38, January 24, 2023 by Pinfold (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search



Guidance and Resources for Connectivity
GCTC logo 344x80.png
Online-learning.jpg
Wireless SuperCluster
Team Organizations Wireless
Connectivity Covid-19 Task FOrce
Team Leaders Benny Lee
David Witkowski
City, State
Contributors Tom Williams
Lan Jenson
Website
Document

Description

This page is the list of available guidances and resources for connectivity during pandemic.

Connectivity Guidance

Most agencies are choosing one of two paths for WFH scenarios: Purchase additional licenses for existing hardware-based VPN solutions from vendors already installed; or have made the successful transition to Cloud-based (different than Cloud-enabled) VPN solutions. In order of “ability to scale”, the various options are outlined below from better to worse:

  • Cloud-Based VPN
    • Cloud-based VPN solutions are purpose-built for Cloud (i.e. services deployed at point of entry, distributed architecture, full scale-up/down capabilities). As users are added, their services are applied at the entry point (POP) and data path determination is calculated closer to the user. The ability to scale up for increasing numbers of users or increasing bandwidth derives all benefits of a cloud-based architecture. If auto-scaling is enabled, this happens automatically without user or administrator intervention. An example of Cloud-based VPN responses, as service turn-up over the few weeks increases by 600%, is shown at https://www.linkedin.com/posts/deven-r-8169a_prismaaccess-superheroes-activity-6649839785210982400-TVdE. This figure would show if there was service denial/slowdown as flat peaks on the tops of the curves, where resources have run out during peaks, time of day, parts of the world waking up/sleeping/etc.
  • Cloud-Enabled VPN
    • Cloud-enabled VPN solutions allow local connectivity, but all information is back-hauled to a data-center somewhere for service application and delivery. User access is determined at point of entry and encryption is applied, but data is back-hauled to one of several data centers for path determination, service application and further processing. This deployment version is currently under stress for several vendors, as scaling in the data center is not automatic. Service application is disrupted (delays, latency, video drops, audio stuttering, extended period of time to be admitted into conferences, etc.)
  • Hardware-Based Local VPN
    • Hardware-based VPNs are the primary VPN architectures installed today. This has allowed agencies to simply purchase more licenses for existing hardware, or to add banks of hardware to handle the additional influx of users. Bandwidth is limited by hardware architecture (Gb/s through a box). Industry assumptions we use are 10% of the workforce works from home with each user averaging 3Mb/s in bandwidth. With the pandemic, these numbers have rocketed to over 80% WFH with the 3MB/s staying constant. Whispered reports of vendor architecture failures (not to be confused with hardware failure) are commonplace in the COVID world.

Human Interaction/Communication Tools

Hardware/Device Resources

In addition to connectivity, Access & Functional Need residents may not have computing devices (laptops, tablets, etc.) for connecting to networks. These organizations can help.

Educational Resources

Organizational Resources

Volunteer Resources

  • Adaptable Security Corp: https://AdaptableSecurity.org/Tech-CARES/ - Help shorten the learning curve on utilizing online resources. For individuals: connectivity safety, best practices for keeping your devices secure, protection of privacy, awareness and prevention of cyber scams. For organizations: help configure the digital services securely, assess cyber risks, training the workforce, architecture and cyber-resiliency planning, penetration test, cybersecurity program.