Laserfiche WebLink
service example, when a TriTech Engineer connects to a customer network under a single <br />tunnel VPN configuration, the TriTech Engineer's computer will be prevented from <br />connecting to the local TriTech network. This is accomplished through the Cisco client on <br />the TriTech computer and the Cisco VPN configuration. <br />The single tunnel method of VPN connectivity provides the customer with a high level of <br />security from unauthorized access to their network through VPN. However, this level of <br />security significantly limits or delays the ability of the TriTech Engineer to rapidly support <br />the customer system. <br />TriTech has been providing support to a limited number of customers under single tunnel <br />VPN connectivity over the past two years. TriTech has found that this form of connectivity <br />significantly increases the amount of TriTech staff time to perform the same support tasks as <br />can be accomplished through split tunnel VPN connectivity. Delays include: <br />1) lack of access to files (software updates, patches, documentation) on the local <br />TriTech network; again required for rapid critical issue resolution; <br />2) lack of access through the Internet to Microsoft and hardware manufacturer <br />knowledge bases, which is often required to rapidly resolve critical issues; <br />3) lack of access to the TriTech issues tracking system (ServiceWise) for access <br />issues lists and local knowledge bases - this prevents access to customer <br />information, information on similar issues, and internal knowledgebase <br />documentation needed to effectively continue with issue resolution; and <br />4) lack of access to e-mail to review or send messages to other TriTech support staff <br />that may be assisting in problem resolution. <br />In general, the TriTech support and engineering staff are unable to use their computers for <br />any other function while connected to the client system. In addition, the computer must <br />generally be restarted each time it needs to be reconnected to the TriTech network. <br />The general result is significant delay in the ability of TriTech to support the customer's <br />system during potential critical issue evaluation, diagnosis and repair. For moderate and <br />low priority issues, the impact will be a delay in issue management. <br />This section will act as formal notice to customers that elect to use single tunnel VPN <br />connectivity of the associated delays in the provision of support services. <br />Some customers have considered or implemented single tunnel VPN connectivity in order to prevent <br />access by a third party who takes control of computers on TriTech network and uses this to access a <br />customer system. If this is the primary concern, TriTech recommends maintaining split tunnel VPN <br />connectivity, but disabling the TriTech account on the customer's network (this is the network access <br />account, not the TriTech account within VisiCAD or VisiNet systems). In such a configuration, <br />TriTech will contact the client before accessing the customer system and will request password access <br />to the account. This password security configuration is described below under User Accounts and <br />Passwords. <br />t Note: TnTech's policy is to notify the client before TriTech staff connects to a customer system. <br />Site Preparation and Support Connectivity Guide, V3.1 dated 8.12.2005 Page 5 of 13 <br />TriTech Software Systems - Confidential & Proprietary <br />