Employees, customers and innumerable other persons routinely need access to a computer in their daily lives. Often, the accessed computer resides in a corporate communication network such as an Intranet, local area network (LAN) or other type of network which is accessed remotely, often via the Internet or other publicly accessible network. In many cases, the information residing on the computer is sensitive or confidential, so that the connection to the computer should be secure.
Virtual private networks (VPNs) have been implemented to assist computer users when remotely accessing a computer over a publicly accessible network. A VPN may in many ways be viewed as a secure corporate communications network that allows employees, customers and other persons having access rights to securely communicate with a corporate (or other entity's) computer. A VPN can allow secure communication to the corporate computer from sites all over the world at any time of day. When accessing a VPN or other corporate secure communications network, a user conventionally provides a username and password to access the network.
Existing VPNs and methods for implementing same are usually readily implemented by small organizations. However, with expanding usage of the Internet, cellular telephones and other mobile devices with computing capabilities, and computers in general, existing methods and systems for VPN deployment and maintenance become problematic. The problems become especially acute when users are spread across many time zones, perhaps even across the globe, and require 24 hour coverage, 7 days per week. For example, administrators have conventionally created public key infrastructure PKI data separately for each user and included that data in the VPN policy delivered to the user. This can be a very tedious and time-consuming process when the number of VPN users becomes large.
There is a need for scalable systems, devices and methods for deploying and maintaining secure communications, especially where large numbers of users are widely dispersed. In particular, there is a need for such systems, methods and devices to facilitate easier deployment of VPN client security policies, profiles and certificates to large numbers of authorized remote access users. This is especially important when the remote users access a corporate (or other entity) computer via mobile handheld devices. Because there may be numerous mobile devices in use and small devices are easily lost, ease of deployment is critical. Moreover, mobile handheld devices often have limited capabilities by comparison to a PC or laptop computer.