In 2002 the city of Montreal grew when 28 towns were forced to join the city on orders from the provincial government. But the decision was unpopular. The following year a Liberal government was elected, partially on a platform allowing amalgamated towns the right to vote to secede. But there was a caveat. Ten per cent of listed voters in a town needed to register for the de-amalgamation referendum in order for the town to have the right to vote.
In May 2004 the city set up 28 temporary centres where citizens could register for the referendum. In order to create secure locations the city used a Check Point Software Technologies Ltd. virtual private network (VPN) solution.With remote voter registration centres often located in shopping malls and connecting back to the city’s systems over public DSL lines, creating a secure environment was a top concern.Text With remote voter registration centres often located in shopping malls and connecting back to the city’s systems over public DSL lines, creating a secure environment was a top concern, said Normand Jette, a telecommunications specialist with the city. A decision was made to use diskless PCs running a Citrix Systems Inc. MetaFrame solution. Using this solution all data would reside on the city’s servers rather than on local machines, Jette said. This was done because physically securing a box in a public space was difficult and if a box were stolen (none were) there would be no voter information on the local box.
Jette said the city also needed to encrypt data travelling back to the city’s voter registration databases. “[DSL] is good but it is not safe,” he said. To make the data transfer safe, he installed a Check Point VPN 1 Edge box at each location to handle the encryption as well as create the VPN tunnel back into the city’s systems.
Before starting the deployment, Jette and his team bought one PC and created a virtual test office over a DSL line. There were no snags, he said. “So we bought 30 boxes right after that.”
“It took them less than a week to decide on the technology and implement it,” said Sandra Perreault, the Montreal-based territory manager for Eastern Canada with Check Point. “And most of the time was (spent) traveling between one site and another.”
Ordering the boxes took longer than the install, Jette said. He said his team configured the boxes and had them up and running in a week.
But Jette said the boxes started losing their connections as they tunnelled back into the city’s systems. “It was really weird because we were losing one per day and never the same one (twice).”
The team from Check Point was very helpful, Jette said, and even set up a remote voter registration box in Israel (where Check Point has offices) to help solve the configuration problem.
For simplicity purposes all the boxes had been given the same user name and password, Jette said. As it turns out, this is what caused the dropped connections back through the VPN tunnel, Perreault said. The solution was to give each box its own user name and password.
“The system [had] to be running with no faults, and to be sure at the beginning some people (at the remote locations) wanted to kill us,” Jette said. “They (just) did the job manually until the services came back up,”
Jette said his team is well prepared for future remote installations.
This fall Montrealers will be voting for mayor. Jette said he is confident that the next remote voter registration drive will run smoothly. “Now we are really ready…we still have those boxes, and we are going to do the same thing in November and that will be really easy for us.”
The VPN 1 Edge box, a small appliance that runs its own operating system, connected back to a main Check Point security end point within the city’s systems, Perreault said. VPN I Edge handled all communication between local sites and the central office, she said. A Check Point VPN 1 Pro box on the city side did the decrypting. The data then entered into the city’s voter registration database, she explained.
Twenty-two of the 28 boroughs voted on de-amalgamation. Fifteen voted to secede.
QuickLink: 054548
Related links:
