Do you allow end users to access the network remotely? If so, how many end users have remote access?
Remote access has become a much more common occurrence for many organizations. Workers connect from home and work through virtual private networks, check their email from Web page interfaces and use a number of other common network protocols to access servers on the network. If your customer's organization has remote employees or allows remote access, you need to ensure that the authentication mechanisms adequately restrict access to only those individuals authorized to access resources.
The number of workers requiring remote access is also an important consideration. If the only individuals remotely accessing the customer's network resources are a couple of network administrators who occasionally need to reboot a router or tweak a switch, a simple SSH implementation may be sufficient. But if the customer has 50+ employees who all need direct access to the primary servers, you're going to need an authentication mechanism that ties into the internal network through a secure channel of some sort.