Remote Access

 

Why Remote Access?  Remote access is becoming even more important in the present than it was in the past.   As users get more and more comfortable using their computers and other technologies they often start to want or need to maintain access to particular capabilities from remote locations.

Some of the most popular reasons for developing remote access are in the following list.

  • Connecting branch offices
  • Providing connections to resources outside of regular hours
  • Allowing employees to telecommute
  • Enabling employees who are on the road to connect to organization resources
  • Providing the organization's clients and/or partners with access to network resources

As organizations grow they need to open offices in multiple locations.  It can be very important to have these offices be able to connect to a core location in order to keep up on particular information.    When the need for these sorts of connections is infrequent, then dial up connections are likely to be sufficient.  A networked computer can be set up at the core location to act as the dial up server.

Unfortunately, for many employees, after work hours still require access to organization computer resources.  With a remote access connection a user can connect to the organization's resources.  If they make use of terminal services they can even work from the same desktop they use during regular hours.  This way remaining work can be dealt with using applications that the user doesn't have on their home computer.

Telecommuting affords some individuals the opportunity to work certain hours at home.  These users are most likely to make use of things such as e-mail, live chat and maybe audio and/or video conferencing to maintain contact.

Employees that telecommute can save travel time, certain dress restrictions, transportation costs in theirs as well as the  organization's money.  Dial up access is the likeliest implementation.  This can be done through access servers or through an Internet connection after the telecommuter has connected to an ISP.  This style of ISP connection can be enhanced further by making use of VPN for increased security during the access.

All of these sorts of efforts require the organization to have extra technical capabilities.

Mobile users, such as recruiters and salespeople, are likely to spend a great deal of time on the road.  Providing ways for them to access organization resources can have a very significant impact of the organization's performance.  The approaches for gaining and providing access aren't likely to be much different than for other motivations for remote access.

Guest type accounts may be essential for providing access to partners or clients.  This can also be done through an extranet.

How It Works.  There are a fairly large number of approaches to implementing remote access.

  • dial up connections
  • dedicated connection or point to point connection
    • T1 line or something like it
    • DSL or cable line into the Internet
    • wireless line-of-sight

Within these a user and organization can make use of VPN - Virtual Private Networking to establish a relatively secure connection.

There are several other issues we need to consider such as the following.

  • Protocols used for connection
    • TCP/IP
    • IPX/SPX
    • AppleTalk
    • NetBEUI
    • link protocol
      • SLIP - Serial Line Internet Protocol
      • PPP - Point to Point Protocol
    • VPN
      • PPTP - Point to Point Tunneling Protocol
      • L2TP - Layer 2 Tunneling Protocol
  • Remote Access Authentication
    • PAP - Password Authentication Protocol
    • SPAP - Shiva PAP
    • CHAP - Challenge Handshake Authentication Protocol
    • EAP - Extensible Authentication Protocol
      • MD5
      • smart cards
      • certificates
    • RADIUS - Remote Access Dial Up Service
  • Assignment of IP Addresses
    • for TCP/IP to function the computers must have IP addresses
    • Windows 2000 Remote Access Server (RAS) can be configured to contact a DHCP server
    • might configure from a static pool of IP addresses
  • Aggregation of Bandwidth on Dial Up Connections or Multilink
    • two dial up connections can be put together to provide one connection with more bandwidth
    • most commonly used with Basic Rate ISDN
      • two 64 kbps aggregated to give 128 kbps
    • also can be used with 56 kbps connections
      • connections to ISP can then be around 100 kbps
  • Control of Bandwidth
    • Bandwidth Allocation Protocol can be used in conjunction with aggregation to control the use of extra lines so that they are used only when needed