+ All Categories
Home > Documents > LapLink Gold 11 Firewall Service

LapLink Gold 11 Firewall Service

Date post: 02-Jan-2016
Category:
Upload: nicholas-zoie
View: 11 times
Download: 0 times
Share this document with a friend
Description:
LapLink Gold 11 Firewall Service. How Connections are Created A Detailed Overview for the IT Manager. Using LapLink in a Secure Environment. - PowerPoint PPT Presentation
24
1 Gold 11 Gold 11 LapLink Gold 11 LapLink Gold 11 Firewall Service Firewall Service How Connections are Created How Connections are Created A Detailed Overview for the A Detailed Overview for the IT Manager IT Manager
Transcript
Page 1: LapLink Gold 11 Firewall Service

11 Gold 11Gold 11

LapLink Gold 11LapLink Gold 11Firewall ServiceFirewall Service

How Connections are CreatedHow Connections are Created

A Detailed Overview for the IT A Detailed Overview for the IT ManagerManager

Page 2: LapLink Gold 11 Firewall Service

22 Gold 11Gold 11

Using LapLink in a Secure Using LapLink in a Secure EnvironmentEnvironment

Currently, corporations using LapLink 2000, LapLink Host and Currently, corporations using LapLink 2000, LapLink Host and LapLink Gold (version 3.x) must modify their network security to LapLink Gold (version 3.x) must modify their network security to successfully connect (inbound) through a firewall or router.successfully connect (inbound) through a firewall or router.•Firewalls must have ports 1547 and 389 open for inbound and Firewalls must have ports 1547 and 389 open for inbound and any port over 1024 open for outbound TCP/IP traffic any port over 1024 open for outbound TCP/IP traffic •Routers must have port forwarding enabled, with port 1547 Routers must have port forwarding enabled, with port 1547 mapped to the single computer running LapLink behind the mapped to the single computer running LapLink behind the firewall/routerfirewall/router•Security can be increased by using LapLink features, such as the Security can be increased by using LapLink features, such as the Log-in List and CryptoAPI data encryption; however, any open Log-in List and CryptoAPI data encryption; however, any open ports on the firewall decrease the overall security of the networkports on the firewall decrease the overall security of the network

The result … Many end users are left without LapLink’s remote The result … Many end users are left without LapLink’s remote access benefits and features because the Corporation’s network access benefits and features because the Corporation’s network security requirements have greater priority.security requirements have greater priority.

The new Firewall Service in LapLink Gold 11 addresses these The new Firewall Service in LapLink Gold 11 addresses these concerns.concerns.

Page 3: LapLink Gold 11 Firewall Service

33 Gold 11Gold 11

Benefits of the Firewall ServiceBenefits of the Firewall Service

• Network administrators do not open any ports or compromise firewall in any way

• Routers do not need port forwarding to find the computer running LapLink on the local network

• Packet filtering does not stop data packets at the external IP address

• Multiple computers behind the firewall can now run LapLink and receive connections from public networks such as the Internet

Page 4: LapLink Gold 11 Firewall Service

44 Gold 11Gold 11

Limits of the Firewall ServiceLimits of the Firewall Service

• This service is designed to work through one firewall. If both computers are behind firewalls, connection attempts will fail unless firewall configuration changes are made on the guest (remote) computer.

• To connect in through a firewall and use a DSL or cable modem connection on the guest computer, port forwarding must be configured for the DSL/cable modem.

• This service does not support firewalls that require “stateful inspection” of the connection or password authentication at the firewall.

Page 5: LapLink Gold 11 Firewall Service

55 Gold 11Gold 11

Firewall Service OverviewFirewall Service Overview

• Firewall Service provides secure connections into computers behind firewalls and routers

• Computers running LapLink Gold 11 send publicly available information (such as IP address and LapLink computer names) to a server maintained by LapLink Inc.

• Server acts as a ‘proxy’ …sending messages, but no private customer data

• Final connection does not go through the LapLink firewall server

• Connections can not be spoofed because of ‘shared secret’ that includes the originating IP address

Page 6: LapLink Gold 11 Firewall Service

66 Gold 11Gold 11

The computer behind the corporate firewall (Sally@Work) sends this information to the LapLink firewall server: •Internet address (aka the ILS name, as configured in LapLink’s Internet Directory Options)•IP address of the firewall•LapLink computer name

The firewall server and the computer keep the HTTP connection active so the port stays open through the corporate firewall.

Notes:Notes: The LapLink computer name and the ILS name can be different. Some firewalls may send the computer’s IP address if 1:1 NAT is in use.

Sally@work

198.102.199.xxx

Sally@work

How LapLink Connects through How LapLink Connects through the Firewall … the magic!the Firewall … the magic!

Page 7: LapLink Gold 11 Firewall Service

77 Gold 11Gold 11

Sally@work

198.102.199.xxx

Sally@work

The computer outside the firewall (George@Home) sends a message to the firewall server asking if it knows about the computer it wants to connect with (aka Sally@work).

If the firewall server does know Sally@Work, it sends Sally@Works’s external firewall IP address and the LapLink computer name to George@Home.

George@Home will use this information to help authenticate Sally@Work later.

Sally@work

198.102.199.xxx

Sally@work

Page 8: LapLink Gold 11 Firewall Service

88 Gold 11Gold 11

Sally@work

198.102.199.xxx

Sally@work

Sally@work

198.102.199.xxx

Sally@work

George@Home sends another message to the firewall server asking for a connection to Sally@Work. The message includes Sally@Work’s ILS name, George@Home’s IP address and LapLink computer name.

[email protected]@Home

Page 9: LapLink Gold 11 Firewall Service

99 Gold 11Gold 11

The firewall server matches the ILS names.

Sally@work

198.102.199.xxx

Sally@work

Sally@work

198.102.199.xxx

Sally@work

[email protected]@Home

Sally@work=Sally@work

Page 10: LapLink Gold 11 Firewall Service

1010 Gold 11Gold 11

The firewall server sends a The firewall server sends a message to Sally@Work message to Sally@Work requesting a connection to requesting a connection to George@Home. The George@Home. The message sends message sends George@Home’s IP address George@Home’s IP address and LapLink computer name.and LapLink computer name.

Sally@work

198.102.199.xxx

Sally@work

Sally@work

198.102.199.xxx

Sally@work

[email protected]@Home

Sally@work=Sally@work

64.20.240.221

George@Home

Page 11: LapLink Gold 11 Firewall Service

1111 Gold 11Gold 11

Sally@Work makes an outgoing connection to George@Home’s IP address, and sends her LapLink computer name, and the login name and password George@Home gave to her for her Address Book.

Sally@work

198.102.199.xxx

Sally@work

Sally@work

198.102.199.xxx

Sally@work

[email protected]@Home

Sally@work=Sally@work

64.20.240.221

George@Home

Sally@work

Sally*******

Page 12: LapLink Gold 11 Firewall Service

1212 Gold 11Gold 11

Sally@work

198.102.199.xxx

Sally@work

Sally@work

198.102.199.xxx

Sally@work

[email protected]@Home

Sally@work=Sally@work

64.20.240.221

George@Home

Sally@work

Sally*******

George@Home checks Sally@Work’s IP address, the LapLink computer name and the login and password.

George@Home uses the information that came from the firewall server, and his LapLink Log-in list to authenticate Sally@Work.

If everything matches, the connection reverses and George@Home connects back to Sally@Work through the port that Sally@Work’s connection to George@Home opened.

198.102.199.xxxSally@work

Sally*******

LapLink opens File Transfer,

or other LapLink services

Page 13: LapLink Gold 11 Firewall Service

1313 Gold 11Gold 11

Configuring the Firewall Service Configuring the Firewall Service TutorialTutorial

George works from home and needs to transfer his files to Sally at her office. In this tutorial, you’ll learn how, using LapLink Gold 11, George now securely connects to Sally’s computer without the network administrator compromising the security of the firewall by opening a port.

At the office, SallyAt the office, Sally configures LapLink in three areas. configures LapLink in three areas.• She changes LapLink’s Security to allow George to connect to her

computer using LapLink services (for example, file transfer and remote control).

• She creates an entry in LapLink’s Address Book that tells the Firewall service it’s okay to let George connect to her.

• She publishes an Internet address to the Internet Directory Locator so that she doesn’t need to worry about knowing the IP address of her computer when George needs to connect to her.

Some of the information she uses must match George’s computer, so Some of the information she uses must match George’s computer, so she collaborates with him at some stages.she collaborates with him at some stages.

Page 14: LapLink Gold 11 Firewall Service

1414 Gold 11Gold 11

Here are the steps Sally follows to change LapLink’s Here are the steps Sally follows to change LapLink’s Security:Security:

1. From LapLink’s Options menu, click Security. Or click the Security icon on the Link bar.

2. On the General tab, click Log-in List Only (Protected System).

Page 15: LapLink Gold 11 Firewall Service

1515 Gold 11Gold 11

3. Click Log-in List, and then click Add.4. Type a log-in name and a password. 5. Click any LapLink services that you

want this user to use when connected to this computer.

6. Click Apply, and then OK until the Security dialog box closes.

  Note: Alternatively, you can set

LapLink’s Security to Anybody (Public System). If you do so, click Public Privileges and set the LapLink services that you want everyone to use.

Page 16: LapLink Gold 11 Firewall Service

1616 Gold 11Gold 11

Here are the steps Sally follows to change LapLink’s Address Book:

1. From LapLink’s Options menu, click Address Book. Or click the Address Book icon on the Link bar.

2. Click Add.3. In the Description field, add information that meaningfully

describes to you what this connection does.4. In the Computer Name, add the

LapLink computer name of the computer that is connecting to you from outside the firewall.

Note: This is information that came from George. He found it by going to LapLink’s Options menu, and clicking Computer name. George used george@home.)

5. In the Connection field, click Firewall.

Page 17: LapLink Gold 11 Firewall Service

1717 Gold 11Gold 11

6. In the Security Information to send fields, type the login name and password that you need to connect to the other computer. (This information also came from George. He has changed his LapLink Log-in List to let Sally connect to him.)

7. Click OK and then Close.

Here are the steps Sally follows to publish her Internet Address to the Internet Directory Locator:

1. From LapLink’s Options menu, click Internet Directory Options.2. In the Internet address field, type a name that uniquely

describes this computer. This can be an email name or something else.

Page 18: LapLink Gold 11 Firewall Service

1818 Gold 11Gold 11

3.3. In Options, click In Options, click both boxesboth boxes..4.4. Under Directory server, confirm that the Under Directory server, confirm that the

LapLink directory serverLapLink directory server is selected. is selected.5.5. Click Click ApplyApply and then and then OKOK..

6.6. Watch for the Watch for the icon to appearicon to appear in the LapLink status tray. If necessary, in the LapLink status tray. If necessary, go to LapLink’s go to LapLink’s ConnectConnect menu and click menu and click Publish My Internet AddressPublish My Internet Address..Note: Click Don’t show me this message again if you want LapLink to automatically publish your address.

Sally’s computer at work is now configuredfor George to connect to her. She needs to remember to leave LapLink running, and make sure that her computer has access to the Internet.

Page 19: LapLink Gold 11 Firewall Service

1919 Gold 11Gold 11

At home, George configures LapLink in these two areas:• He changes LapLink’s Security to match Sally’s ‘firewall’

Address Book entry. • He creates an entry in LapLink’s Address Book that has Sally’s

Internet Address and the log-in name and password she assigned for him.

Here are the steps George follows to change LapLink’s Security, matching his Log-in List to Sally’s Address Book:

1. From LapLink’s Options menu, click Security. Or click the padlock icon on the Link Bar.

2. On the General tab, click Log-in List Only (Protected System).3. Click Log-in List, and then click Add.

Page 20: LapLink Gold 11 Firewall Service

2020 Gold 11Gold 11

4. Type the log-in name and password. Note: This is the information he gave to Sally for her Address Book.

5. For Services, click Firewall. (This is what tells Sally’s computer it’s okay for George to connect.)

6. Click Apply, and then OK until the Security dialog closes.

Page 21: LapLink Gold 11 Firewall Service

2121 Gold 11Gold 11

Here are the steps George follows to create his Address Here are the steps George follows to create his Address Book entry:Book entry:

1.1. From LapLink’s From LapLink’s OptionsOptions menu, click menu, click Address BookAddress Book. Or click the . Or click the Address Book iconAddress Book icon on the Link bar. on the Link bar.

2.2. Click Click AddAdd..

3.3. In the Description field, In the Description field, addadd information that meaningfully information that meaningfully describesdescribes to you what this connection does. to you what this connection does.

4.4. In the Computer Name, type the In the Computer Name, type the LapLink computer nameLapLink computer name of of the computer that you are connecting to inside the firewall. (the computer that you are connecting to inside the firewall. (

Note:Note: This is information that came from Sally. She found it This is information that came from Sally. She found it by going to LapLink’s Options menu, and clicking by going to LapLink’s Options menu, and clicking

Computer name. Sally used sally@work.)Computer name. Sally used sally@work.)

5.5. In the Connection field, click In the Connection field, click InternetInternet..

Page 22: LapLink Gold 11 Firewall Service

2222 Gold 11Gold 11

6. For Services, click any LapLink service that you want to use. George is using File Transfer. Note: If you don’t have permission to use a service, you’ll see a message stating that Access is Denied.

7. In the Security Information to send fields, type the login name and password that you need to connect to the other computer. (This information came from Sally’s Log-in List.)

8. Click OK and then Close.

Page 23: LapLink Gold 11 Firewall Service

2323 Gold 11Gold 11

Here are the steps George follows to connect to Sally:Here are the steps George follows to connect to Sally:1. From LapLink’s Connect Over menu, click Internet.2. Highlight the Address Book entry for the computer inside the

firewall. (In George’s case, this is Sally’s Firewall @ work.)3. Click OK.

Page 24: LapLink Gold 11 Firewall Service

2424 Gold 11Gold 11

When the computers have connected, the file transfer (or other When the computers have connected, the file transfer (or other service) window appears on your screen. Here is what George service) window appears on your screen. Here is what George saw.saw.


Recommended