Date post: | 30-Dec-2015 |
Category: |
Documents |
Upload: | herbert-boyd |
View: | 217 times |
Download: | 1 times |
Remote Access Service
CPTE 433John Beckett
Types of Users
• Need access from home• Need access from anywhere
• Low bandwidth needs• High bandwidth needs
– This is your future!
Reliability
• Offsite access is inherently less reliable.
• Do they need it to be just as reliable?– Perhaps fallback method is needed.
The “S” Word
• You need an over-arching solution to the many needs people have for remote access.– When/where they need it.– Secure– Sufficient Bandwidth
• If you don’t provide it, they’ll find a way– and poke holes in your security.
Policies
• Define Service Levels• What does this have to do with your support
people?– Do they get to sleep?
• Can you include a requirement that testing be done before the person leaves town?– They’re usually too busy getting ready to leave– Corporate culture issue– Can you access schedules?
The Vanguard Group
• Wanting the advanced access (usually bandwidth) of the new service
• Tolerant of outages• Willing to handle technical
challenges
• Case in book: Mismatch of expectations.– Basis of mismatch was delay in funding– I’ve seen a CIO lose his job over that
Outsourcing
• You are going to have to outsource connectivity.
• Dialup, ISDN, Frame Relay– Depending on telecomm company to
establish security.• Internet
– Depending on your own VLAN architecture for protection.
Outsourcing the VLAN
• Contract/SLA• Billing structure• Authentication interface• Security (bonded employees etc.)
Other Corporate Networks
• Remote access between a remote network and your own can create a mis-match in security policy that can take either of you down or prevent service.
• Example: Adjunct teachers entering grades.– Their employers have firewalls and
policies against accepting cookies.– Workaround: Grades entered by
secretary here.
Perimeter
• By definition, remote access penetrates your perimeter.
• Security scheme must focus on traffic crossing the perimeter.
Technology Transitions
• Aggressively pursue new technologies.• Evaluate what old technologies the new
technologies actually replace.• Give good support at roll-out time.• Have firm “sunset” rule on old technology
being phased out.
• Knowing “when” is an intuitive decision– Which you follow up with (supportive) action
Review of Technologies
• Dial-up analog modem: “56k”• ISDN BRI: 128k symmetric, fallback to 64k if
phone is in use• ADSL: 128k-1,400k asymmetric• SDSL: 128k-1,400k symmetric• T-1 is a local physical “drop” for:
– ISDN-PRI (1,400k) – Frame Relay
• Cable Modem: Fast but asymmetric• “Business Internet” – Cable Modem, better
service
Ownership Issue
• IRS: Must keep a log of personal versus corporate use if a company asset
• Possibility for avoiding this record-keeping overhead: Issue equipment to users as a taxable benefit– Set it up as a loan– Have a stated policy for what happens if
they move on before loan completion– Structure pay so that it can come out of
ending pay.