Remote Access Service

CPTE 433John Beckett

Types of Users

• Need access from home• Need access from anywhere

• Low bandwidth needs• High bandwidth needs

– This is your future!

Reliability

• Offsite access is inherently less reliable.

• Do they need it to be just as reliable?– Perhaps fallback method is needed.

The “S” Word

• You need an over-arching solution to the many needs people have for remote access.– When/where they need it.– Secure– Sufficient Bandwidth

• If you don’t provide it, they’ll find a way– and poke holes in your security.

Policies

• Define Service Levels• What does this have to do with your support

people?– Do they get to sleep?

• Can you include a requirement that testing be done before the person leaves town?– They’re usually too busy getting ready to leave– Corporate culture issue– Can you access schedules?

The Vanguard Group

• Wanting the advanced access (usually bandwidth) of the new service

• Tolerant of outages• Willing to handle technical

challenges

• Case in book: Mismatch of expectations.– Basis of mismatch was delay in funding– I’ve seen a CIO lose his job over that

Outsourcing

• You are going to have to outsource connectivity.

• Dialup, ISDN, Frame Relay– Depending on telecomm company to

establish security.• Internet

– Depending on your own VLAN architecture for protection.

Outsourcing the VLAN

• Contract/SLA• Billing structure• Authentication interface• Security (bonded employees etc.)

Other Corporate Networks

• Remote access between a remote network and your own can create a mis-match in security policy that can take either of you down or prevent service.

• Example: Adjunct teachers entering grades.– Their employers have firewalls and

policies against accepting cookies.– Workaround: Grades entered by

secretary here.

Perimeter

• By definition, remote access penetrates your perimeter.

• Security scheme must focus on traffic crossing the perimeter.

Technology Transitions

• Aggressively pursue new technologies.• Evaluate what old technologies the new

technologies actually replace.• Give good support at roll-out time.• Have firm “sunset” rule on old technology

being phased out.

• Knowing “when” is an intuitive decision– Which you follow up with (supportive) action

Review of Technologies

• Dial-up analog modem: “56k”• ISDN BRI: 128k symmetric, fallback to 64k if

phone is in use• ADSL: 128k-1,400k asymmetric• SDSL: 128k-1,400k symmetric• T-1 is a local physical “drop” for:

– ISDN-PRI (1,400k) – Frame Relay

• Cable Modem: Fast but asymmetric• “Business Internet” – Cable Modem, better

service

Ownership Issue

• IRS: Must keep a log of personal versus corporate use if a company asset

• Possibility for avoiding this record-keeping overhead: Issue equipment to users as a taxable benefit– Set it up as a loan– Have a stated policy for what happens if

they move on before loan completion– Structure pay so that it can come out of

ending pay.