Networking/Remote Access
You have users that need to travel. Perhaps you have a sales force that must be able to access critical information including email and other mission critical applications in the performance of their duties. Their access must be timely, reliable and secure. What can I do?
Email is easy. Microsoft Exchange Server provides the ability to have your email, contacts, calendar, and tasks all synchronized securely with Microsoft Outlook or the smart phone of your choice. The only thing you need is an internet connection.
Your mission critical applications; access to those is more complicated. If those applications are web based (that is served by a web server like Internet Information Server), SSL enabled, and created to require secure authentication, it is possible to securely publish the application over the internet and have access to it anywhere you have an internet connection. If not you will need to look into other methods.
VPN
Remote users can connect to your network infrastructure though the use of a Virtual Private Network. This allows the user on the road to access the network at corporate headquarters just like he or she was physically connected to that network. You configure this VPN through your corporate Firewall or, if you have a great number of remote users, a VPN Concentrator.
There are two basic types of VPNs that these devices can potentially support. IPSec VPN is the old way of creating a VPN tunnel and is highly secure but complex to setup and configure both on the Firewall and on the client PC. A SSL VPN by contrast is complex to setup on the Firewall but accessing it on the client is done through a web interface and is exceedingly easy. Both methods are highly secure.
Both methods however have an undesired side effect. Because the client becomes part of the network, any virus or other infestation on the remote client computer could compromise workstations or servers in the corporate environment. This is a common source of infection in corporate IT. Because of this, corporate laptops are usually locked down so that they cannot be modified in any way. The user cannot install software or make any changes to the configuration. Remote computers must be strictly controlled.
Remote Desktop
Remote users can gain access to the corporate network through Remote Desktop. Remote Desktop is a Microsoft Windows service that in its default form is not a secure method of Remote Access. However, configured properly, it can be made highly secure and reliable.
A single server or a farm of servers can be configured with Remote Desktop in your organization. These servers can allow multiple users to be logged on at the same time accessing any applications installed on the server and any resources on the network. The server will even allow the user to print to a printer at their remote location.
In order to enable this, a license must be obtained for each remote user, the server and the domain must be hardened to be secure.
With this method, there is no danger of virus or other infestation from the remote computer. The computer is never a node on the corporate network and as such cannot communicate directly with any other computers on the network.
Because computers do not have to be strictly controlled, access can conveniently be allowed from any internet connected computer.
