About us Partners Clients News Careers
 InfoBPN
IT Consultancy Services
Secure Remote Access Solutions
Application Load Balancing
Web Applications
Storage Solutions
Network Security Solutions
Networking Solution
Our Products
Secure Remote Access

InfoBPN Secure Remote Access

As in the rest of the world, companies in India have learned that improving network communications between the corporate office and branches is key for their continuing growth and profitability. Many companies originally used direct communications with centralized application servers via leased line and ISDN connections, but business expansion has led to increases in the number of users and the need for higher bandwidth at lower costs. With the reduction in Internet access costs over the past few years, the trend is now toward using the Internet for remote access. The challenge is to find the best method of enabling secure, high-speed remote access with adequate Security.

Evolution of Remote Access:
Many businesses in India adopted computers as recently as ten years ago, and remote access has evolved in pace with the reach and cost of secure, high-speed communications networks. Major industry sectors such as manufacturing, finance, and services were early adopters because computerization has had a major impact on the cost and mode of doing business. The only profitable way of expansion was by using technology, to have a larger reach with customers (e.g. Stock Market companies) .Virtual environments were provided to end users so that business expands without having to actually expand the work environment in companies.

Traditionally, these sectors have used centralized computers, but as enterprise-critical applications such as Enterprise Resource Planning (ERP) , Mail solutions , file depositary , corporate data resource . have spread, the growing number of branch offices and users has increased the amount of data flowing to and from centralized computing resources. The growth of these data centers has also significantly increased costs for leased line and ISDN connections between remote sites and central computers.

More recently, companies have moved to client-server computing models by moving servers to branch offices and replicating data out to them. This has reduced bandwidth costs by permitting local access for users in each branch location. At the same time, the reach of the Internet has expanded while the cost of connecting has decreased, prompting many companies to evaluate replacing their remote office connections with ADSL links.

Improving Internet Brings New Challenges:
As long as they use leased lines and ISDN for access to central computers and rely on a relatively limited number of applications, company IT departments have a relatively simple job of securing the network from outside intruders. By directing users to specific ports in the firewall and then restricting access through network , companies have created physical protections against data theft via these Internet connections.

But with the rapidly-growing number of applications, users ,partners , employers, virtual environments of work like house , SOHO and remote sites, companies face rising IT complexity and costs because IT technicians must continually change router and firewall configurations to maintain protection via this method. As each new remote site, user, or application is added, it is necessary to open and configure a new firewall port and as the present solution is through lease line or ISDN, mobility becomes an issue. New setup has to be commissioned for expansion. Giving secure access on demand is a limitation with the above setup and precious time is involved which slows down the speed in which expansion of a company happens.

With the rise of the Internet, another issue is security. Even if user access is restricted via firewall ports, companies are in jeopardy from viruses transmitted from remote users’ computers. While a firewall can restrict access, any users with access through that firewall port can transmit a virus if his or her own computer is infected. Complex applications which use UDP ports , dynamic ports , etc always limits the security offered by the firewall . IT dept always have to take a call whether remote access is important or security is important. But the best environment and the ideal situation would be complete remote access with full security , which every IT dept dreams off .

So how can the situation be improved? Any enterprise IT manager should ask several key questions before extending computing resources to remote locations:

• How will remote connectivity be provided? (That is, will it be Internet, ISDN, or leased line?)
• Will the solution be fast and reliable enough for the required applications to function properly?
• Will the solution provide the required security to protect corporate computing resources?
• Will the solution method be easy enough for non-technical users? • Will the solution be reliable?
• Will the solution be cost-effective enough in terms of the amount of IT management required?
• Will the solution be scalable and can sustain expansion?
• Will the cost be feasible to the finance dept and can the cost be justified?
• Will any re-engineering be needed to the existing environment?
• Will the solution answer tomorrow’s environments concerns?

Fortunately, there are newer technologies that provide better answers to these questions.

Modernizing Remote Access
With appropriate security and management features in place, lower-cost Internet connections can now provide the required remote links back to centralized network servers. Most Internet service providers now offer ADSL connections for branch offices, offering connections of from 512Kbps to 2Mbps.

To leverage these connections a growing number of companies are adopting Virtual Private Network (VPN) technology as a solution to their needs. Although Indian companies have resisted older VPN technologies in the past due to the complexity of deployment and administration, new SSL VPN technology is far simpler, and it can provide the security companies demand while significantly reducing IT overhead. SSL VPN connections provide several key advantages:

• Simplified access for any user • End user security checking and validation
• Full connection security and reliability • Simple deployment and administration
• Secure Access On Demand.
• Anywhere , Anytime , Authorized ,Audited ,Anyway Access Of Applications
• Clientless Secure Remote Access.
• Support for Client –Server or Standalone Applications which works on LAN over Internet
• Support for Wireless Access.
• Support for VOIP and Video Conferencing over secure encrypted environments.
• Support for IP based Application with any type of transport protocol
• LAN Extender
• Web enabler for Non Web Applications Without Changing the Applications.
• With provision for securing any application with trusted certificate
• Machine Based Specific Access
• Using the Application is the Https mode without any re-engineering etc.
• Effective reverse proxying of all data from any port to any specific predefined port

Simplified access for any user
For remote offices, the network accesses the VPN appliance at the corporate office via an ISDN or ADSL link using web browsers on their computers: the end user simply points his or her computer’s browser to a specific web address (the VPN appliance’s location), through which the user gains appropriate access to the network.

End user security and validation
Even though the connection is carried over the public Internet, the end user’s link is a secure, encrypted tunnel. However, the tunnel is not available to anyone. When the user begins logging into the network with the VPN connection, the SLL VPN appliance performs an automatic security check on the end user’s computer to confirm that all appropriate anti-virus and security updates have been installed on that user’s computer. If the computer doesn’t have the current updates, the VPN appliance can automatically install them or direct the end user to other web links where they may be installed.

In this way, the SSL VPN appliance prevents infected remote computers from ever establishing connections to the corporate network. In addition, the VPN appliance also enforces user-specific access policies to ensure that any given user has access only to the network servers, applications, or documents to which he or she is entitled.

 Full connection security and reliability
Once established, the connection is fully encrypted to provide protection against network snooping and hackers. To provide high reliability, two VPN appliances can be deployed in a redundant configuration in the corporate data center to provide automatic failover in the event that one appliance fails. As for the connection itself, SSL VPN provides an automated fail/retry system that automatically detects failed packet transmissions and resends them when this occurs.
 
Simple deployment and administration
SSL VPN access requires installation of a simple network appliance behind the firewall on the network at the remote office or headquarters location. All traffic can be directed through ports 80 or 443 to this appliance, so IT departments no longer need to set up unique ports for specific users, branch offices, or applications. It also enhances the security of the corporate firewall setup as the SSL VPN can reverse proxy all data from different ports to a single port which is predefined by the administrator. This also ensures that application which uses dynamic ports and udp ports will now use only one port which is pre defined by the administrator.

Once the appliance is deployed, IT departments use a graphical interface to establish overall security policies for all users, and more specific access policies for individual users or remote offices. This allows the company to limit network access to users or sites in a highly granular fashion. Between the automated endpoint security checks and this granular access control, the SSL VPN system eliminates corporate concerns about remote access security. IT dept can also ensure a virus free environment in their entire enterprise by forcing antivirus corporate policy on remote machines through end point policy mechanism from SSLVPN.

Moreover, the deployment process typically takes less than one day for an entire corporate network, and once it is configured, the IT department needs have very little interaction with the SSL VPN appliance. Automated operation ensures few if any support calls from remote users, so the only future interactions will be necessitated by changes to user access privileges.

Conclusions
Indian enterprises have gone from the dark ages of information technology to the modern era in just ten years. Remote computing resources are rapidly moving into branch offices, and remote connectivity is a must-have for continued improvements in business efficiency. SSLVPN ensures that companies enterprise resources (applications of all types, data, file /print/desktop services) which are available to your corporate LAN are made available to remote / mobile employees, partners, customers, suppliers etc through a secure tunnel over internet or any conventional connectivity. In short SSLVPN helps companies to make their enterprise an agile, responsive and on demand secured authorized access. Integration of state of art technologies for authentication, authorization and auditing with patented propriety features and having the power to customize the product for individual customers as it has the level 3 and level 4 support of the product . With an expanding Internet infrastructure in major industrial centers, SSL VPN technology gives companies the opportunity to leverage distributed computing resources with lower costs and greater simplicity than ever before, and without giving up enterprise-class security measures.

Contact BPN Infosystems:
Please contact us by email at sales@infobpn.com
SiteMap Legal Privacy © 2009 BPN INFOSYSTEMS PRIVATE LIMITED. All rights reserved.