Remote access: determining needs
May 1, 2001 12:00 PM, By Kevin McNamara, CNE
Fundamentally, data communications networks provide a means to access and deliver information to users over a common infrastructure. The need to access internal company LANs from remote locations is on the rise as more employees work away from the office.
Remote access is a means for a PC located in any remote location to connect to your LAN or Wide Area Network (WAN). Assuming the remote user has the proper rights, he can access files, run applications or print, similar to a PC connected locally; however, the speed of the connection may limit the remote user's ability to use certain resources.
Remote access methods
Remote access to your LAN can be achieved using any of three general methods: a dedicated dial-up connection, an extranet or a virtual private network (VPN). Each method has advantages based on the level of service required as influenced by factors such as speed, security and number of simultaneous users.
Dedicated dial-up connections are the most popular and easiest to implement. A single dedicated telephone line is connected to a modem, or several lines are connected to a bank of modems. The modems are connected to a remote access server (RAS). Some manufacturers integrate modems within the RAS; in fact, larger ISPs use an RAS that accepts a T1, which will provide 24 separate dial-in connections. The RAS manages the data flow between the modem and the local network server. Most dial-in services use the Internet Protocol (IP) over the Point-to-Point Protocol (PPP).
The PPP is layered, consisting of several protocols including the Link Control Protocol (LCP) that is used for the initial establishment of the link. Once connected, one or more Network Control Protocols (NCP) are used to transport data for a particular protocol, typically IP. Other protocols permit secure-password authorization, IP-address notification and link monitoring. The Serial Line IP (SLIP) protocol also was designed to transport IP over a dial-up connection; however, it has been replaced by the PPP.
An extranet is considered a private network; however, it can be thought of as a secure website, generally requiring authorization in the form of a username and password. A properly designed extranet allows you to access information through any standard Web browser or FTP program. Similar to local networks, access can be limited for each user based on the specific rights granted. For example, a company that wants to allow its employees to view certain private information can control who may read it and under what conditions, such as time of day, length of time or ability to download to another PC. Needless to say, extranets require a great deal of security, not only from employees within the organization, but from outside hackers who are always ready to find �holes� in your server. Most extranets are protected behind a firewall, a device that performs filtering and routing of incoming data packets. Due to the constantly changing traffic patterns encountered on the Internet, firewalls have limitations and are subject to sophisticated hacking. An unauthorized user that types in the address of an extranet, located behind a firewall, will usually receive a �Site Not Found� message.
Virtual Private Networks
The virtual private network, or VPN, provides a private and secure connection between a remote user and a network over a public network. VPNs can be created through a standard Internet connection or, in some cases, a private WAN. A VPN is designed to work exclusively over the IP protocol; however, it will transport other protocols such as NetBEUI and IPX. In reality, the concept behind the VPN has been around for several years, known as IP Tunneling. The principle behind IP Tunneling is fairly simple: the data is encapsulated within the IP packets and has the ability to be secured using data encryption and authentication methods.
Originally, the VPN was based on either the Point-to-Point Tunneling Protocol (PPTP) developed by Microsoft for PC-to-LAN connections or the Layer 2 Forwarding protocol (L2F) developed by Cisco to support LAN-to-LAN communications. Currently, the features of both protocols are combined into a standard known as Layer 2 Tunneling Protocol (L2TP). L2TP supports multiple simultaneous tunnel connections. Other VPN protocols include IP Security (IPSec), a technology developed for firewalls and designed to support the secure transmission of only IP packets, and SOCKS5, which provides a higher level of control, but requires special software running on an independent server and at the client PC location.
If you have an investment in an Internet infrastructure, such as a Web server and dedicated high-speed connection, a VPN may be the least costly solution to hook-up remote users.
The broadcast business presents applications for remote access such as programming, sales, marketing, technical and other business function efforts. Personnel at remote broadcasts can have access to your servers, allowing, control over a station's digital audio storage system or the transfer of produced audio tracks. VPNs can connect remotely located kiosks, permitting the station to provide targeted marketing information at high-traffic locations. A sales force can access contact information, presentations, spot availability, etc. while in the field, saving time and potential sales.
The uses of a well-implemented remote access solution are endless. Next month I'll discuss some of the hardware required to achieve remote access at your facility.
Kevin McNamara, BE Radio's consultant on computer technology, is president of Applied Wireless Inc., New Market, MD.
All of the Networks articles have been approved by the SBE Certification Committee as suitable study material that may assist your preparation for the SBE Certified Broadcast Networking Technologist exam. Contact the SBE at (317) 846-9000 or go towww.sbe.orgfor more information on SBE Certification.