VPN: An Easy Software Appliance Solution for Remote Access

1
VPN An Easy Software / Appliance Solution
forRemote Access

• Robert Gulick, EdD
• Instructional Technology Integration Manager
• Parma City School District
• gulickb_at_parmacityschools.org

2
This is not about

• Heavy-duty tech topics
• layer 2 frames over MPLS
• BGP ("layer 3 VPNs")
• PKI in IPsec
• IKEv2 Mobility
• Point-to-Point Tunneling Protocol (PPTP)
• Online file storage services (www.xdrive.com or
  www.filesanywhere.com)

3
This is about how to

• Access files on your school / office computer
• Remotely run software on your school computer
• Remotely maintain your school computer / server

4
Topics

• What is VPN
• What is Remote Access
• Software Solutions
• Subscription Solutions
• Hardware Solutions
• Questions to Consider
• Our Results

5
What is VPN?

• Virtual Private Network
• Technology that enables two computers to
  communicate privately using a public network
• Encrypted messages sent between computers via the
  Internet

6
What is Remote Access?

• Accessing network resources (data) from outside
  the network
• May or may not be via a VPN (could use RAS /
  modem)
• While at a conference you can access a file on
  your building server.

7
Vocabulary

• Host
• The target computer the computer you wish to
  access or control
• Client
• The computer you are using to access the host
• Thin v. Rich Client

8
Software Free

• Remote Desktop Connection
• WindowsXP Pro to WindowsXP Pro / Windows Server
  2000
• Need to configure the host computer to accept
  connections (security)
• Many options
• Sound, speed,remote printing

9
Software Free

• Remote Desktop Connection
• Pros
• Good speed
• Easy to setup
• Cons
• External access requiresexternal IP
  Address(each computer)
• Only 1 clientper host at a time

10
Software Free

• TightVNC (OpenSource)
• www.tightvnc.com
• Works on multiple platforms and between multiple
  platforms
• Install VNC Server on host and VNC Viewer on
  client
• Handles filetransfers

11
Software Free

• TightVNC (OpenSource)
• Pros
• Very good speed
• Great for older or non Microsoft systems
• Cons
• External access requires external IP Address
• Support is limited
• user groups and pay support versions available
  www.vnc.com

12
Software Free

• Demonstration Time

13
Software -

• Typically
• Need 1 license on each host and 1 license on each
  client
• User / password settings are maintained on each
  host
• Have more support options

14
Software -

• PCAnywhere
• http//www.pcanywhere.com/ (Symantec)
• LapLink Gold
• http//www.laplink.com/
• Anyplace Control
• http//www.anyplace-control.com/
• Timbuktu
• http//www.netopia.com/ (now with Skype)

15
Software -

• Pros
• More security option
• Additional features
• Cons
• Can be expensive for wide installation
• Require rich client to use
• External access requires external IP Address

16
Software Subscription

• Typically
• Pay by host user combination
• Install an agent on each host machine
• Thin client (Web access java applet)
• Maintain user / passwords at service Web site

17
Software Subscription

• GoToMyPC
• http//www.GoToMyPC.com
• LogMeIn
• http//www.logmein.com
• PCNow (WebEx)
• http//pcnow.webex.com/

18
Software Subscription

• Pros
• External access WITHOUT external IP Address
• Many security options
• Integrated updates
• Cons
• Can get expensive
• Monthly / yearly rates
• Constantly generates outbound network traffic
• Heartbeat

19
Hardware VPN

• Typically
• 1U Linux server
• Needs 1 external IP address for up to 25
  concurrent users
• SSL provided through vendor under service
  agreement (including DNS)
• Web Interface for everything
• Clientless access (java)
• LDAP/Active Directory enabled

20
Hardware

• www.Aventail.com
• www.sonicwall.com
• http//www.safenet-inc.com
• www.aepnetworks.com

21
Hardware

• Pros
• Simple to install
• Thin VPN client means no user installs
• No local firewall issues (typically)
• Cons
• Not every solution works on all hardware /
  software
• Another server to maintain

22
Our Results

• VPN Appliance (Hardware) by Enkoo
• recently purchased by SonicWall
• 17 named users
• Access 20 desktops and 30 servers
• Only problem is reset password (not using LDAP)
• Standard VPN Server (for teacher grades)
• 500 users (using LDAP group)
• On average 5 - 10 have problems due to home
  computer configuration (typically firewall)

23
Hardware

• Demonstration

24
Questions to Consider

• What OS? (host / client)
• Is external access needed?
• Can you get one or more external IP Addresses?
• How many computers?
• How many users?
• How much use?
• What levels of security / support do you need?

25
Web Resources

• Search Terms
• SSL VPN Appliance
• VNC
• Remote Desktop Control
• VPN

26
The End

• gulickb_at_parmacityschools.org
• Copy of presentation at
• www.parmacityschools.org/presentations