Skip to main content

Remote Access


Remote access is the ability for an authorized person to access a computer or a network from a geographical distance through a network connection. Remote access enables users to connect to the systems they need when they are physically far away. This is especially important for employees who work at branch offices, are traveling or telecommute to work.

Remote access enables remote users to access files and other system resources on any devices or servers that are connected to the network at any time, increasing employee productivity and enabling them to better collaborate with colleagues around the world.

A remote access strategy also gives organizations the flexibility to hire the best talent regardless of location, remove silos and promote collaboration between teams, offices and locations.

Technical support professionals also use remote access to connect to users' computers from remote locations to help them resolve issues with their systems or software.

One common method of providing remote access is via a remote access VPN connection. A VPN creates a safe and encrypted connection over a less secure network, such as the internet. VPN technology was developed as a way to enable remote users and branch offices to securely log into corporate applications and other resources.

How remote access works

Remote access is usually accomplished with a combination of software, hardware and network connectivity. For example, traditional remote access before the wide availability of internet connectivity was accomplished using terminal emulation software that controlled access over a hardware modem connected to a telephone network. Now, remote access is more commonly accomplished using a secure software solution like a VPN -- software -- by connecting hosts through a hard-wired network interface or Wi-Fi network interface -- hardware -- or by connecting via the internet -- network.

Remote access VPNs are used to connect individual users to private networks. With a remote access VPN, each user needs a VPN client capable of connecting to the private network's VPN server.

When a user is connected to the network via a VPN client, the software encrypts the traffic before it delivers it over the internet. The VPN server, or gateway, is located at the edge of the targeted network and decrypts the data and sends it to the appropriate host inside the private network.

A computer must have software that enables it to connect and communicate with a system or resource hosted by the organization's remote access service. Once the user's computer is connected to the remote host, it can display a window with the target computer's desktop.

Enterprises can also use remote desktops to enable users to connect to their applications and networks remotely. Remote desktops use application software -- sometimes incorporated into the remote host's operating system -- that enables apps to run remotely on a network server and be displayed locally at the same time.

Users can securely access on-premises and cloud applications and servers from anywhere, on any device with a variety of authentication methods, including remote single sign-on, which gives users easy and secure access to the apps they need without configuring VPNs or modifying firewall policies.

In addition, organizations can use multifactor authentication to verify a user's identity by combining multiple credentials unique to one person.
Types of remote access
Traditionally, enterprises use modems and dial-up technologies to allow employees to connect to office networks via telephone networks connected to remote access servers. Devices connected to dial-up networks use analogue modems to call assigned telephone numbers to make connections and send or receive messages.
Broadband provides remote users with high-speed connection options to business networks and to the internet. There are several types of broadband, including the following:
  • Cable broadband shares bandwidth across many users and, as a result, upstream data rates can be slow during high-usage hours in areas with many subscribers.
  • DSL (Digital Subscriber Line) broadband provides high-speed networking over a telephone network using broadband modem tech. However, DSL only works over a limited physical distance and may not be available in some areas if the local telephone infrastructure doesn't support DSL technology.
  • Cellular internet services can be accessed by mobile devices via a wireless connection from any location where a cellular network is available.
  • Satellite internet services use telecommunications satellites to provide users with internet access in areas where land-based internet access isn't available, as well as for temporary mobile installations.
  • Fiber optics broadband technology enables users to transfer large amounts of data quickly and seamlessly.
Remote access protocols
Common remote access and VPN protocols include the following:
  • Point-to-Point Protocol (PPP) enables hosts to set up a direct connection between two endpoints.
  • IPsec -- Internet Protocol Security -- is a set of security protocols used to enable authentication and encryption services to secure the transfer of IP packets over the internet.
  • Point-to-Point Tunneling (PPTP) is one of the oldest protocols for implementing virtual private networks. However, over the years, it has proven to be vulnerable to many types of attack. Although PPTP is not very secure, it persists in some cases
  • Layer Two Tunneling Protocol (L2TP) is a VPN protocol that does not offer encryption or cryptographic authentication for the traffic that passes through the connection. As a result, it is usually paired with IPsec, which provides those services.
  • Remote Authentication Dial-In User Service (RADIUS) is a protocol developed in 1991 and published as an Internet Standard track specification in 2000 to enable remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.
  • Terminal Access Controller Access Control System (TACACS) is a remote authentication protocol that was originally common to Unix networks that enables a remote access server to forward a user's password to an authentication server to determine whether access to a given system should be allowed. TACACS+ is a separate protocol designed to handle authentication and authorization, and to account for administrator access to network devices, such as routers and switches.


Comments

Popular posts from this blog

Ghosting

Ghosting is to cease communications without notification. The use of the word "ghost" as a verb originated in social media in reference to dating, but the term is now used by employers to describe employees and potential employees who suddenly disappear. Typically, ghosting is used to describe: Job candidates who suddenly stop responding to messages. New hires who fail to show up for their first day of work. Employees who do not show up for a shift. Employees who leave work in the middle of the day and never come back. Some analysts blame ghosting on millennial entitlement. The reasoning is that members of the millennial generation have been brought up to feel they are special -- so special, in fact, that they do not need to follow conventional rules of behavior. Other analysts, however, maintain that ghosting behavior stems from changes in the job market and the phenomenon is simply a reflection of the laws of supply and demand in a healthy jo...

Data deduplication

Data deduplication -- often called intelligent compression or single-instance storage -- is a process that eliminates redundant copies of data and reduces storage overhead. Data deduplication techniques ensure that only one unique instance of data is retained on storage media, such as disk, flash or tape. Redundant data blocks are replaced with a pointer to the unique data copy. In that way, data deduplication closely aligns with incremental backup, which copies only the data that has changed since the previous backup. For example, a typical email system might contain 100 instances of the same 1 megabyte (MB) file attachment. If the email platform is backed up or archived, all 100 instances are saved, requiring 100 MB of storage space. With data deduplication, only one instance of the attachment is stored; each subsequent instance is referenced back to the one saved copy. In this example, a 100 MB storage demand drops to 1 MB. Target vs. source deduplication Data deduplica...

A Graphics Processing Unit (GPU)

A graphics processing unit (GPU) is a computer chip that performs rapid mathematical calculations, primarily for the purpose of rendering images. A GPU may be found integrated with a central processing unit (CPU) on the same circuit, on a graphics card or in the motherboard of a personal computer or server. In the early days of computing, the CPU performed these calculations. As more graphics-intensive applications such as AutoCAD were developed; however, their demands put strain on the CPU and degraded performance. GPUs came about as a way to offload those tasks from CPUs, freeing up their processing power. NVIDIA, AMD, Intel and ARM are some of the major players in the GPU market. GPU vs. CPU A graphics processing unit is able to render images more quickly than a central processing unit because of its parallel processing architecture, which allows it to perform multiple calculations at the same time. A single CPU does not have this capability, although multi...