With the summer months upon us, more people are accessing their corporate networks remotely due to increased travel and summer work-from-home options. More remote network access means an onslaught of various devices and security and accessibility issues. On the upside, this gives partners an opportunity to educate end users and offer services that support remote network access.
"The notion is that the workforce is becoming increasingly mobile and managing this kind of environment means being in touch with IT resources and maintaining a management framework," said Rainer Enders, CTO, Americas for NCP-engineering. "Our products focus on people who travel and the fact that people want to have secure, robust and functional VPN so they can securely and easily connect back to their company's network."
NCP offers partners and end users remote network access technology to overcome issues
NCP works around VPN technologies to offer remote access. Its remote access technologies include IPsec VPN, SSL VPN, Friendly Net Detection, VPN Path Finder, Seamless Roaming, Network Access Control, High Availability Services and Overlapping Networks.
"The most robust VPN technologies in deployment to date are IPsec VPN and SSL VPN. We have client technologies as well as server technologies. We are known for our consumer-grade entry client, which is an IPsec VPN client," Enders said.
No matter the remote-network access solution, the goal behind each solution NCP offers is to provide easy and secure access for the end user, without a glitch. "Ultimately the VPN is not an application that should concern the end users. It should just be there in the background doing its work, but it shouldn't interfere with the end user," Enders said.
Remote network access is about devices and location, location, location
Read more on remote network access
Network access control services: Partner flexibility, customer visibility
Network access security challenges: Mobility requires new strategies
Managing remote employees: How to secure remote network access
"Travellers may find themselves in situations where it's only DSL, dial up, mobile broadband, etc.," said Enders. "Then you have different locations where you may be at home, an Internet café, or an airport. Users also have many different devices these days, including laptops, tablets, smartphone, etc. For these situations, NCP implements functions and features in the client that can assist the user in mastering or managing these complex environments."
NCP's dialer feature, for example, is integrated into the client and detects the different communication media and transport types that are available on the device where the client is installed. The dialer arranges it and gives it a certain priority, allowing the user to automatically use whatever communication media is best and available and issue a connection over that.
NCP's VPN Path Finder technology discards barriers in communication and connection within IPsec VPNs by allowing data connections from unknown networks that refute IPsec communication and only allow Internet access to Web browsers.
"In a hotel, you may have situation where IPsec ports are blocked because a lot of places operate on the assumption that the whole world is on SSL, but it's not. This prevents IPsec clients from connecting or passing traffic. Path Finder switches over to a different port, which is typically an SSL port, which then passes the IPsec packets to the SSL port," Enders said.
While blocked ports are one issue with remote network access, Enders explains that the larger theme is usability in general.
"If the connection or client fails," said Engers, "there could be many different reasons. If a user goes out from a hotel, he or she may not notice it, but the wireless LAN connection is now no longer available because it is out of reach. However, the user does have access to a 3G or 4G network, so the connection resumes where other clients would basically disconnect. Our client will seamlessly re-establish the connection in the background so the user won't notice that the transport has changed."
Remote access security key to managing remote network access complexities
Accessing a network remotely requires increased security due to the numerous variables involved like locations and devices.
"There are two conflicting goals with remote access security. One is to provide a seamless, easy-to-use experience to the user. The other goal is to stay secure at the same time, which is difficult. Our Automatic Hotspot Logon feature allows the user to log on to a hotspot while still maintaining security. It can open selective ports for a short period of time, bypass the hotspot logon and then close everything down again. It's all automatic so it doesn't require the user to go in and change the security settings," Enders said.
NCP also has a managed client firewall that operates in conjunction with the hotspot feature, which locks the client against authorized access. This also includes a profile login that prevents the user from accidentally or knowingly disabling some of the security functions.
Partners educate customers on remote network access, expanding offerings
Understanding and adhering to the complexities that remote network access brings can be difficult for customers. Partners can step in and be a key resource to customers, educating them on best practices and a proper remote access policy.
"The best tools for partners are education and showing users or customers how easy it is to provide the secure environment. Especially VARs, companies that really want to add value to their product offering should demonstrate that it's possible to provide good usability and manageability while maintaining security," Enders said.
NCP provides technology and appropriate training for partners to help their customers and users best implement remote network access. As Enders put it, "We provide technology, services and consulting that enables our partners to deliver functionality and value added products. Our partners can work with their customers to deliver highly sophisticated and customizable solutions. They have flexibility to offer whatever solution and type of remote access security their customer needs."