This page contains a Flash digital edition of a book.
how to guide: secure remote access


Secure remote access


Secure access control helps organisations limit the risk posed by the growing demand for remote access


IT is no longer just travelling salespeople that need regular access to the corporate network from remote or mobile devices. Residential broadband has enabled a much higher degree of home working, while the growing sophistication of mobile devices means that employees now want access to corporate data on the go. The conventional approach to enabling


remote access over the Internet is to establish a virtual private network (VPN). In the past, VPNs used the


the corporate IT environment. SSL is supported by all modern web browsers, so this kind of VPN does not require any supplementary software to be installed on the device.


Limited access SSL VPNs operate on the application layer, which means that the devices can be limited from accessing certain applications in the network.


Internet Protocol Security (IPSec) framework to create a secure, encrypted connection between the remote device and the corporate environment at the network layer. This meant that all traffic, irrespective of the application, is secured, but also that the device has full access to the network once the VPN connection is made. IPSec VPNs also demanded that remote


devices had the right software installed and were configured correctly. In recent years, however, IPSec VPNs have been superseded by SSL VPNs, which use the Secure Socket Layer to secure the connection between the remote device and


WWW.INFORMATION-AGE.COM


It is the remote access control system that allows the IT department to manage which


devices are allowed to connect


The remote access control


system for an SSL VPN sits inside the corporate environment, behind the firewall. This is to prevent it from being compromised by a non-specific attack from the web. When a remote device


attempts to connect to the


network through the SSL VPN, this system will look for some kind of proof that it is an approved device. Most often, this will be an SSL certificate, but it could also be a specific entry into the registry of the device’s operating system or, in the case of smartphones, a serial number or other unique identifier. It is the remote access control system that


WWW.F5.COM 7


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20