Remote Networking Architectures What is Remote Networking? Remote Access Networking Virtual Private Networks (VPN) Remote Control Computing

What is Remote Networking? A type of network communication that enable users to access resources that are not at their physical location. Internet Remote Computer Remote access server Network Resources

Remote Access Networking A type of network communication that enables a user to access a computer or network from a remote distance. Internet Client configured for remote access via the internet Server configured to receive remote access connections from the internet Client configured for direct dial-up access Server configured to receive dial-up connections

Remote Access Authentication Process Remote Access Server Remote Client Step 1 : A remote user initiates a session. Step 2 : The remote computer requests connection to a remote access server. Step 3 : The remote server acknowledges the connection. Step 4 : The client is requested to authenticate itself by using a remote authentication protocol. Step 5 : A connection is established between both computers by using the agreed-upon authentication protocol and credentials.

Protocols used in Remote Access Networking Point-to-Point Protocol (PPP) Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Remote Authentication Dial-In User Service (RADIUS) Terminal Access Controller Access Control System (TACACS) Diameter

Password Authentication Protocol An authentication method that sends clients IDs and passwords as clear text. Client identifies itself Server requests verification Client provides password

Challenge Handshake Authentication Protocol (CHAP) Process An authentication method that is used for encrypting clients’ IDs and passwords. Logon requested Challenge Response Logon accepted

The CHAP Process Step 1 : A remote client requests a connection to the remote access server. Step 2 : The remote server sends a challenge sequence, which is usually a random value. Step 3 : The remote client uses its password to encrypt the challenge sequence and sends the results to the server. Step 4 : The server verifies the response and allows access to resources.

Remote Authentication Dial-In User Service (RADIUS) Remote clients connect to dial-up servers Dial-up servers receive requests and pass credentials to RADIUS sever RADIUS server accepts and processes all authentication requests RADIUS server Dial-up servers configured as RADIUS clients Remote Clients

Tunneling A data-transport technique whereby a data packet from one protocol is transferred inside the frame or packet of another protocol. IP data unencapsulated Carrier protocol (IP) moves the data Internet Passenger protocol enters the network Passenger protocol leaves the network ISP IP data encapsulated

Virtual Private Networks (VPN) VPN endpoint Public network VPN endpoint VPN endpoint Private network Private network VPN endpoint VPN endpoint Private network

Types of Virtual Private Networks (VPN) Access Virtual Private Network Intranet Virtual Private Network Extranet Virtual Private Network

Access Virtual Private Network A type of VPN that provides remote access to single users via dial-up, ISDN, xDSL and cable modem connections. Internet ISP Remote client Main Office VPN router Provides hardware based VPN

Intranet Virtual Private Network A type of VPN that connects sections of network , such as remote offices tying into a corporate headquarters. Internet Provides hardware based VPN Intranet remote office VPN router ISP Intranet main office

Extranet Virtual Private Network A type of VPN that connects networks belonging to different companies for the purpose of sharing resources. Intranet main office VPN router Internet VPN router ISP ISP VPN router Intranet remote office Extranet partner office

Secure Socket Layer VPN (SSL VPN) A VPN format that works with a web browser. Encryption protocols Secure the data Tunneling protocols secure the path Internet T-1 CSU/DSU VPN server ISP Encryption protocols secure the data

Protocols used in Virtual Private Network Point-to-Point Tunneling Protocol (PPTP) Layer Two Tunneling Protocol (L2TP)

VPN Concentrator A device that allow users to use an encrypted tunnel to securely access a corporate or other network via the internet. Main Office VPN Concentrator Internet ISP ISP Branch Office Remote user Remote user

Remote Control Computing A type of network communication that uses special software package that enables a remote client to take over a host computer on the network, as well as run applications from a server. Host client should be a dedicated server Internet Remote client Host client

Protocols used in Remote Control Remote Desktop Protocol (RDP) Virtual Network Computing (VNC) ICA (Independent Computing Architecture) X Windows System

Benefits of Remote Control Computing Supports connection and communication of multiple devices. Provides enhanced security due to implementation of both basic and advanced encryption schemes. Provides Remote Desktop Connection for sever administration and maintenance. Provides a centralized system for application deployments and remote access to those applications.

Microsoft Windows Terminal Services A Client/Server system that enables multiple clients to run applications or manage a server remotely. Terminal Server Remote Clients

Web-Based Remote Access A type of network communication that provides remote access to services and data via web browsers. Remote user accesses applications via a web browser Internet Remote administrator manages application servers via a web browser Web servers host applications