With Wide Area Networks, remote access is provided via routers
together with Microsoft dial-up networking. This allows improved
performance over ISDN compared to traditional dial-up solutions
using a modem
Let us start with WAN access devices. They used to be called
modems. In fact, modems still are WAN access devices, but just one
of many, many different technologies used at the remote end of the
WAN link. Here we're talking about the products used to access
central WAN switches, remote access concentrators, or backbone
routers. While many are purely modem alternatives - devices which
provide a simple link between a PC or LAN and the outside world -
others perform specific jobs such as automate email collection,
Internet downloads or any variation on the many new themes that
extensive Internet use has brought us.
Increasingly, WAN access devices support a range of services and
technologies, so even with a low-cost, small-footprint device you
can effectively customise your WAN services, or chop and change
over a period of time without any serious investment of money or
time. One very obvious modem alternative, which also provides the
kind of extra flexibility mentioned above, is the ISDN Terminal
Adaptor (TA). Conceived as a replacement for the analogue modem,
the TA is now every bit as "simple" ( if not more so ( than the
modem, while offering greater functionality and performance levels.
But then you do need an ISDN line. At one time price was an issue
with both the hardware and line rental/installation, but both have
fallen by about 400 per cent during the second half of the
decade.ISDN is currently prevalent among WAN access devices. From a
technical point of view, ISDN has made sense as a WAN service ever
since companies started to interconnect remote LANs. Its
flexibility in providing bandwidth as you need it, the ability to
carry any type of traffic and the familiarity of its PSTN-like
connection make it the logical successor to the huge number of
analogue PSTN, X.25 and other networks still out there across the
world. The networking hardware vendors - particularly in the UK,
Germany, France and Australia, and more latterly the US ( quickly
caught on to the technology with a wide range of products having
now been available for a couple of years or more. It was the
LAN-to-LAN interconnect market and the introduction of the access
router which enabled ISDN to find its true vocation hardware-wise,
from which a whole variety of products are now evolving. So now we
have a proliferation of ISDN remote access devices at all levels of
the market, from personal PC card based routers to big modular
systems. At the entry level in particular, the ISDN "personal
router" lends itself ideally to the role of Internet access device.
But this role is equally applicable to many of the emerging
technologies too. So whatever the technology, the feature set for a
basic access device will, in practice, be quite similar from
product to product. Where feature sets will differ is where a WAN
access device has been designed to fulfil a particular requirement.
The new wave of remote access software applications is appearing
is, unsurprisingly, on the Internet. Some are geared towards remote
management of networking devices or PCs and are often integrated
within a complete network management product suite, though
standalone products are also available. The Internet has, of
course, been the catalyst for many emergent technologies since its
popularisation earlier this decade, and another remote access
software variation it has been responsible for is push technology.
Defined initially as a form of automated data delivery almost
totally oriented towards the Web browser world, push technology has
since broadened its horizons to cover software applications
distribution, network management and device configuration. To many,
however, it still means something like Pointcast ( a broadcaster of
national and international news, stock information, weather and
other mainstream news topics across the Internet, delivered
regularly direct to a users desktop browser. This is what you might
term "automated remote access software". What some integrators have
done is to combine these different types of remote access software
to create new applications. For example, combining true "push and
pull" technology with a remote control session can enable
interactive training across the network. So a trainer or support
staff member can both see and ( if necessary control ( a user's
remote PC to show them how to use a particular application, for
example. A similar application might be where the software produces
an automated response to problems a remotely located user
encounters, simply by them using a pull-down menu to assist them
when a problem arises.Just what feature set you find within a
remote access software package depends on exactly what the nature
of the application is. The most important aspect to look for is to
check what range of remote access hardware - modems, ISDN TAs,
routers and so on - it supports. Thereafter, it is very much a case
of identifying in the first place, exactly what applications you
want to run across the remote link and ensuring that the software
will support these.Remote access software can be based on both
client and server platforms, so operating systems support is
fundamental to the capabilities of the product. Originally, support
was geared towards DOS and Novell NetWare but, as the Microsoft
influence increased and the domination of MS Windows, in its
various incarnations, took over, most of the support has been
geared towards this market sector. Support for Apple, Novell and
Sun/UNIX platforms is still widespread, but support for OS/2 - once
a favourite of remote access solution suppliers - is fading. Some
products will nowadays be purely aimed at web browser based
operations too, whereas others will support both the Windows and
browser interfaces.Microsoft NT Server's integrated Remote Access
Server (RAS) is very popular nowadays, especially in the small
office home office environment, so it may be worth checking to see
if NT RAS support is included in the product. This is obviously
important if the remote access software is a client-based
alternative to Microsoft's dial-up networking software, supplied
with all the Windows variants as part of the package. While dial-up
networking is widely supported, it is very much geared towards
Internet access and may not always have the range of features
required for a true remote node connection, depending largely on
the capabilities of the hardware it is being used with.The
traditional Novell protocol is IPX and this is still used
extensively. Consequently you will find that support for this
protocol among remote access software packages is still widespread.
However, thanks to the Internet - which is based on TCP/IP - the IP
protocol is quickly becoming the de-facto standard protocol for all
computer systems and is ideally suited to remote access software
applications. Originally it was used only with UNIX within the
network but now it is the primary protocol for use with any
operating system, Microsoft's and Novell's offerings included. It
is even now popular for connecting to IBM and Digital mainframes,
though SNA and DECnet respectively are still in common use so check
for support for these protocols if you need them. Microsoft's
NetBEUI and IBM's NetBIOS are also still used in certain
applications so it is worth checking that these are supported also,
if you think you might need them.In addition to running IP and IPX
over the WAN, a number of popular, dedicated WAN protocols may be
supported by the remote control software, the key ones being as
follows:1) PPP ( Point-to-Point Protocol. This became very popular
with the popularisation of LAN to LAN connectivity. It quickly
became a multi-vendor, defacto standard enabling interoperability
between any two WAN devices - such as ISDN Terminal Adaptors (TA) -
supporting PPP. An extension of this protocol appeared in the form
of ML-PPP - MultiLink PPP - which enables multiple channels, such
as ISDN B channels, to be aggregated in a standard format. So, for
example, using ML-PPP a connection can be made between two
different vendors TAs over ISDN at 128Kbit/s - two 64Kbit/s B
channels aggregated in other words.2) HDLC - High Level Data Link
Control. This is an ITU-TSS link layer protocol standard for
point-to-point and multi-point communications, often associated
with IBM systems. 3) LAPB - Link Access Procedure, Balanced. This
is a data link protocol in the X.25 protocol stack. LAPB is a
bit-oriented protocol derived from HDLC.4) SLIP - Serial Line IP.
This is a protocol used to run IP over serial lines, such as
telephone circuits or RS-232 cables, interconnecting two systems on
a point-to-point basis. While most WAN hardware devices will now
include some form of optional data compression to enhance data
transfer performance, many remote access software packages also
provide integrated --and always optional - data compression
routines of their own. Note, though, that if data being transferred
across the WAN connection is already in compressed format - ZIPped
for example - then adding extra data compression is likely to
result in the transfer speed slowing down. The same can also be
true of combining software and hardware based compression, so
handle data compression with care!Some remote access software
packages provide intelligent coding for minimising on-line time
and, therefore, costs and bandwidth usage. The best examples are
directly aimed at combining user control with cost efficient use of
the network, but without undue user restrictions. At the heart of
such a system you might find what is best described as intelligent,
off-line data queuing. This is akin to an architecture which - for
any process or application - carries out as much as it can
off-line, then allows the online connection to be made when the
user chooses and enables them to carry out tasks at a time which
suits them. Connections can then be fully automated to take
advantage of the best times to connect to the WAN or Internet. In
some cases, the remote users can further select which WAN service
they want to use at a particular time of day, or for a particular
job, with the software switching between different service types
automatically, to further optimise connection costs.Some remote
access software packages will include support for Virtual Private
Network (VPN) tunnelling. A VPN is effectively a "private" network
that uses some "public" segments. This makes it significantly less
expensive and more flexible than a dedicated private network. Each
of the private networks need only be connected to a local Internet
service provider, and adding new connections is simple and
inexpensive. In order to make data connections secure, a "tunnel"
is created between the source and destination end-points which
encapsulates the IP packets and encrypts the data. While some
tunnelling schemes will be proprietary, most will support IPSec,
either in 32-bit or 64-bit (the code length) mode. IPSec is a
framework of open standards for ensuring secure private
communications over public networks like the Internet, which is why
it has been applied to VPNs. It is a set of protocols developed by
the IETF (Internet Engineering Task Force) to support secure
exchange of packets at the IP layer. IPSec supports two encryption
modes: Transport and Tunnel. Transport mode encrypts only the data
portion (payload) of each packet, but leaves the header untouched.
The more secure tunnel mode, as used in VPNs, encrypts both the
header and the payload. On the receiving side, an IPSec-compliant
device must be present to decrypt each packet.The final
consideration is possibly the most important: security. All remote
access software packages will offer at least basic security in the
form of password protection. Beyond this general security features
will vary depending on the nature and cost of the remote access
product. Typically these can either be used in tandem to create
multi-layered security or individually.
Steve Broadhead