Using WANs improve performance over ISDNs

With Wide Area Networks, remote access is provided via routers together with Microsoft dial-up networking. This allows improved...

With Wide Area Networks, remote access is provided via routers together with Microsoft dial-up networking. This allows improved performance over ISDN compared to traditional dial-up solutions using a modem

Let us start with WAN access devices. They used to be called modems. In fact, modems still are WAN access devices, but just one of many, many different technologies used at the remote end of the WAN link. Here we're talking about the products used to access central WAN switches, remote access concentrators, or backbone routers. While many are purely modem alternatives - devices which provide a simple link between a PC or LAN and the outside world - others perform specific jobs such as automate email collection, Internet downloads or any variation on the many new themes that extensive Internet use has brought us.

Increasingly, WAN access devices support a range of services and technologies, so even with a low-cost, small-footprint device you can effectively customise your WAN services, or chop and change over a period of time without any serious investment of money or time. One very obvious modem alternative, which also provides the kind of extra flexibility mentioned above, is the ISDN Terminal Adaptor (TA). Conceived as a replacement for the analogue modem, the TA is now every bit as "simple" ( if not more so ( than the modem, while offering greater functionality and performance levels. But then you do need an ISDN line. At one time price was an issue with both the hardware and line rental/installation, but both have fallen by about 400 per cent during the second half of the decade.

ISDN is currently prevalent among WAN access devices. From a technical point of view, ISDN has made sense as a WAN service ever since companies started to interconnect remote LANs. Its flexibility in providing bandwidth as you need it, the ability to carry any type of traffic and the familiarity of its PSTN-like connection make it the logical successor to the huge number of analogue PSTN, X.25 and other networks still out there across the world. The networking hardware vendors - particularly in the UK, Germany, France and Australia, and more latterly the US ( quickly caught on to the technology with a wide range of products having now been available for a couple of years or more. It was the LAN-to-LAN interconnect market and the introduction of the access router which enabled ISDN to find its true vocation hardware-wise, from which a whole variety of products are now evolving. So now we have a proliferation of ISDN remote access devices at all levels of the market, from personal PC card based routers to big modular systems.

At the entry level in particular, the ISDN "personal router" lends itself ideally to the role of Internet access device. But this role is equally applicable to many of the emerging technologies too. So whatever the technology, the feature set for a basic access device will, in practice, be quite similar from product to product. Where feature sets will differ is where a WAN access device has been designed to fulfil a particular requirement.

The new wave of remote access software applications is appearing is, unsurprisingly, on the Internet. Some are geared towards remote management of networking devices or PCs and are often integrated within a complete network management product suite, though standalone products are also available. The Internet has, of course, been the catalyst for many emergent technologies since its popularisation earlier this decade, and another remote access software variation it has been responsible for is push technology. Defined initially as a form of automated data delivery almost totally oriented towards the Web browser world, push technology has since broadened its horizons to cover software applications distribution, network management and device configuration. To many, however, it still means something like Pointcast ( a broadcaster of national and international news, stock information, weather and other mainstream news topics across the Internet, delivered regularly direct to a users desktop browser. This is what you might term "automated remote access software". What some integrators have done is to combine these different types of remote access software to create new applications. For example, combining true "push and pull" technology with a remote control session can enable interactive training across the network. So a trainer or support staff member can both see and ( if necessary control ( a user's remote PC to show them how to use a particular application, for example. A similar application might be where the software produces an automated response to problems a remotely located user encounters, simply by them using a pull-down menu to assist them when a problem arises.

Just what feature set you find within a remote access software package depends on exactly what the nature of the application is. The most important aspect to look for is to check what range of remote access hardware - modems, ISDN TAs, routers and so on - it supports. Thereafter, it is very much a case of identifying in the first place, exactly what applications you want to run across the remote link and ensuring that the software will support these.

Remote access software can be based on both client and server platforms, so operating systems support is fundamental to the capabilities of the product. Originally, support was geared towards DOS and Novell NetWare but, as the Microsoft influence increased and the domination of MS Windows, in its various incarnations, took over, most of the support has been geared towards this market sector. Support for Apple, Novell and Sun/UNIX platforms is still widespread, but support for OS/2 - once a favourite of remote access solution suppliers - is fading. Some products will nowadays be purely aimed at web browser based operations too, whereas others will support both the Windows and browser interfaces.

Microsoft NT Server's integrated Remote Access Server (RAS) is very popular nowadays, especially in the small office home office environment, so it may be worth checking to see if NT RAS support is included in the product. This is obviously important if the remote access software is a client-based alternative to Microsoft's dial-up networking software, supplied with all the Windows variants as part of the package. While dial-up networking is widely supported, it is very much geared towards Internet access and may not always have the range of features required for a true remote node connection, depending largely on the capabilities of the hardware it is being used with.

The traditional Novell protocol is IPX and this is still used extensively. Consequently you will find that support for this protocol among remote access software packages is still widespread. However, thanks to the Internet - which is based on TCP/IP - the IP protocol is quickly becoming the de-facto standard protocol for all computer systems and is ideally suited to remote access software applications. Originally it was used only with UNIX within the network but now it is the primary protocol for use with any operating system, Microsoft's and Novell's offerings included. It is even now popular for connecting to IBM and Digital mainframes, though SNA and DECnet respectively are still in common use so check for support for these protocols if you need them. Microsoft's NetBEUI and IBM's NetBIOS are also still used in certain applications so it is worth checking that these are supported also, if you think you might need them.

In addition to running IP and IPX over the WAN, a number of popular, dedicated WAN protocols may be supported by the remote control software, the key ones being as follows:

1) PPP ( Point-to-Point Protocol. This became very popular with the popularisation of LAN to LAN connectivity. It quickly became a multi-vendor, defacto standard enabling interoperability between any two WAN devices - such as ISDN Terminal Adaptors (TA) - supporting PPP. An extension of this protocol appeared in the form of ML-PPP - MultiLink PPP - which enables multiple channels, such as ISDN B channels, to be aggregated in a standard format. So, for example, using ML-PPP a connection can be made between two different vendors TAs over ISDN at 128Kbit/s - two 64Kbit/s B channels aggregated in other words.

2) HDLC - High Level Data Link Control. This is an ITU-TSS link layer protocol standard for point-to-point and multi-point communications, often associated with IBM systems.

3) LAPB - Link Access Procedure, Balanced. This is a data link protocol in the X.25 protocol stack. LAPB is a bit-oriented protocol derived from HDLC.

4) SLIP - Serial Line IP. This is a protocol used to run IP over serial lines, such as telephone circuits or RS-232 cables, interconnecting two systems on a point-to-point basis.

While most WAN hardware devices will now include some form of optional data compression to enhance data transfer performance, many remote access software packages also provide integrated --and always optional - data compression routines of their own. Note, though, that if data being transferred across the WAN connection is already in compressed format - ZIPped for example - then adding extra data compression is likely to result in the transfer speed slowing down. The same can also be true of combining software and hardware based compression, so handle data compression with care!

Some remote access software packages provide intelligent coding for minimising on-line time and, therefore, costs and bandwidth usage. The best examples are directly aimed at combining user control with cost efficient use of the network, but without undue user restrictions. At the heart of such a system you might find what is best described as intelligent, off-line data queuing. This is akin to an architecture which - for any process or application - carries out as much as it can off-line, then allows the online connection to be made when the user chooses and enables them to carry out tasks at a time which suits them. Connections can then be fully automated to take advantage of the best times to connect to the WAN or Internet. In some cases, the remote users can further select which WAN service they want to use at a particular time of day, or for a particular job, with the software switching between different service types automatically, to further optimise connection costs.

Some remote access software packages will include support for Virtual Private Network (VPN) tunnelling. A VPN is effectively a "private" network that uses some "public" segments. This makes it significantly less expensive and more flexible than a dedicated private network. Each of the private networks need only be connected to a local Internet service provider, and adding new connections is simple and inexpensive. In order to make data connections secure, a "tunnel" is created between the source and destination end-points which encapsulates the IP packets and encrypts the data.

While some tunnelling schemes will be proprietary, most will support IPSec, either in 32-bit or 64-bit (the code length) mode. IPSec is a framework of open standards for ensuring secure private communications over public networks like the Internet, which is why it has been applied to VPNs. It is a set of protocols developed by the IETF (Internet Engineering Task Force) to support secure exchange of packets at the IP layer. IPSec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the data portion (payload) of each packet, but leaves the header untouched. The more secure tunnel mode, as used in VPNs, encrypts both the header and the payload. On the receiving side, an IPSec-compliant device must be present to decrypt each packet.

The final consideration is possibly the most important: security. All remote access software packages will offer at least basic security in the form of password protection. Beyond this general security features will vary depending on the nature and cost of the remote access product. Typically these can either be used in tandem to create multi-layered security or individually.

Steve Broadhead

This was first published in July 1999



Enjoy the benefits of CW+ membership, learn more and join.

Read more



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: