Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O.

Slides:



Advertisements
Similar presentations
WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
Advertisements

Maximizer CRM Chris Dauth RapidCRM.
Handheld Contact Wireless syncing ACT! Blackberry and Windows Mobile 5/6.
Windows Remote Desktop Services for Cloud Applications.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?
Wi-Fi Structures.
A Guide to major network components
Remote Networking Architectures
SMUCSE 8344 MPLS Virtual Private Networks (VPNs).
1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.
Proximus Push solutions Welcome Direct & BlackBerry.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.
Virtual Private Network
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
WSV404 DirectAccess Server (Server 2008 R2) DirectAccess Client (Windows 7) Internet Native IPv6 6to4 Teredo IP-HTTPS Tunnel over IPv4 UDP, HTTPS,
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Course 201 – Administration, Content Inspection and SSL VPN
Chapter 4 Intranets and Extranets. 2 OBJECTIVES What is Intranet? Software Applications Architecture of software and Intranet Extranets.
Intranet, Extranet, Firewall. Intranet and Extranet.
Chapter 7: Using Windows Servers to Share Information.
Making the Internet a Better Place for Business NIST PKI Steering Committee March 14, 2002.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.
What is Sure CRM? Sure CRM is a powerful SAP add-on that empowers organisations to communicate effectively with their customers without having to install.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.
NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.
The Intranet.
Citrix Secure Gateway v1.1 Customer Presentation Aug 2002 Customer Presentation Aug 2002.
Defense in Depth. 1.A well-structured defense architecture treats security of the network like an onion. When you peel away the outermost layer, many.
Chapter 4 Intranets and Extranets. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES Introduction Technical Infrastructure Planning.
Network Components Basics!. Network HUB  Used to connect multiple Ethernet devices together  Layer 1 of the OSI model  Not used much today.
IS Infrastructure Managing Infrastructure and Services Copyright © 2016 Curt Hill.
Windows Small Business Server 2003 R2 Powering Small Businesses.
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
Part A. Remote Viewing IP Surveillance Camera Application Guide.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
Calendaring for Windows Mobile users TeamCalendar.
NT1210 Introduction to Networking
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
Chapter 5 Electronic Commerce | Security Threats - Solution
3.1 Types of Servers.
Contents Software components All users in one location:
The Intranet.
BEST CLOUD COMPUTING PLATFORM Skype : mukesh.k.bansal.
3.1 Types of Servers.
Internet and Intranet.
Chapter 5 Electronic Commerce | Security Threats - Solution
3.1 Types of Servers.
Internet and Intranet.
Unit 27: Network Operating Systems
Virtual Private Network
Internet and Intranet.
ICT Computing Lesson 4: Computing Network.
AbbottLink™ - IP Address Overview
Internet and Intranet.
Securing web applications Externally
Introducing MagicInfo 6
Presentation transcript:

Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O

6/2/20152 AppGate AppGate Network Security specialises in providing extremely secure network solutions, such as application VPNs, personal firewalls and application access control systems. AppGate Network Security ties together all the pieces of security technology in one easy-to-use system. AppGate solutions work in both fixed and wireless network environments, with a broad range of client systems. It scales from small organisations up to enterprise-level customers, supporting thousands of users. That is why AppGate Network Security has customers among the largest and most prestigious corporations in the world.

6/2/20153 Zühlke Engineering Genuine Breadth and Depth in IT & Technology Consultancy  Bespoke Systems Developments  Coaching and Mentoring  Project Resources  Consulting  Training  Iterative Development Methods  System Architecture Design & Realisation  Enterprise Application Integration (EAI)  Web Services  Mobile Computing  Information Security  Technical Reviews  Software Audits  Evaluation of Methods, Tools and Components Disciplines Services

6/2/20154 ObjectValue Ltd. One-man wireless and IT consultancy Worked as a partner of AppGate to develop and test the Rendezvous concept Company still exists, but staff working full-time for Zühlke

6/2/20155 The Problem Hypothesis: equipping knowledge workers with mobile access to enterprise applications leads to better productivity   Scheduling  Contacts  Intranet Web servers  ERP  CRM  Custom applications etc. People need proof: a user trial lasting at least a few weeks provides the clearest evidence of Return on Investment (ROI) Technology trailblazers depend on expensive infrastructure upgrades to connect their mobile devices to the company network How can users be empowered to try the technology without having to justify the business case in advance and wait for the IT dept.?

6/2/20156 Rendezvous concept  Using an AppGate, companies can already give their mobile workers secure, always-on, remote access to services such as corporate , CRM systems, etc.  The Rendezvous concept takes a standard AppGate server and re-uses it in a new way to give smaller companies/teams the same benefits, but without the need to invest in an AppGate server themselves.  The rendezvous software has been developed by one of AppGate’s partners, ObjectValue Ltd., and supports the same range of platforms as the AppGate client (Windows, MacOS, Linux, etc.)

6/2/20157 AppGate Rendezvous Server  Hosted outside a company’s firewall, the Rendezvous Server gives individual users working outside the office secure access to chosen services within the office. appGATE server Protected Network Remote Worker Application servers Data GPRS Secured connection Rendezvous Server

6/2/20158 AppGate Rendezvous Server  Typical office user connected to office services (such as server) Application servers Data Protected Network xxxx

6/2/20159 Protected Network AppGate Rendezvous Server  User opens connection to AppGate using the normal client (via proxy if required), selected ports are forwarded and the Rendezvous client is started automatically appGATE server Application servers Data xxxx

6/2/ Protected Network AppGate Rendezvous Server  Ports in the range 2xxxx on the client are forwarded to the same port number on the AppGate itself. This is the port number on which the Rendezvous Server listens for connections from its office client. appGATE server Application servers Data Rendezvous Server xxxx

6/2/ Protected Network AppGate Rendezvous Server  Rendezvous Server and client together act as a virtual firewall router, relaying connection requests from the mobile device to office services (such as the server) appGATE server Application servers Data xxxx Rendezvous Server

6/2/ AppGate Rendezvous Server  Leaving the office client running, the user later connects to AppGate from a remote location with the same ID, and so establishes the second of a pair of connections  Ports in the range xxxx on the client are forwarded to 1xxxx on the AppGate itself – so for sending mail via SMTP, local port 25 on the mobile device would be forwarded to port on the AppGate appGATE server Remote Worker GPRS

6/2/ AppGate Rendezvous Server  The Rendezvous Server associates the corresponding 1xxxx and 2xxxx ports internally based on the user ID, establishing a fully secured end-to-end tunnel from the mobile user via the PC in the office to the application server. appGATE server Remote Worker Application servers Data GPRS 1xxxx2xxxx Protected Network Rendezvous Server xxxx

6/2/ Demonstration If you cannot see the movie above, make sure you have the free QuickTime player installed (see and then click here. here

6/2/ Working at the application layer  AppGate client opens just one secure tunnel through the firewall to the server on port 22 (normally)  The connections for each service are multiplexed through this tunnel – by default 5 connections are allowed  Each connection simply lets the client see a remote port on the AppGate server – The AppGate server can not look back into the network  The AppGate client can link only the 5 default connections to the AppGate server, e.g to 20025, to etc.  Using the Rendezvous client, users choose which of the default connections they need pop3 smtp intranet Application tunneling Port 22

6/2/ Accessing intranet Web servers  To resolve intranet URLs, DNS lookups must be made within the office network, so a proxy server is used.  The mobile browser is configured to use localhost:8080 as its proxy. Rendezvous relays HTTP requests to the real proxy server in the office. appGATE server Remote Worker Web servers Proxy server GPRS Protected Network Rendezvous Server

6/2/ Sharing a Rendezvous Client  Where it is not desirable to leave the office PC switched on, the Rendezvous Client and Appgate Client can be set up to run on an office server (e.g. NT, Linux)  Multiple mobile users from the same office can connect to the same Rendezvous Server and hence Rendezvous client using the same AppGate user ID  All will access the same set of services, but because they will sign in with different network user IDs they will not receive identical information or gain unauthorised access to data  Users sharing a single instance of the Rendezvous client can connect consecutively or at the same time without interfering with each other

Security – wherever your business needs it AppGate Network Security AB

Security – wherever your business needs it

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.