© 2005,2006 NeoAccel Inc. Training Access Modes. © 2005,2006 NeoAccel Inc. Agenda 2. Access Terminals 6. Quick Access Terminal Client 3. SSL VPN-Plus.

Slides:



Advertisements
Similar presentations
Encrypting Wireless Data with VPN Techniques
Advertisements

Enabling IPv6 in Corporate Intranet Networks
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Secure Remote Access from Cyber Cafe Timothy Siu SunONE SE Manager
Module 5: Configuring Access for Remote Clients and Networks.
SCSC 455 Computer Security Virtual Private Network (VPN)
October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Remote Networking Architectures
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
1 © J. Liebeherr, All rights reserved Virtual Private Networks.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Telnet/SSH: Connecting to Hosts Internet Technology1.
Course 201 – Administration, Content Inspection and SSL VPN
IPsec and SSL VPN’s: Solving Remote Access Problems Joel M Snyder Senior Partner Opus One, Inc.
Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.
Virtual Private Networks Alberto Pace. IT/IS Technical Meeting – January 2002 What is a VPN ? u A technology that allows to send confidential data securely.
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 IPSec or SSL VPN? Decision Criteria.
Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.
© 2007 NeoAccel, Inc. NeoAccel SGX Installation Guide Dear Customer: We are pleased to provide you with our training presentation for our SSL VPN-Plus.
© 2005,2006 NeoAccel Inc. Partners Presentation SSL VPN-Plus 2.0 Quick Start Guide.
Access Gateway Operation
Chapter 3 Hardware, Software, and Networks Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 3-1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
Networks QUME 185 Introduction to Computer Applications.
StoneGate SSL VPN 1.2 Technical Overview
Network Services Networking for Home & Small Business.
What’s New in Fireware v11.9.5
C3 confidentiality classificationIntegrated M2M Terminals Introduction Vodafone MachineLink 3G v1.0 1 Vodafone MachineLink 3G VPN functionality Feature.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Grid Chemistry System Architecture Overview Akylbek Zhumabayev.
Module 8: Managing Terminal Services. Overview Use and manage Terminal Services RemoteApp programs Use and manage Terminal Services Gateway Optimize and.
© 2005,2009 NeoAccel Inc. Partners Presentation SSL VPN-Plus 2.3 Quick Start Guide.
Terminal Services Technical Overview Olav Tvedt TVEDT.info Microsoft Speaker Community
FreeS/WAN & VPN Cory Petkovsek VPN: Virtual Private Network – a secure tunnel through untrusted networks. IP Security (IPSec): a standardized set of authentication.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L5 1 Implementing Secure Converged Wide Area Networks (ISCW) Module 3.1.
Citrix Secure Gateway v1.1 Customer Presentation Aug 2002 Customer Presentation Aug 2002.
SonicWALL SSL-VPN Series Easy Secure Remote Access Cafferata Cristiano SE Italia.
Virtual Private Networks Ed Wagner CS Overview Introduction Types of VPNs Encrypting and Tunneling Pro/Cons the VPNs Conclusion.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
MetaFrame Secure Access Manager Overview Presented by Douglas A. Brown.
Virtual Private Networks
Barracuda SSL VPN 2012.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.
Virtual Private Networks
Remote Access Lecture 2.
Networking for Home and Small Businesses – Chapter 6
CIT 480: Securing Computer Systems
Introduction:. Vendor : Cisco Certifications : Next-Generation Firewall Express Security Engineer Exam Name : Cisco ASA Express Security Exam Code :
Networking for Home and Small Businesses – Chapter 6
Packet Sniffing.
Server-to-Client Remote Access and DirectAccess
Virtual Private Network
Networking for Home and Small Businesses – Chapter 6
Presentation transcript:

© 2005,2006 NeoAccel Inc. Training Access Modes

© 2005,2006 NeoAccel Inc. Agenda 2. Access Terminals 6. Quick Access Terminal Client 3. SSL VPN-Plus Access Terminals a) Introduction b) Usage scenario 4. Network extension concepts 5. Full Access Client 1. Need of SSL VPN

© 2005,2006 NeoAccel Inc. What Users Want Access Business Applications Web based applications: Intranets,… Client-Server applications: VOIP, SAP,… Hybrid Web applications: Oracle forms,… On Demand Access Take work home: in-office experience, full productivity At customer site: need mission critical application to run Roaming: , Intranet portal, least productivity

© 2005,2006 NeoAccel Inc. What Users Want…contd… No more classes n trainings!! Simplified, one click access … like web… In office experience Don’t rely on us

© 2005,2006 NeoAccel Inc. What Users Want…contd… Securely Access Anything from Anywhere usingAny device That’s what SSL VPN are about !

© 2005,2006 NeoAccel Inc. Wireless/mobile user Home user/ consultant/partner Other corporate office/ Partners Encrypted SSL VPN tunnels Firewall NeoAccel SSL VPN-Plus Gateway Private network services Authentication Server- Radius/AD/LDAP Internal data-centre SSL VPN Deployment

© 2005,2006 NeoAccel Inc. Access Terminals Entry points to private corporate network Requirement Usability Accessibility Security

© 2005,2006 NeoAccel Inc. Common Access Terminals 1.1 SSL VPN Web portal (with terminal emulators) 1.2 Port Forwarding Client 1.3 Network extension Client

© 2005,2006 NeoAccel Inc. SSL VPN-Plus Access Terminals SSL VPN-Plus has three Access Modes Web Access Terminal (WAT) Browser based SSL VPN access mode Commonly known as Clientless SSL VPN access Private Hyper Access Transport (PHAT) A native client for full access to corporate network Commonly known as Full Access Client Quick Access Terminal (QAT) An agent based terminal that enables access to all TCP applications without installing any software on machine Commonly known as Port Forwarding Client Access Terminals are modes through which remote users can access corporate resources

© 2005,2006 NeoAccel Inc. Web Access Terminal Only a browser is required to initiate a VPN and access corporate resources known as Clientless VPN also A browser that supports javascript can setup VPN connection For a user, accessing VPN services is like accessing a company portal or company web Zero management/Maintenance Administrator configures the resources available on portal for users Per Group portal customization

© 2005,2006 NeoAccel Inc. Web Access Terminal…contd. VPN resources accessible through WAT are: Web servers; e.g. Corporate Intranet/portal Sharepoint Web-based application servers; e.g. Outlook Web Access Lotus Domino Web-based databases like Oracle 9i, SQL Portal can be configured to provide Documents/Manuals to users

© 2005,2006 NeoAccel Inc. Web Access Terminal…contd. User opens WAT login page

© 2005,2006 NeoAccel Inc. Web Access Terminal…contd. Upon successful login, the WAT portal is available to user to access private network resources

© 2005,2006 NeoAccel Inc. Web Portal - Thin Applications Terminal emulators are provided on portal to access terminal servers and legacy hosts RDP, VNC, SSH and Telnet java clients are available Useful to access legacy applications without installing any software on user machine or access from kiosk, hotel, etc.

© 2005,2006 NeoAccel Inc. Why Web portal is not enough Business application are not just web-based application. They include client – server components. Application implementation dependent URL rewriting is more than just HTML rewriting: Applets, flash, exe, … No in-office experience

© 2005,2006 NeoAccel Inc. Private Hyper Access Transport PHAT IPSec replacement client which provides IPSec like full access but with zero configuration on client machine Support for all TCP/IP based application and protocols (TCP, UDP, IP) is provided. Best use for In office experience for maximum productivity VOIP and video conferencing Full Access client is configured from management console Administrative rights are required to install the client Client auto-updates without administrative rights Complete and strong endpoint security Supported on Windows (2000 and above) Linux (Redhat, Knoppix, Debian) MAC OS-X (beta)

© 2005,2006 NeoAccel Inc. Network extension technology Establish a SSL connection with SSL gateway Intercept Application Traffic transparently Encapsulate the control commands and data in proprietary protocols Encrypt the data and send through SSL connection to gateway Pass the data to applications transparently Decode the control commands Decrypt the data received on SSL connection from gateway TRANSMISSION RECEPTION

© 2005,2006 NeoAccel Inc. SSL VPN Network extension technology SSL VPN App TCP IP SSL TCP IP Enet #1 #2 User Kernel

© 2005,2006 NeoAccel Inc. SD D D A A D A SA D: Application TCP data packet A: application TCP ACK packet SD: SSL tunnel data packet SA: SSL tunnel ACK packet D A This is what will be achieved. This happens when the user is working in office, i.e. connected to LAN Private network servers SSL VPN GatewaySSL VPN client agent running on remote users machine Other SSL VPNs: Packet flow

© 2005,2006 NeoAccel Inc. SSL VPN-Plus technology SSL VPN App ICAA-TSSL IP TCP Enet #1 User Kernel

© 2005,2006 NeoAccel Inc. Next Architecture: Other SSL VPN Architecture: SSL VPN-Plus OS Network Stack Applicati on Level To private Network SSL Module Network Module From Application To private Network OS Network Stack User Mode ICAA-TSSL Module From Application Remote User Resource Gateway Remote User Resource Gateway ICAA-TSSL Module Architecture difference

© 2005,2006 NeoAccel Inc. What not so good about PHAT PHAT client can not be used “Anywhere”. It has to get installed Administrative rights are required on user machine Secure transport for malware, spyware, trojans and viruses Where is my portal?

© 2005,2006 NeoAccel Inc. Quick Access Terminal A Java enabled browser is required to initiate a VPN and access corporate resources known as Port forwarding client also A Java applet gets downloaded on user machine and initiate VPN User can access TCP based client-server appliance off the portal Zero management/Installation/Maintenance Works like Full access client with only limitation of support for IP, UDP and MS File shares Administrator configures the network resources for users Access to QAT client can be controlled from NMC on per group basis.

© 2005,2006 NeoAccel Inc. Quick Access Terminal…contd. VPN resources accessible through QAT are: Any TCP based Application servers Web Servers, servers, Citrix, SAP, Lotus Domino, Direct database from anywhere Terminal Servers SSH, Telnet and other legacy terminal emulators like TN5250 for IBM Mainframes access True Anything from Anywhere access In 2.0 beta, QAT runs only on Windows 2000 & above.

© 2005,2006 NeoAccel Inc. Quick Access Terminal…contd. User opens WAT login page

© 2005,2006 NeoAccel Inc. Quick Access Terminal…contd. Upon successful login, the QAT link is provided on WAT portal Access QAT using this link

© 2005,2006 NeoAccel Inc. Quick Access Terminal…contd. Upon successful login, the QAT link is provided on WAT portal Status of QAT.

© 2005,2006 NeoAccel Inc. Quick Access Terminal…contd. Access your TCP applications the normal way your work Access any TCP based application

© 2005,2006 NeoAccel Inc. Questions ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.