Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O."— Presentation transcript:

1 Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O

2 6/2/20152 AppGate AppGate Network Security specialises in providing extremely secure network solutions, such as application VPNs, personal firewalls and application access control systems. AppGate Network Security ties together all the pieces of security technology in one easy-to-use system. AppGate solutions work in both fixed and wireless network environments, with a broad range of client systems. It scales from small organisations up to enterprise-level customers, supporting thousands of users. That is why AppGate Network Security has customers among the largest and most prestigious corporations in the world.

3 6/2/20153 Zühlke Engineering Genuine Breadth and Depth in IT & Technology Consultancy  Bespoke Systems Developments  Coaching and Mentoring  Project Resources  Consulting  Training  Iterative Development Methods  System Architecture Design & Realisation  Enterprise Application Integration (EAI)  Web Services  Mobile Computing  Information Security  Technical Reviews  Software Audits  Evaluation of Methods, Tools and Components Disciplines Services

4 6/2/20154 ObjectValue Ltd. One-man wireless and IT consultancy Worked as a partner of AppGate to develop and test the Rendezvous concept Company still exists, but staff working full-time for Zühlke http://www.objectvalue.com/

5 6/2/20155 The Problem Hypothesis: equipping knowledge workers with mobile access to enterprise applications leads to better productivity  E-mail  Scheduling  Contacts  Intranet Web servers  ERP  CRM  Custom applications etc. People need proof: a user trial lasting at least a few weeks provides the clearest evidence of Return on Investment (ROI) Technology trailblazers depend on expensive infrastructure upgrades to connect their mobile devices to the company network How can users be empowered to try the technology without having to justify the business case in advance and wait for the IT dept.?

6 6/2/20156 Rendezvous concept  Using an AppGate, companies can already give their mobile workers secure, always-on, remote access to services such as corporate email, CRM systems, etc.  The Rendezvous concept takes a standard AppGate server and re-uses it in a new way to give smaller companies/teams the same benefits, but without the need to invest in an AppGate server themselves.  The rendezvous software has been developed by one of AppGate’s partners, ObjectValue Ltd., and supports the same range of platforms as the AppGate client (Windows, MacOS, Linux, etc.)

7 6/2/20157 AppGate Rendezvous Server  Hosted outside a company’s firewall, the Rendezvous Server gives individual users working outside the office secure access to chosen services within the office. appGATE server Protected Network Remote Worker Application servers Data GPRS Secured connection Rendezvous Server

8 6/2/20158 AppGate Rendezvous Server  Typical office user connected to office services (such as email server) Application servers Data Protected Network xxxx

9 6/2/20159 Protected Network AppGate Rendezvous Server  User opens connection to AppGate using the normal client (via proxy if required), selected ports are forwarded and the Rendezvous client is started automatically appGATE server Application servers Data xxxx

10 6/2/201510 Protected Network AppGate Rendezvous Server  Ports in the range 2xxxx on the client are forwarded to the same port number on the AppGate itself. This is the port number on which the Rendezvous Server listens for connections from its office client. appGATE server Application servers Data Rendezvous Server xxxx

11 6/2/201511 Protected Network AppGate Rendezvous Server  Rendezvous Server and client together act as a virtual firewall router, relaying connection requests from the mobile device to office services (such as the email server) appGATE server Application servers Data xxxx Rendezvous Server

12 6/2/201512 AppGate Rendezvous Server  Leaving the office client running, the user later connects to AppGate from a remote location with the same ID, and so establishes the second of a pair of connections  Ports in the range xxxx on the client are forwarded to 1xxxx on the AppGate itself – so for sending mail via SMTP, local port 25 on the mobile device would be forwarded to port 10025 on the AppGate appGATE server Remote Worker GPRS

13 6/2/201513 AppGate Rendezvous Server  The Rendezvous Server associates the corresponding 1xxxx and 2xxxx ports internally based on the user ID, establishing a fully secured end-to-end tunnel from the mobile user via the PC in the office to the application server. appGATE server Remote Worker Application servers Data GPRS 1xxxx2xxxx Protected Network Rendezvous Server xxxx

14 6/2/201514 Demonstration If you cannot see the movie above, make sure you have the free QuickTime player installed (see www.apple.com) and then click here.www.apple.comclick here

15 6/2/201515 Working at the application layer  AppGate client opens just one secure tunnel through the firewall to the server on port 22 (normally)  The connections for each service are multiplexed through this tunnel – by default 5 connections are allowed  Each connection simply lets the client see a remote port on the AppGate server – The AppGate server can not look back into the network  The AppGate client can link only the 5 default connections to the AppGate server, e.g. 20025 to 20025, 20110 to 20110 etc.  Using the Rendezvous client, users choose which of the default connections they need pop3 smtp intranet Application tunneling Port 22

16 6/2/201516 Accessing intranet Web servers  To resolve intranet URLs, DNS lookups must be made within the office network, so a proxy server is used.  The mobile browser is configured to use localhost:8080 as its proxy. Rendezvous relays HTTP requests to the real proxy server in the office. appGATE server Remote Worker Web servers Proxy server GPRS 1808028080 Protected Network Rendezvous Server 808080 8080

17 6/2/201517 Sharing a Rendezvous Client  Where it is not desirable to leave the office PC switched on, the Rendezvous Client and Appgate Client can be set up to run on an office server (e.g. NT, Linux)  Multiple mobile users from the same office can connect to the same Rendezvous Server and hence Rendezvous client using the same AppGate user ID  All will access the same set of services, but because they will sign in with different network user IDs they will not receive identical information or gain unauthorised access to data  Users sharing a single instance of the Rendezvous client can connect consecutively or at the same time without interfering with each other

18 Security – wherever your business needs it AppGate Network Security AB www.appgate.com jamie@appgate.com

19 Security – wherever your business needs it

Download ppt "Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O."

Similar presentations

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
Maximizer CRM Chris Dauth RapidCRM.

Maximizer CRM Chris Dauth RapidCRM.
Handheld Contact Wireless syncing ACT! Blackberry and Windows Mobile 5/6.

Handheld Contact Wireless syncing ACT! Blackberry and Windows Mobile 5/6.
Windows Remote Desktop Services for Cloud Applications.

Windows Remote Desktop Services for Cloud Applications.
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?

In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?
Wi-Fi Structures.

Wi-Fi Structures.
A Guide to major network components

A Guide to major network components
Remote Networking Architectures

Remote Networking Architectures
SMUCSE 8344 MPLS Virtual Private Networks (VPNs).

SMUCSE 8344 MPLS Virtual Private Networks (VPNs).
1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.

1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.
Proximus Push E-mail solutions Welcome Direct E-mail & BlackBerry.

Proximus Push solutions Welcome Direct & BlackBerry.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.

Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.
Virtual Private Network

Virtual Private Network

Similar presentations

Ads by Google