Download presentation
Presentation is loading. Please wait.
Published byCharlotte Lloyd Modified over 9 years ago
1
Wavetrix Changing the Paradigm: Remote Access Using Outbound Connections Remote Monitoring, Control & Automation Orlando, FL October 6, 2005
2
Wavetrix l Agenda Goal Inbound Connection Oriented Architecture Outbound Connection Oriented Architecture Outbound Connection Systems Summary/Questions
3
Wavetrix l Goal Objective: –Enable remote access regardless of location Issues –Firewall(s)/Router(s) reconfiguration is very challenging when remote access is needed via the Internet Especially true for third party deployments –Centralized administration of user access and privileges –Security is of paramount importance
4
Wavetrix l Remote Access Applications Status and Maintenance Checks Diagnostics Configuration and Administration Software Upgrade Log File Retrieval All these applications are originated by the end user
5
Wavetrix l Remote Access Methodologies Inbound Connection via the Internet –Definition: Client originates a connection to the serial server –Requires Firewall(s)/Router(s) reconfiguration –Port Forwarding is the most common implementation Outbound Connection via the Internet –Definition: Serial server originates connection to a known point –Gateway provides connection point
6
Wavetrix l Inbound Connection Architecture Client (i.e. PC) originates connection to the serial server –Telnet or Virtual Serial Port Serial Server –Static IP address − –Authenticates user (username/password) Requires firewall to be configured to route connection to serial server –Port Forwarding is the most common technology
7
Wavetrix l Port Forwarding Illustration Web servers are the most common example
8
Wavetrix l Installation Issues Provisioning IP address routing is resource intensive –Static IP address for the serial server –They must be setup and tested –Maintained through upgrades/replacements –At a third party, time and politics drive the process Username/password is in serial server Must know IP address (and port number) of serial server –Multiple serial servers within a single facility require each to have their own port number
9
Wavetrix l Administrative Issues Serial servers are individually managed –To reduce complexity, a single username/password is often used for all users Serial server configuration information (IP address, port number) must be disseminated –Users must keep track of this information –Updates must sent whenever the information changes Complexity grows dramatically as the size of deployment grows
10
Wavetrix l Outbound Connection Motivation Outbound connections are generally permitted –Examples: Requesting a web page, retrieving e- mail Requires no changes to the firewall or router –Mimics existing network processes –Traverses the firewall like other processes Faster, simpler deployment Reduces technician skill level requirements –Requires minimal “Networking” training
11
Wavetrix l Architectural Changes Serial server needs a connection point –Client isn’t always there and is usually not visible from the Internet Solution: Add a connectivity gateway –Moves the client connection from locally at the serial server, to the gateway on the Internet –Provides a central point for access control and privilege administration
12
Wavetrix l Outbound Connection Architecture The gateway provides a central point for all connections –Serial server connects to the Gateway –Client Software connects to the Gateway –Gateway establishes a connection between them when instructed
13
Wavetrix l Outbound Connection Elements Connectivity Server –Originates and maintains a constant connection to the connectivity gateway –Serial server can have a DHCP or Static IP address Connectivity Gateway –Specific purpose appliance that resides on the Internet Connectivity Client –Creates a connection with connectivity gateway –Connectivity gateway authenticates and connects the client to the requested connectivity server
14
Wavetrix l Enhanced Security Bi-lateral Authentication –Connectivity Client Individual username/password –Connectivity Server Can use very strong machine-to-machine techniques Data Transfer –Encryption Pre-shared or dynamic key exchange Administration –Privileges/Access controlled individually –Centrally managed
15
Wavetrix l Centralized Administration Single point to control access to all connectivity servers User privileges are individually defined and controlled Enables a connectivity server to be shared across organizational boundaries Inherently disseminates any changes to a connectivity server’s configuration information
16
Wavetrix l Deployment Examples PBX –Remotely administer PBX Sensor Gateway –Connect a sensor network (deployed at a third party) to it application HVAC Management –Remotely manage/diagnose HVAC systems
17
Wavetrix l Summary Outbound connections simplify remote access especially at third party facilities –Firewall traversal eliminates the need for reconfiguration –Central administration improves security and control Enables large scale deployments
18
Wavetrix l Thank You Questions? Virtual Connectivity Network www,traversix.com
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.