Direct
Modem connection ( using a RAS server)
If the company
has a spare telephone line available a modem set-up
could be a solution.
A modem and a RAS server is installed on the Server PC.
Connect the modem to the direct telephone line
and configure the RAS server for user login
validation it is recommended to let the
remote user get access to the Server PC only. You
also need to create the accounts for the users that can connect to
the modem.
The modem (together
with the RAS server) gives a remote access to the
Server PC using IP. Note that if the Server PC is
connected to the local network then an external
user can achieve acces to this through the Server
PC (Beware of the Backdoor)
IP addresses
of the remote AND the local PC are determined by
the RAS server. It is recommended to use a fixed
IP array (preferably an Internal IP adress) this enables the user to
know what IP address the Server PC has through
the modem.
Improving
security
It is
generally a good idea to install a
firewall and an "updated"
antivirus scanner (that also scans E-mails"
on both the Server and on the Client PC.
The firewall should only allow access
through the port 2000.
The
security can be improved if the modem is
powered off during normal production and
only powered on if a specific re-quest (e.g.
a service technician wants to check the
status of the machine). An extra global
IP address is NOT needed.
The
security can be further improved (even
when the modem is left powered on) if the
RAS server (modem) is set-up to callback
to the user modem that initiated the
communication. A callback phone number
can be unique for each RAS server user
so that multiple users can access
the GJGW (each requiring separate login).
|