It’s a common request in your line of work: A call comes in from your customer requesting help with a network problem. Your team isn’t on-site, so you can’t remote into their network because the firewall is doing exactly what it’s designed to do: keep outsiders out.
While there are multiple processes to modify a firewall to allow access, taking it down at all opens up your customer’s network to the risk of a data breach. The last thing you want to do is be the reason a customer has a data breach when your job is to safeguard their networks. It’s likely why it isn’t a current offering for your team. It’s time to change that.
Whether it’s to manage physical security systems, HVAC systems, controllers, or servers, I’d like to share a couple of ways you can safely access your customer’s network and add remote login to your list of services to not only help with network problems but also proactively monitor.
Let’s review some options to find one that will best fit your network, budget, and security needs.
Single-use VPN (Virtual Private Network) into remote desktop
This option allows you to log into the network via a private connection created by the customer. While it will allow you into the network, it requires coordination at the customer will have to accept VPN requests each time it is needed. This means you won’t be able to enter the network proactively to install updates, restore data or create backups for your customer.
Additionally, the hassle of accepting VPN requests means this option doesn’t scale well as you’ll need that person on-site to establish the connection each time at every location.
Multi-protocol label switching or MPLS is another type of private network that allows a direct link by connecting to a service provider’s device that labels the device attempting to access the network as a “safe” device.
While it is an effective option, it has high costs to implement because it requires a service provider to implement, resulting in high fees for hardware and support.
SD-WAN with load balancing
A cost-effective response to MPLS, SD-WAN uses public internet versus private with MPLS. However, using the public network means more security issues because the technology alone does not monitor any data sent through the network. It is much more vulnerable to a data breach as it relies on public networks, so you’ll need robust security measures in place to review what’s being sent or requested from in the network.
Secure Remote Access
Our team considered all the pros and cons of the solutions above and thought there must be a continually secure, easy to use, and cost-effective solution. That’s what brought us to create our newly announced Secure Remote Access (SRA) solution. The solution consists of two units:
One device (MAP) installed on your local network and another device (RAD) installed at the remote customer site.
When two network devices recognize the MAP and RAD are connected, it creates an encrypted bi-directional VPN tunnel. A single MAP accepts secure connections from many remote site RADs.
SRA provides a simple and secure way to access and manage distributed network devices and endpoints such as network security cameras without requiring changes to an enterprise firewall. Users can either configure complete local network access or limited access to specific devices to rapidly deploy without typical disruptions such as changes to an enterprise firewall.
Instead of creating individual VPN connections, paying expensive service provider contracts, and opening your customer to increased security risks, take a look at our SRA solution. You’ll have a solution that simple to deploy, cost-effective, requires less from your customers and allows you to offer more.