Shield IT Solutions Case Study: Secure VPN and Remote Access

As specialists in wireless networking and security, remote access is one area in which Shield IT Solutions truly excel. One recent customer came to us needing an entirely new remote access solution - their current software had reached end of life and the hardware they were using was unable to support an upgrade, so their only option was to completely replace the entire system.

This customer relied heavily on their remote access due to their wide range of users - some office-based staff had only occasional access requirements, while other users were permanently based away from the main offices. As remote workers did not make use of company equipment, the system had to be accessible without the need to install client software on users' personal machines.

Another fundamental aspect to making this deploymentsuccessful was its security setup. This included a robust login process, along with the abilityto ensure that users not using corporate machines couldnot transfer sensitive data from the corporate network, or untrusted files onto it. A small number of third parties also required access to the customer's network to provide application and system support.

Providing High Quality Remote Access Solutions

Upon evaluating the customer’s requirements, it was decided to stay with an SSL VPN product from AEP networks. We providedthem with two appliances for resilient user access and a third virtual version edition as a test device. This ensured that the migration from the existing system to the new version would be virtually seamless for the users and would require no additional training.

Shield IT Solutions installed the two new LAN Protect (formerly AEP Series A) appliances in tandem with the existing devices to allow for a period of user acceptance testing before the users were fully migrated to the new system.

To ensure only corporate devices could connect using the tunnel client, the LAN Protect inbuilt client integrity checking was used to find unique settings and executablefiles on the users' machines. The system was further enhanced to publish Web applications directly from LAN Protect in order to save users from having to establish a session to a terminal server to perform simple tasks.

The existing remote access solution already used strong two-factor authentication (2FA) from Signify to provide secure authentication, which allows the use of an RSA Secure ID system without the need for specialist in-house skills. Being a cloud-based service, Signify 2FA is easily deployed and enables the IT team to continue managing users from an easy-to-use Web portal, making the solution even more convenient for the users and administrators alike.

Case Study - Providing a Cisco VPN Solution

A second example of Shield IT Solutions’ ability to provide VPN and remote access comes in the form of a customer who required the provision of 'LAN like' access for up to 100 mobile and home-based staff. All access was to be via corporate machines, with users accessing a range of thick client and Web-based applications on the corporate network. As the customer already hosted a number of Web applications over an existing Internet link, it was imperative that the new solution did not impact the performance of these applications. A robust login process was also required.

Shield IT Solutions carried out an evaluation of the customer’s requirements and selected an IPSec-based solution on Cisco hardware. Initially just a single device was used, but by utilising the load balancing technology within the Cisco product, we were able to increase capacity by adding further appliances without significant changes to the infrastructure design. This provided the LAN-like experience that the customer required by using a VPN client on each device, but also offered the option of using an SSL-based solution in the future if required.

Increasing All Aspects of VPN Performance

To avoid impacting existing bandwidth, a new Internet link was specified. A 10Mb leased line was selected to ensure the service was useable for all remote workers, which also made the solution scalable.

To provide secure authentication, we employed two-factor authentication from Signify. This solution allowed the use of an RSA Secure ID systembut without the need for specialist in-house skills. The service was easily deployed and existing IT employees were able to manage users from a simple cloud Web portal.

Shield IT Solutions ensured that the service was a success and the user numbers more than doubled in a short space of time. The device was also added to an existing SNMP management solution to monitor concurrent users so that future upgrades could be planned well in advance.

Cookie Policy