Remote accessibility revisited. (Letters).I believe "Remote--But Connected" (JofA, Mar. 02, page 63) contained a number of inaccuracies, which I would like to address: * The article said firewall installation is an easy do-it-yourself project (page 65). While some installations are relatively straightforward, a professional should be consulted when you have valuable, sensitive information--such as client data--to protect. Knowing how to construct the proper rule base, configure network address translation, harden the underlying operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. and test the firewall's effectiveness requires an experienced security engineer. * The article also said that setting up a virtual private network (VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. ) is quite simple. This would be true if you were a certified network engineer, understood network address translation, routing, IP and were conversant CONVERSANT. One who is in the habit of being in a particular place, is said to be conversant there. Barnes, 162. in that vendor's software and hardware. Having the telephone number of the telco's senior technical support engineer would also help. * The definition of IPSec was incorrect. IPSec stands for Internet Protocol See Internet and TCP/IP. (networking) Internet Protocol - (IP) The network layer for the TCP/IP protocol suite widely used on Ethernet networks, defined in STD 5, RFC 791. IP is a connectionless, best-effort packet switching protocol. Security, not Internet Protocol Secure. See www.ietf.org/html.charters/ipseccharter.html for some definitions and Internet-Drafts on IPSec and working with VPNs. * A number of the comments about Microsoft terminal server were also incorrect. Citrix MetaFrame is a feature-rich application that provides many additional benefits to a terminal server installation. However, there are many circumstances where a simple terminal server installation is the perfect solution. A Citrix implementation will always cost more than just a Microsoft terminal server implementation. Citrix is installed on top of Windows 2000 Server, which includes terminal server. In order to run terminal server, Microsoft requires each computer connecting to the terminal server to have a Microsoft 2000 Server Client Access License (CAL) and one of the following licenses: Windows 2000 Professional, Windows XP The previous client version of Windows. XP was a major upgrade to the client version of Windows 2000 with numerous changes to the user interface. XP improved support for gaming, digital photography, instant messaging, wireless networking and sharing connections to the Internet. Professional or a Microsoft terminal server CAL. When implementing a Citrix MetaFrame solution, the MetaFrame server and client access licenses are an additional cost to the Microsoft licensing. Citrix MetaFrame does not provide any additional level of security over terminal services The Windows 2000 counterpart of Windows Terminal Server in Windows NT. See Windows Terminal Server. . Citrix does not even make this claim. Having implemented numerous Microsoft terminal server, Citrix WinFrame WinFrame was a multi-user version of Windows NT 3.51 which was fully repackaged by Citrix Systems. At this stage of the product development Citrix Systems licensed the Windows NT 3.51 base operating system from Microsoft. and Citrix MetaFrame solutions, my experience is that Citrix MetaFrame is not necessarily faster than Microsoft terminal services. The relative speed and performance of each product depend on the applications and solutions implemented as well as available bandwidth. Michael F. Crowe, CPA Chicago Author's reply: The observations made in the letter are valid but seem dependent on a framework using much more complex products than we recommend for organizations of less than 200 users. The way a firm chooses to spend technology dollars can make a big difference in ease of use, ongoing cost and performance. We prefer simple, reliable, fast solutions that require minimal expertise to install and maintain, and our recommendations on the use of appliance firewalls, VPN technology and Citrix Metaframe still stand. In the computer world, three-letter acronyms three-letter acronym - (TLA) The canonical self-describing abbreviation for the name of a species with which computing terminology is infested. Examples include MCA, FTP, SNA, CPU, MMU, DMU, FPU, TLA. For a complete list of the TLAs in this dictionary, see TLAs. (TLA (Three Letter Acronym) The epitome of acronyms! While two-, four- and five-letter acronyms exist, there are more three-letter acronyms. Obviously, three words to describe a concept or product is the most popular. TLA - Three-Letter Acronym ) often have multiple meanings, and it is common for one TLA to have several definitions. Either one for IPSec conveys the key idea of transferring information across the Internet in a secure or encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science fashion. Randolph P. Johnston, MCS Hutchinson, Kansas |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion