Last week while installing a system for a new client, I securely accessed my company’s internal network from the customer’s site to make sure that the client’s server was showing up on our monitoring system. Doing so let me demonstrate to the client that we were already actively monitoring his new file server.
Although remote access might seem like magic, I used a VPN (Virtual Private Network) to extend my office network to my laptop using software built into its Windows XP operating system. My customers love the instant assurance that everything’s running smoothly, and being able to access my network remotely makes installations run that much smoother.
Another client travels extensively, so I installed a $160 Buffalo Technology VPN Gateway appliance to let him access his protected files while on the road. He recently downloaded the latest version of an important proposal from his server, safe and protected behind the company firewall, while he was 2000 miles away at a customer site.
These examples show that even if you run a small company, you can be more productive if you install a system that lets you and your employees access company network or file servers from remote locations. In the past, remote access was out of reach for most small businesses. However, the introduction of new network security products gives small companies the same type of secure access previously enjoyed only by the big companies with IT staffs and full-sized budgets.
Secure access to your network can be yours by purchasing an inexpensive VPN gateway appliance and investing an hour of time. This month we discuss how a VPN appliance can make secure remote access to your company’s network a snap.
Virtual Private Networks
Before delving into how to install a VPN, it helps to have a basic understanding of the technology behind securing remote network access. When you’re using the Internet to send data between systems, the data is broken up into small pieces called packets. Each packet contains information that tells the network routers where to send the data.
Normally, transmitted network data packets are not secured, that is anyone can read the packet content. The VPN software securely encrypts the data inside each packet. Even if someone captured the packet, that someone could not read the data without the special key to decrypt it.
A VPN creates an encrypted tunnel through the Internet that connects your computer (using special client software) to another network that has an access point — commonly called a VPN gateway. The beauty of using VPN technology is that from user’s perspective, the security mechanism is completely transparent; it looks as if the computer is inside the company secured network and has access to all the internal network resources, even though the person making the connection is physically elsewhere — possibly thousands of miles away.
Technically, two common protocols create the tunnels, IPsec (IP security) and PPTP (Point-to-Point Tunneling Protocol). If you are connecting two remote offices you would need to use IPSec, otherwise either will work with the Microsoft client software, but PPTP is easier to install and configure.
Before you purchase a VPN gateway for your office, make sure you have these items in place. You must have either DSL or Cable modem connectivity to your office. This type of access is fast and relatively cheap (around $40 per month to start) and the network is always available. You also need to have a computer (or server) with your files attached to your internal network and that computer must be accessible all the time. VPN access will do you no good at all if you turned off the computer that you want to access remotely!
VPNs for the Rest of Us
In the past, not only was VPN equipment expensive, but you also needed to purchase client licenses for each computer in addition to the gateway hardware. Obviously, VPN technology was out of reach for all but the largest companies.
Cool new products make it possible to install a VPN on virtually any size network for budget-minded SMBs. The Buffalo Technology 125 High-Speed Mode Wireless Secure Remote Gateway is a VPN Gateway/Firewall router and a wireless access point rolled into one neat package. At $160, the value can’t be beat. The Linksys WRV54 Wireless-G VPN Broadband Router, a similar product, also gets the job done.
Given the large number of small businesses that would find these appliances attractive, the other major vendors will likely be marketing comparable products shortly. Be warned — there are VPN gateways products on the market designed for home installations. They’re just as easy to install, but they allow only a very limited number of accounts and some of them have very slow access.
Configuring Your System
Most of the VPN products are designed for simple and quick installations, with plenty of wizards and automated setup that makes it easy even for non-computer-savvy people.
You need to plug the appliance into your network between your ISP provider’s DSL or Cable modem equipment and your internal network. If you don’t have a router or hub now, this device can serve that purpose. Once you turn on the VPN appliance, you can use any computer on the network to login to a Web page and complete your configuration and add user access accounts.
VPN is a secure technology, but as usual, you need to take basic security measure. When you’re configuring user account access on the VPN gateway system, always change the default settings and never use the default passwords.
You should also to give each person an individual access account. In practice, that means if your partner quits, you don’t have to change the access passwords for the entire office — you just have to turn off the problematic account.
Don’t let this happen to you: One of my accountant clients panicked when he noticed that a former partner had accessed the company client list through their VPN. He sheepishly admitted that the entire company accessed the office remotely through a single VPN account.
Client-Side Configuration
Once you have configured your appliance, you will need to configure the software on the computers (clients) connected to the network. The systems designed for small installations assume that you will use the free and easy-to-use Microsoft or Macintosh VPN client software that’s built into the client’s operating system.
Microsoft has very nicely included a wizard to help you configure it quickly. This link on the Microsoft Web site gives detailed directions.
Conclusion
Adding a VPN appliance to your office network gives you a remote access solution that lets you and your staff to be more productive from anywhere in the world — not a bad return on a few hundred dollars and an hour of your time.
Beth Cohen is president of Luth Computer Specialists, a consulting practice specializing in IT infrastructure for smaller companies. She has been in the trenches supporting company IT infrastructure for over 20 years in a number of different fields including architecture, construction, engineering, software, telecommunications, and research. She is currently consulting, teaching college IT courses, and writing a book about IT for the small enterprise.
Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today! |