Questions

What is safest remote connection from home to a small business?

+
0 Votes
Locked

What is safest remote connection from home to a small business?

gladerac
Hi
My friend has a small business with a Dell desktop running XP. The Dell is currently connected to a Belkin router/wireless which is connected to the cable modem.

She would like to connect from home to the office using her iPhone/iPad. The Dell must stay at XP until the business software releases a version for other than XP. There are also a few laptops that access the business software but do not need Internet access.

What is the safest way to configure her office so she can remotely connect? I had planned on removing the Belkin as wireless does not work in the old building.

thanks
  • +
    0 Votes
    HAL 9000 Moderator

    A VPN is the best idea here though how you go about setting things up is a different story.

    Col

    +
    0 Votes

    I was thinking along the lines of a direct modem to modem connection,
    like the old Hyperterminal...but Win7 doesn't have it.

    +
    2 Votes
    robo_dev

    For the PC, use the free application UltraVNC, and for the IOS device use a product like Mocha VNC or Remoter ($10)

    On the firewall, open a non-standard port, define a NAT rule to get to the PC and set a strong password for the VNC app.

    While VNC by default does not use encryption, as long as you use something other than port 5900 and an easily guessed password, that is reasonably secure. Do not run VNC at the standard port or you will get constant hacking attempts for that device.

    While a VPN would, in fact, be more secure, you would either need to:

    a) invest in a different router/firewall, such as a Cisco, SonicWall, Barracuda, or similar device AND you will need to either find a suitable VPN client or make 100% sure it works with IOS and the Safari web browser or built-in VPN utility on the device.

    For example, Cisco makes some very nice ASA 5000 series security appliances that are firewalls and VPN devices, and then you would use the Cisco AnyConnect VPN client for iPad (or possibly the built-in VPN utility on the IOS device)

    OR
    Deploy (on a separate PC) an software-based VPN such as the one built into MS SBS 2003 or an open source solution like Adito OpenVPN. OpenVPN uses the web-browser on the client side, but have not tested it on an IOS device.

    +
    0 Votes
    dave

    They have a free app for the iPad\iPhone

    +
    0 Votes
    project

    For an easy and secure VPN use Logmein Hamachi.

    https://secure.logmein.com/products/hamachi/

    If you decide to connect a laptop or some other mobile device you have the benefit of having an always on mobile VPN solution . Also, it is very easy to setup and manage when compared to your standard VPN setups.

    +
    2 Votes
    TonyReilly

    Working in healthcare we use Logmein as it is secure and accredited for use.
    Well worth a look.

    +
    0 Votes
    ken

    We have migrated away from VPN as that requires too much management for several remote users that change locations frequently and has been compromised, to a product called "TeamViewer". We use TeamViewer to manage our fifteen remote location computers and it works seamlessly. TeamViewer uses RSA and AES (256 bit) encryption as well as session passwords and Verasign code signing. Easy to use. Another great aspect is that you can use TeamViewer as a BST monitor for system status as the nodes that are set up on your list for automatic remote control show up on a menu that displays if the machine is online or off at any moment. Great program, free version works as well as full version which is abit spendy, but for remote access for end users to see their workstation as if they were sitting in front of it and for IT to be able to remote in, watch, or control remote PC it is simply the best option out there right now.

    +
    0 Votes
    Bruce Epper

    Another advantage of TeamViewer is that you can use it to simply create a VPN to the machine as well instead of just a remote control session.

    +
    0 Votes
    a.portman

    TeamViewer, Logmein, Gotomeeting and Join.me are all easy and provide security. They all also go through a third party. If you do not want to share your email address, client's email address or other data with an advertiser, use your own software as robo_dev suggested. TightVNC, RealVNC and UltaVNC all provide instructions and multiple clients. They can also work with a browser and without a client. TeamViewer, Logmein, and Join.me all have TightVNC in their core.

    +
    0 Votes
    mike.laing

    You can use remote management to set it up without any third party tools, but make sure you back up the router settings first!

    http://www.belkin.com/support/article/?lid=en&pid=F5D8230-4&aid=2439&scid=0

    +
    0 Votes

    VPN

    Jasonjb1222

    Do you know the model of the Belkin router? Does it support a VPN?
    Change the wireless settings for the Wireless, use something harder to crack like WPA2 - not WEP.
    If you are going to use a "browser based solution" do NOT use Firefox (here comes the hate) unless you are using something other than WEP encryption. There are god reasons for this. You may or may not research them for yourself.
    XP has a native capacity to establish a tunnel using PPTP or IPSEC, your choice.
    Armed with this information you should be able to set things up fine.

    Alternatives, again depending on your Belkin include: Tomato or DDWRT ;-)

  • +
    0 Votes
    HAL 9000 Moderator

    A VPN is the best idea here though how you go about setting things up is a different story.

    Col

    +
    0 Votes

    I was thinking along the lines of a direct modem to modem connection,
    like the old Hyperterminal...but Win7 doesn't have it.

    +
    2 Votes
    robo_dev

    For the PC, use the free application UltraVNC, and for the IOS device use a product like Mocha VNC or Remoter ($10)

    On the firewall, open a non-standard port, define a NAT rule to get to the PC and set a strong password for the VNC app.

    While VNC by default does not use encryption, as long as you use something other than port 5900 and an easily guessed password, that is reasonably secure. Do not run VNC at the standard port or you will get constant hacking attempts for that device.

    While a VPN would, in fact, be more secure, you would either need to:

    a) invest in a different router/firewall, such as a Cisco, SonicWall, Barracuda, or similar device AND you will need to either find a suitable VPN client or make 100% sure it works with IOS and the Safari web browser or built-in VPN utility on the device.

    For example, Cisco makes some very nice ASA 5000 series security appliances that are firewalls and VPN devices, and then you would use the Cisco AnyConnect VPN client for iPad (or possibly the built-in VPN utility on the IOS device)

    OR
    Deploy (on a separate PC) an software-based VPN such as the one built into MS SBS 2003 or an open source solution like Adito OpenVPN. OpenVPN uses the web-browser on the client side, but have not tested it on an IOS device.

    +
    0 Votes
    dave

    They have a free app for the iPad\iPhone

    +
    0 Votes
    project

    For an easy and secure VPN use Logmein Hamachi.

    https://secure.logmein.com/products/hamachi/

    If you decide to connect a laptop or some other mobile device you have the benefit of having an always on mobile VPN solution . Also, it is very easy to setup and manage when compared to your standard VPN setups.

    +
    2 Votes
    TonyReilly

    Working in healthcare we use Logmein as it is secure and accredited for use.
    Well worth a look.

    +
    0 Votes
    ken

    We have migrated away from VPN as that requires too much management for several remote users that change locations frequently and has been compromised, to a product called "TeamViewer". We use TeamViewer to manage our fifteen remote location computers and it works seamlessly. TeamViewer uses RSA and AES (256 bit) encryption as well as session passwords and Verasign code signing. Easy to use. Another great aspect is that you can use TeamViewer as a BST monitor for system status as the nodes that are set up on your list for automatic remote control show up on a menu that displays if the machine is online or off at any moment. Great program, free version works as well as full version which is abit spendy, but for remote access for end users to see their workstation as if they were sitting in front of it and for IT to be able to remote in, watch, or control remote PC it is simply the best option out there right now.

    +
    0 Votes
    Bruce Epper

    Another advantage of TeamViewer is that you can use it to simply create a VPN to the machine as well instead of just a remote control session.

    +
    0 Votes
    a.portman

    TeamViewer, Logmein, Gotomeeting and Join.me are all easy and provide security. They all also go through a third party. If you do not want to share your email address, client's email address or other data with an advertiser, use your own software as robo_dev suggested. TightVNC, RealVNC and UltaVNC all provide instructions and multiple clients. They can also work with a browser and without a client. TeamViewer, Logmein, and Join.me all have TightVNC in their core.

    +
    0 Votes
    mike.laing

    You can use remote management to set it up without any third party tools, but make sure you back up the router settings first!

    http://www.belkin.com/support/article/?lid=en&pid=F5D8230-4&aid=2439&scid=0

    +
    0 Votes

    VPN

    Jasonjb1222

    Do you know the model of the Belkin router? Does it support a VPN?
    Change the wireless settings for the Wireless, use something harder to crack like WPA2 - not WEP.
    If you are going to use a "browser based solution" do NOT use Firefox (here comes the hate) unless you are using something other than WEP encryption. There are god reasons for this. You may or may not research them for yourself.
    XP has a native capacity to establish a tunnel using PPTP or IPSEC, your choice.
    Armed with this information you should be able to set things up fine.

    Alternatives, again depending on your Belkin include: Tomato or DDWRT ;-)