When you’ve properly secured your network, important data is only accessible from a user’s workstation or through a VPN connection. The problem with maintaining a high level of security is that it can also make it difficult to grant access to remote users. You can reduce some of the complexity by deploying an access portal. In this Daily Feature, I’ll show you what an access portal is and describe some of the components of my favorite portal application, NFuse Elite from Citrix Systems.

An access portal does more than a VPN
As more and more of your users go mobile, you need to give them a way to access data on the network. You can create a VPN on your network to provide access, but that’s only half the job. You must also make sure that applications your users want to run are available to remote workstations.

This can be a huge undertaking. If you’re lucky, all your remote users have company-issued laptops, giving you a bit of control over machine configuration. However, many of your users probably want to access your network from their home computers, which adds a whole new level of complexity to your support infrastructure. You need to know what operating systems your users are running on their home machines, along with any potential conflicting applications. You can even run into problems with a company-supplied laptop; for example, a user might install software that causes problems with the remote application they want to run.

An access portal can help solve this problem because it does more than a simple VPN. A VPN opens an access point to give remote workstations the ability to connect to a network, but an access portal lets you create a virtual environment for your users. Using a Web browser, a remote user can access your portal and run needed applications from it. There’s nothing to install on a client workstation and no need to worry about remote client configurations.

Citrix NFuse Elite
Many software companies, such as IBM and Microsoft, offer access portal solutions. I’ll describe one of my favorite portal solutions, Citrix’s NFuse Elite, a powerful and very customizable access portal that lives up to the reputation of other Citrix products like WinFrame and MetaFrame. It’s a complete access portal solution that leverages existing infrastructure and integrates seamlessly in your enterprise.

Citrix actually sells two portal products: NFuse Classic and NFuse Elite. As the names suggest, NFuse Elite is the more feature-rich version. Although NFuse Classic lets users run applications from a Web browser, it lacks some of the advanced features of NFuse Elite. Some of the things you can do with NFuse Elite that you can’t do with NFuse Classic include:

  • Use Content Delivery Agents to publish information on the portal.
  • Allow users to personalize their desktops.
  • Create portal farms to share application loads.
  • Centrally manage server farms and applications using the Portal Management Console.
  • Authenticate users against Active Directory.

Content Delivery Agents
Content Delivery Agents (CDAs) are at the heart of NFuse Elite and are the building blocks of its technology. As their name suggests, they act as agents to deliver content to the portal. Think of CDAs as plug-ins or add-ons that make it easy to extend the portal’s features and functionality.

For example, a CDA for Microsoft Outlook can deliver a user’s personalized page and display their e-mail inbox inside a dedicated portion of the screen when the user logs in. The personalized screen consists of a number of CDAs that have been selected for the user, such as frequently used tools and important information.

With CDA-configured applications, you don’t need any kind of additional software to view your inbox, including Microsoft Outlook itself. With other portals, such as Microsoft Sharepoint Portal, you’d still need a client piece like Outlook to see or use your inbox.

In Figure A, you can see a screen shot of an NFuse portal that displays how a portal would appear to a user. Some of the things you can see on this screen are:

  • A SQL database.
  • Program Neighborhood, which allows you to launch applications.
  • A Web viewer pointing to the Citrix Web site.
  • A Shared Directory from which you can view or download files.

Figure A
You can customize the portal to allow users access to everything they need to do.

Portal administration made easy
NFuse Elite offers an administration GUI called the Portal Management Console (PMC). If you’ve ever used MetaFrame XP, you’ll recognize the PMC as the equivalent of the Citrix Management Console (CMC) for MetaFrame. The PMC is your one-stop shop for everything to do with your portal, from creating it to customizing and administering it. You can activate licenses, install CDAs, customize Web pages, and personalize content, all from this very cool tool.

The PMC works just like the Microsoft Management Console (MMC) utilities used to administer your Windows 2000 server, as shown in Figure B. You can install the PMC directly on your administration workstation. You don’t have to worry about logging in directly to your portal server to do your administration work.

Figure B
The PMC works and looks like regular MMCs.

So how much does all this cost?
Although an access portal may save you time in administering your remote users, you may wonder how much money it will actually cost. Citrix prices NFuse Elite on a per-named-user license. A named user is any user who has a user name and password to access NFuse Elite, regardless of whether the user is actually logged in to NFuse Elite or not. The license takes effect and will be consumed as soon as you designate an existing Windows 2000 user as an NFuse Elite user or create a new Windows 2000/NFuse Elite user.

At the time of writing this Daily Feature, each named user license is priced at $67. This price covers $58 for the base license and $9 for Subscription Advantage, which entitles you to support and upgrades. The base license package includes a license for 75 named users, so NFuse Elite costs $5,025 out of the box. As with all Citrix products, NFuse Elite comes with a 90-day evaluation license, so you don’t have to activate it for three months. Additional license packs are available in packs of 25, 50, 100, or 250. License activation is also available through the Citrix Activation System. As soon as you have an activation key, you can install the key through the PMC.

Be an Elitist
A traditional VPN may give your users access to your network, but merely providing access is only half the battle—you’re still faced with the hassle of giving users access to the data they need, as well as supporting the remote applications they want to run. An access portal like NFuse Elite can make it easier to satisfy your users.