Re: Access to network drives for home and roaming users
- From: "Anthony" <anthony.spam@xxxxxxxxxxxxxx>
- Date: Thu, 23 Aug 2007 12:10:01 +0100
Mike,
All the VPN does is to add a security layer to the remote access, so if you
don't want to use VPN, the question is, what security do you want to apply?
Then by the time you add the additional security, you may be thinking that
the VPN wasn't so bad.
Questions:
- Do you want the data in a DMZ, or do you want them to come straight
through the firewall to your LAN?
- If in a DMZ, how will they authenticate to it?
- How to interact with the data: HTTP, CIFS, FTP etc.?
Options you can consider:
1) An SSL VPN gives a simplified user access to internal resource. From a
user perspective, you could say they had direct access, as they only have to
authenticate once. In fact they are going through a VPN tunnel.
2) Allow RDP straight through. Impractical in any but very small
environments.
3) Use Terminal Services with remote access. For file access as distinct
from applications this is similar to the SSL VPN.
4) Anything with the content in a DMZ gets very complicated as to how you
are going to authenticate it with LAN users. You can use IIS with WebDAV and
SSL to give file and folder access, but you need some way to authenticate
the users. You don't want to go through to the DC on the LAN, so you have to
come up with a way of synchronizing usernames to a DMZ AD.
Hope that helps,
Anthony
http://www.airdesk.co.uk
"Mike D" <MikeD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6471DDBA-BA31-460B-98FF-1D5B40E15F8B@xxxxxxxxxxxxxxxx
Hello, I have a scenario I'd like to put out and see if anyone can help. I
have a windows 2003 R2 network with an internal and perimeter network, the
internal is fully windows 2003 and all users have access to mapped drives
on
the file server, we also have exchange 2007 server. In the perimeter
network
we have a frontend webserver hosting a public site and another box hosting
the edge exchange 2007 server.
I want to achieve simple remote access to user from home or roaming with
laptops without the need for VPN's, Exchange is easy and has been setup
for
OWA or the outlook client over HTTP, the problem I have is access to the
file
system and specifically the network drives they have access to. I'd like
to
give them access to certain network drives or folders somehow without
mapping
them over a VPN. I've thought about ftp etc but I figure there must be
plenty
of need for this out there and other companies must have easily achieved
it
with it being pretty much a microsoft shop....... so I want to see how
others
do it :) can anyone assist or provide advice.
Thanks
.
- Follow-Ups:
- Prev by Date: Re: Enable client certificate based authentication for certain urls
- Next by Date: Re: Access to network drives for home and roaming users
- Previous by thread: Re: Enable client certificate based authentication for certain urls
- Next by thread: Re: Access to network drives for home and roaming users
- Index(es):
Relevant Pages
|
Loading
