Ask the Expert

Selection factors for remote access solution

I'm considering implementing a remote access solution that has the potential for P2P. I'm attracted to this solution because there is no remote access point software to install since it uses a browser only. I will retain administration rights for all users within my organization. The solution uses shared key cryptography along with SSL and will reside as CPE in my NOC. What are some of the selection factors I should consider for this solution?


    Requires Free Membership to View

In short,

* You want to make sure the browsers people use are secure. In such transactions, much security is left up to the browser. Make sure up-to-date browsers are used.

* Look for any time during the registration when the user information is transmitted in the clear. It should not be.

* Does it depend on a password? Then it is only as strong as the passwords people use. Obvious ones? Guessable?

* How does it handle repeated access failures (like someone trying to guess)?

* Does it leave around any usable information on the browser system? If people use this at an airport kiosk, can someone immediately behind them access your system(s)?

* Strength of encryption used. Is it better than 40 bit or 56 bit secret key crypto?


This was first published in April 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: