Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Selection factors for remote access solution

I'm considering implementing a remote access solution that has the potential for P2P. I'm attracted to this solution because there is no remote access point software to install since it uses a browser only. I will retain administration rights for all users within my organization. The solution uses shared key cryptography along with SSL and will reside as CPE in my NOC. What are some of the selection factors I should consider for this solution?

In short,

* You want to make sure the browsers people use are secure. In such transactions, much security is left up to the browser. Make sure up-to-date browsers are used.

* Look for any time during the registration when the user information is transmitted in the clear. It should not be.

* Does it depend on a password? Then it is only as strong as the passwords people use. Obvious ones? Guessable?

* How does it handle repeated access failures (like someone trying to guess)?

* Does it leave around any usable information on the browser system? If people use this at an airport kiosk, can someone immediately behind them access your system(s)?

* Strength of encryption used. Is it better than 40 bit or 56 bit secret key crypto?

This was last published in April 2001

Dig Deeper on Web authentication and access control

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.