|
Executive Summary
Without question, "anytime, anywhere" access to corporate resources is more of a business imperative today than ever before. Mobile workers increasingly consider the privilege of remote access an "inalienable right" on par with "life, liberty, and the pursuit of happiness." But with the increasing demands for far-flung connectivity come new threats to network and systems security, and the ever present pressures on IT professionals to manage these remote computing endpoints as though they were within the corporate network.
This whitepaper examines how the LANDesk Management Gateway in LANDesk management solutions 8.6, along with LANDesk Trusted Access, help organizations extend the enterprise management of remote devices across the Internet without having to "punch holes" in the firewall or compromise the security of such devices or the corporate infrastructure.
Obstacles to Cost-Effective Remote Management
In the past, organizations with employees that work outside the corporate firewall have found it extremely difficult or expensive to manage these workers' computers. To be able to provide remote users the same level of support enjoyed by users within the corporate boundaries would typically require dedicated leased lines or VPN solutions. But since these workers at remote locations are frequently few in number or even temporary in nature, it's often a leap to justify the cost of such connectivity. Consider these IT support scenarios for example: -Remote sales offices, typically staffed by a few workers in each office -A home builder who relocates a mobile office to a subdivision for the duration of the construction project -A proposal writing consultant team that works onsite at a defense contractor for two months -Franchised restaurants that upload financials, place orders, and download corporate data -An IT task force that travels abroad for three weeks to resolve obstacles to a new software implementation -An emergency response unit of a government agency that sets up operations in a disaster area -A jewelry manufacturer that opens a series of kiosks in shopping malls, each staffed by one or two people
Problematic Solutions
Some organizations turn to dial-up connections only to battle with an array of problems that result from slow speeds, low bandwidth, and the lack of a dedicated connection. Software distribution and patch deployment take too much time. Real-time device monitoring, scanning, and inventorying become problematic or near impossible. Remote troubleshooting of users' computers is slow, cumbersome and typically requires considerable user involvement, all leading to higher support costs and significant productivity losses.
Instead of using leased lines or dial-up connections to apply patches or distribute software updates to remote users, some organizations create distribution CDs at their corporate headquarters and then mail them to the remote sites in hopes that they'll be deployed once they arrive. To ensure that theCD does get deployed, they'll often fly out an engineer with theCD to the site or hire a local contractor to implement the deployment.
Regardless of the option they choose, these methods delay vulnerability remediation, breed inconsistency in security policy compliance, hinder productivity, and lead to higher support costs. Furthermore, these practices do not address the issue of how to track and manage remote inventory and asset information.
Realizing the ineffectiveness or high costs of these different remote management schemes, some organizations instead leverage the ubiquitous and inexpensive connectivity offered by the Internet. However, this typically has required them to "punch holes" in their corporate firewalls, thereby opening the door to intruders and malicious attacks on their enterprise infrastructure.
|
