Recommendation to secure dial-in access

I was wondering if anyone could provide me with some recommendations on securing my LANs dial-in access. We currently allowing some users to use PCAnywhere for support. I woudl like to require them to all dial through one RAS, and I would like to make the use a secure key that is generated automatically - in otherworks, no one could dial in without calling us first. Are there any systems like this?


Also, does anyone know of a good product which sweeps a network to detect unauthorized remote access programs.

Thanks
ainselybAsked:
Who is Participating?
 
TannerManConnect With a Mentor Commented:
Here is the way I see it to be done securely.
This is assuming you have Internet Access to your LAN.
Remove ALL modem connections from your network. In my opinion a modem is nothing but a whole waiting to be penetrated. Others will certainly disagree.
Get a static IP address from your ISP.
Put in a VPN solution. This could be a vpn server like windows 2003, Firewall like ISA 2004, or another vpn solution.
Users MUST vpn in (authenticate with a local username/password), then they can run PCAnyWhere or VNC, or similar to connect to their machines.
You can control WHO can dial in.
You control only 1 single point of entry vs. multipe
You can use PPTP which isn't all that secure, or you can use L2TP/IPSEC to secure the channel with a certificate.

Hope it helps.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.