Recommendation to secure dial-in access

Posted on 2005-04-18
Last Modified: 2010-04-09
I was wondering if anyone could provide me with some recommendations on securing my LANs dial-in access. We currently allowing some users to use PCAnywhere for support. I woudl like to require them to all dial through one RAS, and I would like to make the use a secure key that is generated automatically - in otherworks, no one could dial in without calling us first. Are there any systems like this?

Also, does anyone know of a good product which sweeps a network to detect unauthorized remote access programs.

Question by:ainselyb
    1 Comment
    LVL 9

    Accepted Solution

    Here is the way I see it to be done securely.
    This is assuming you have Internet Access to your LAN.
    Remove ALL modem connections from your network. In my opinion a modem is nothing but a whole waiting to be penetrated. Others will certainly disagree.
    Get a static IP address from your ISP.
    Put in a VPN solution. This could be a vpn server like windows 2003, Firewall like ISA 2004, or another vpn solution.
    Users MUST vpn in (authenticate with a local username/password), then they can run PCAnyWhere or VNC, or similar to connect to their machines.
    You can control WHO can dial in.
    You control only 1 single point of entry vs. multipe
    You can use PPTP which isn't all that secure, or you can use L2TP/IPSEC to secure the channel with a certificate.

    Hope it helps.


    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Suggested Solutions

    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now