Solved

VPN or CItrix for support staff

Posted on 2012-03-12
11
1,352 Views
Last Modified: 2012-03-21
Firstly I will openly confess I am not a network admin.

A couple of questions though around remote access for admins/support and remote access for users:

1) Is it common that remote support vendors would use citrix over VPN for remote support, say for example if they support an internal application you use?

2) Or is citrix more geared towards user remote access rather than remote IT support/admin?

3) What is the difference between citrix/VPN or is citrix a form of VPN?

4) Are there any limitations of using citrix for remote support, or areas where another solution is typically better.
0
Comment
Question by:pma111
  • 3
  • 2
  • 2
  • +4
11 Comments
 
LVL 8

Accepted Solution

by:
Elmar-H earned 84 total points
ID: 37709143
VPN=Virtual Private Network

Citrix dont use VPN. You can support users without VPN. Citrix, Teamviewer and so on are tools for remote Support.

With this tools you can view the monitore from user or server and make support live.
0
 
LVL 25

Assisted Solution

by:Tony1044
Tony1044 earned 84 total points
ID: 37709157
Hi - answers below your questions:

1) Is it common that remote support vendors would use citrix OR VPN for remote support, say for example if they support an internal application you use? Not so common to put Citrix OVER VPN for remote support, but can be done for sure.

Very common. It saves time getting a support engineer onto site and allows for much easier troubleshooting and problem resolution.

2) Or is citrix more geared towards user remote access rather than remote IT support/admin?

Given the cost of it, it is generally more widely used for remote access - putting it in just for a few remote access support users tends to be prohibitively expensive.

3) What is the difference between citrix/VPN or is citrix a form of VPN?

Well if you're referring to Citrix XenApp - this is a mechanism for delivering published desktops and applications to users. One major advantage of Citrix over a VPN is that you can control access down to an individual application whereas a VPN solution tends to give full network access.

4) Are there any limitations of using citrix for remote support, or areas where another solution is typically better.

I would generally not use Citrix _just_ for a remote support option due to the expense and possible additional complexity. Plus the application(s) in question may not support the latest 64-bit only version.

On top of that, the app needs installing onto the Citrix server or you use that as a jumpoff and allow RDP into the application server.

Or you could simply provide RDP access into your environment (not the most secure mechansim as nothing is encrypted).

OR you could provide a RD Web portal and then control application/RDP access to resources in a similar way to Citrix using just RDS licenses and this ensures a similar level of security and encryption as a Citrix solution at a much lower cost (if you use Citrix you also need RDS CALs on top).
0
 
LVL 3

Author Comment

by:pma111
ID: 37709204
Ok thanks, so what technology and archtiecture is behind a VPN solution? Are there common providers of VPN technology? What is installed on the remote clients and network infrastucutre to make VPN "happen"?
0
 
LVL 3

Author Comment

by:pma111
ID: 37709208
So VPN is typically cheaper than Citrix?
0
 
LVL 25

Expert Comment

by:Tony1044
ID: 37709236
A VPN can be provided by some DSL switches or there may be an endpoint such as a dedicated device or server.

I've seen it implemented quite trivialy on a Windows XP desktop as this is significantly easier to set up than say Windows 2008 R2 for non-experienced staff.

VPN functionality may well be built into your firewall or router at the edge of your network.

There really are several options.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 23

Assisted Solution

by:Ayman Bakr
Ayman Bakr earned 83 total points
ID: 37709244
Another great way for remote vendor support and cheaper is using a form of web session like:

GoToMeeting
Webex

These solutions will allow the vendor to have a remote session on the client and control the mouse and keyboard depending on the level the client will allow. Such solutions are suitable where security is a concern and you want to give restrictive access to the vendor, i.e. you don't want the vendor to have a wide access to your network like in a VPN.
0
 
LVL 25

Expert Comment

by:Tony1044
ID: 37709270
Teamviewer and Logmein are also very good - web based, SSL encrypted and free.
0
 
LVL 3

Assisted Solution

by:awender2
awender2 earned 83 total points
ID: 37709722
VPN is the cheapest solution. Citrix is just some layer to provide services/sometimes network services too.

You can easily create a VPN connection even on a Microsoft Server (Routing and RAS).
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 37711945
Solutions like GoToMeeting, GoToAssist or Webex are invitation based. Usually will be owned by the support and for the client it will cost nothing.

This is how it goes:

1. Support Vendor sends an email invitation for the session

2. Client clicks the link and the session starts

3. Client would give mouse and keyboard control to the vendor (shared control, i.e. also the client can take control by moving the mouse or typing on the keyboard)

4. When finished the client can stop showing the monitor and the session would be ended.
0
 
LVL 19

Assisted Solution

by:basraj
basraj earned 83 total points
ID: 37713378
Please note that Citrix is more than a VPN. They both should not be compared. Application Virtualization is the main focus of Citrix Xenapp and Desktop Virtualization with Citrix xendesktop. Xenserver for server and so on.. If you plan to virtualize all applications for users around the globe and who will access from anywhere, any device, without conflicting their local desktop apps, and need a secure way of application delivery, then Citrix with Access gateway should be considered over VPN.

If you do not have the above requirement and only need a remote access to all  local resources from branch office to others, vice-versa and no need of application virtualization then you can skip Citrix and focus on VPN products.
0
 
LVL 23

Assisted Solution

by:Coralon
Coralon earned 83 total points
ID: 37715360
In addition to the rest of the comments, I'll add more that should help :-)

1. Citrix - this is a very *broad* umbrella that consists of a large number of technologies.
VPN - this can be done by Citrix Netscaler's - it can provide an excellent SSL based VPN
VPN - this can also be done by Citrix Access Gateway providing an SSL based VPN
GoTo* (Meeting, Webinar, Assist etc.) - this is a set of remote access technologies adapted to a wide variety of circumstances.  This is very suitable for Remote support
XenDesktop - An excellent solution for providing individual desktop access to users.  It supplies a wide variety of technologies well aimed at the enterprise, and contains the best USB device support for remote clients.  It uses a modified version of ICA for presentation
XenApp - the 'grand daddy' of them all.  It provides the foundational version of ICA for presentation and uses servers to provide applications/desktops to a number of simultaneous users.  It has USB support, but due to the nature of USB and USB detection, the number of devices is not as robust as XenDesktop

For Vendor support, I definitely prefer the ad-hoc session capabilities of things like GoToMeeting/GoToAssist, WebEx etc.  As a side note -- unless things have changed, TeamViewer is only free for personal use, and is *not* free in a corporate environment.

The other consideration is what your vendor wants access to.. in 99% of cases, GoTo* or WebEx will work just fine and give you pretty solid control of what they can do or not do.  Of course it does require your involvement to launch the session.

The other technologies require you to set up AD accounts for them, and treat them as any other user - all of the management pieces are required, and you are giving them basically 'invisible' access to your network (or some piece of it).

Coralon
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

#Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
#Citrix #XenApp #Citrix Scout #Citrix Insight Services #Microsoft VMMAP #Microsoft ADEXPLORE #Microsoft RAMMAP #Microsoft TCPVIEW #Microsoft AUTORUNS #Microsoft PROCESS EXPLORER #Microsoft PROCESS MONITOR
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now