Spotlight: Lantronix ManageLinx
Furthermore, remote access deployment is not without a number of pain points. One of the most significant is the issue of security. Many remote access solutions like VPNs use SSL (Secure Socket Layer), TLS (Transport Layer Security) or SSH (Secure Shell) protocols to provide a secure VPN connection. These protocols must be implemented and configured correctly to ensure the security of the communication.
This takes the skill set of a network administrator, adding to the complexity of establishing a secure remote access solution. Using a security method like public keys requires the sender to have access to the recipient's key, again adding further complexity to remote access configuration.
Another important consideration, once a VPN connection is established, is that the connected session for all intents and purposes becomes another machine on the remote site's network. That means that connection is subject to the same vulnerabilities as any other local computer would be. This works conversely, too. End users may be making connections from unsecured machines. This all adds up to a potential taxing of IT resources to ensure security with VPN connections.
There is also the issue of firewalls. Ports often have to be opened to allow for remote connectivity. Once a port is opened, it could presumably pose a security risk on a network.
VPNs also require client configuration, either through a third-party client software product or through the operating system as is the case with Windows' Network Connections setup page. Problems often arise with client configurations and, again, IT staff must be available for end users that may have problems with their remote access.
In our quest for the ideal remote access solution, the CRN Test Center looked, examined and evaluated.
A Solution: Lantronix's ManageLinx
Lantronix Inc. has delivered, we have found, a machine-to-machine remote management solution. ManageLinx provides easy, secure remote Internet access to any IP-based resource. It can provide access to resources that are behind firewalls or traditional VPNs. Lantronix stressed to reviewers how easy this solution was to set up and they could not have been more correct.
ManageLinx uses an appliance called a Device Services Controller or (DSC). There are three logical components as well: a Host Controller for mediating connections between the host originating a network connection and the network, The Device Controller, which mediates connection between target devices and the network and Device Services Manager (DSM), which is a hardware device that serves as a management platform and acts as an intermediary to securely relay connections between the Host Controller and Device Controller.
Reviews connected each controller to a router on separate networks. Then a connection to the Web management interface of the services manager was initiated. Through this interface, each controller is configured, one as a Device Controller the other as a Host Controller. Configuration was simple, and only required giving each DSC a profile name and adding network information (static or DHCP is supported.)
Then each IP device or server that remote access is to be granted to is added. Again, this was very easy to do in the interface—add the device's IP address, MAC address and it's set.
The Web interface has a graphical view of each controller and the service manager. When devices/servers are added they can be placed underneath the controller that represents the network the added device belongs to. This view gives a quick way to see how the ManageLinx platform is laid out in a customer's network.
The next step required downloading a bootstrap file for the DSC device controller. This is done with a click of a button in the management interface. The bootstrap file is downloaded onto a USB flash drive. The USB is then inserted into the controller for a few seconds. A sequence of flashing lights indicates when the controller has made a connection to the DSM.
The host controller DSC also requires its own bootstrap file to be uploaded to the device. It is done in the same manner as for the device controller, the only exception being the bootstrap file is not downloaded to a flash drive until VIP mapping to the remote device or server added is done. Virtual IP mapping gives a route to the target device. In this case, a VIP was created to the server added earlier. Once the host DSC had the bootstrap file added to it, the graphical map representing all the devices showed green connectivity for all components. A remote desktop connection from the remote network gave access to the server added as a target device.
The entire configuration took about 20 minutes. The simplicity is such that nontechnical employees could easily set this up in a pinch.
ManageLinx is a great way to give customers remote office access seemingly on-the-fly without the need to make any network changes or compromises in security.