Remote Access Technology Brick

Remote access provides the ability to connect to the network from a distant location. This requires a computer, a modem and remote access software to allow the computer to dial into the network over a telephone line, cable or satellite service, and connect. Remote access via a virtual private network (VPN) creates encrypted tunnels over an existing Internet connection between remote users and the network data center.

Many ICs are deploying and managing their own remote access networks. Remote access at NIH is not vendor-managed and is not centralized. The deployment of multiple remote access infrastructures is unnecessary and inefficient.

Security of remote access services is always a concern, as the public network infrastructure is used to deliver these services to NIH users. The Security Architecture domain team report provides guidance on supplying security for the remote access design.

This technical solution also allows for a corporate-wide ISP contract that can be offered as an alternative access method to users who generate the highest access charges. Such an agreement could provide VPN over local, nationwide and international dial-up access on a more cost-effective basis.

• All new network elements at NIH must support Internet Protocol Version 6 (IPv6).
• Recommend retiring applications such as PC Anywhere. See Security policy for details.
• VPN is preferred over dial-up for tactical deployments.
• Tactical and strategic products were selected to leverage NIH's investment in products that are a proven fit for NIH's known future needs. Leveraging baseline products in the future will minimize the operations, maintenance, support and training costs of new products.
• Some baseline products have been designated retirement and containment. These products are either not as widely or successfully deployed at NIH, or they do not provide as much functionality, value, or Total Cost of Ownership as the selected tactical and strategic products.