GoToMyPC Technology Making Life Simpler for Remote and Mobile Workers



Similar documents
WHITE PAPER. GoToMyPC. Citrix GoToMyPC Corporate Security FAQs. Common security questions about Citrix GoToMyPC Corporate.

GoToMyPC Corporate Security FAQs

Citrix GoToMyPC Corporate Provisioning Tool. Seamlessly integrate the GoToMyPC Corporate solution with your existing support infrastructure.

GoToAssist Remote Support HIPAA compliance guide

GoToMyPC Corporate Advanced Firewall Support Features

Corporate and Payment Card Industry (PCI) compliance

GoToAssist Express Best Practices Guide to Unattended Support

Security from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.

GoToMyPC. Remote Access Technologies: A Comparison of GoToMyPC and Microsoft Windows XP Remote Desktop

Citrix GoToAssist Service Desk Security

HIPAA compliance. Guide. and HIPAA compliance. gotomeeting.com

Expertcity GoToMyPC and GraphOn GO-Global XP Enterprise Edition

Citrix Access Gateway

GoToMyPC reviewer s guide

The All-in-One Support Solution. Easy & Secure. Secure Advisor

SSL VPN Technical Primer

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Citrix GoToAssist Corporate 9.0. Reviewer s Guide. Featuring the New Addition of. Mac Support

Windows Remote Access

Security and the Mitel Teleworker Solution

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Three reasons. why IT pros choose GoToAssist over the competition. Real customers share their insights on IT support tools.

GoToAssist. Technology and Security Overview. Citrix Online Division 5385 Hollister Avenue Santa Barbara, CA Like being there.

Content Page. 1 Remote Access - HEIDELBERG's interactive remote service approach 2. 2 How HEIDELBERG's remote service approach works 3

7.1. Remote Access Connection

Endpoint Security VPN for Mac

White paper. Microsoft and Citrix VDI: Virtual desktop implementation scenarios

Advanced Service Desk Security

GoToMeeting Reviewer s Guide

Securing Citrix with SSL VPN Technology

Unicenter Remote Control r11

ReadyNAS Replicate. Software Reference Manual. 350 East Plumeria Drive San Jose, CA USA. November v1.0

Remote Access for LAPD Users Using Aventail SSL VPN

Remote Access and Control of the. Programmer/Controller. Version 1.0 9/07/05

GoToMyPC and. pcanywhere. expertcity.com. Remote-Access Technologies: A Comparison of

SSL VPN vs. IPSec VPN

Deploying F5 Application Ready Solutions with VMware View 4.5

SSL SSL VPN

GoToMyPC Corporate Administrator Guide

Stealth OpenVPN and SSH Tunneling Over HTTPS

BeamYourScreen Security

USER GUIDE. General Information The BeAnywhere Service BeAnywhere Server BeAnywhere DRIVE Security... 2

Wireless VPN White Paper. WIALAN Technologies, Inc.

Automatic Hotspot Logon

VNC User Guide. Version 5.0. June 2012

How To Configure A Kiwi Ip Address On A Gbk (Networking) To Be A Static Ip Address (Network) On A Ip Address From A Ipad (Netware) On An Ipad Or Ipad 2 (

User Guide. Citrix Online. GoToMyPC. GoToMyPC Pro GoToMyPC Corporate

2X ApplicationServer & LoadBalancer Manual

Technical White Paper BlackBerry Security

Parallels Plesk Panel. VPN Module for Parallels Plesk Panel 10 for Linux/Unix Administrator's Guide. Revision 1.0

Clientless SSL VPN Users

BlackShield ID Agent for Remote Web Workplace

Expertcity, Inc. GoToMyPC User s Guide. GoToMyPC User s Guide. Version 3.0

Enterprise Solution for Remote Desktop Services System Administration Server Management Server Management (Continued)...

ReadyNAS Remote White Paper. NETGEAR May 2010

FortKnox Personal Firewall

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

2X ApplicationServer & LoadBalancer Manual

Secure remote access to your applications and data. Secure Application Access

Deploying NetScaler Gateway in ICA Proxy Mode

WebEx Security Overview Security Documentation

Security. TestOut Modules

VPN. Date: 4/15/2004 By: Heena Patel

FileCloud Security FAQ

Bit Chat: A Peer-to-Peer Instant Messenger

Ti m b u k t up ro. Timbuktu Pro Enterprise Security White Paper. Contents. A secure approach to deployment of remote control technology

A Guide to New Features in Propalms OneGate 4.0

Accessing the Media General SSL VPN

Simplicity is power.

How to Increase Your Sales Close Rates with Video Conferencing

Internet-based remote support for help desks

Integrating F5 Application Delivery Solutions with VMware View 4.5

Technical papers Virtual private networks

Technical White Paper BlackBerry Enterprise Server

Synology QuickConnect

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Contents Notice to Users

CTERA Agent for Mac OS-X

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

RSA SecurID Ready Implementation Guide

MIKOGO SECURITY DOCUMENT

SSL VPN Technology White Paper

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client

Design and Implementation Guide. Apple iphone Compatibility

GoToMeeting. Citrix Online. User Guide. Organizing, Conducting, Presenting and Attending Web Meetings. GoToMeeting User Guide. Version 4.

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client

Web Remote Access. User Guide

Cisco ASA 5500-X Series ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X

Transcription:

Technology Making Life Simpler for Remote and Mobile Workers Learn why is the most secure, cost-effective and easy-to-use solution for providing remote access to the desktop. www.gotomypc.com

Today, secure remote access to your computers is no longer a luxury it has become a necessity. Being able to tap into your home or office computer from hotels, Internet cafés and airport kiosks can greatly increase your efficiency, productivity and job satisfaction. Yes, you can get it from here is a hosted service that enables secure browser-based access to any Internet-connected Mac or PC. Features include a screen-sharing Viewer, Drag-and-Drop File Transfer, Remote Printing, Guest Invite, use with multiple monitors, compatibility with many mobile devices and chat. You can easily install and use. Unlike other solutions, does not require permanent client software or a network change. A resizable Viewer, launched from any browser with an Internet connection of 56 Kbps or better, enables interactive access to any desktop application (even those that are not Web based). The File Transfer feature sends and receives files, folders and directories, including those located on LAN-connected fileshares. Remote Printing allows printing to a client printer from the host computer Viewer. Third parties can even be granted temporary access to a enabled desktop with Guest Invite. s client Viewer and host are designed from the ground up for efficient, secure communication over any network. Keyboard, mouse and display updates are transmitted over a highly compressed, encrypted stream, generating an experience that s like being there. By providing fast, reliable, easy-to-use remote access to the user s native desktop, can increase your productivity. Under the covers, is a hosted service, made up of four components (see Figure 1). A small footprint server is installed on the computer to be accessed typically, a home or office computer with always-on Internet access. Many other solutions require servers to receive incoming packets at a public IP address. The host Mac or PC establishes a persistent TCP connection to the broker (poll.gotomypc.com) that allows it to be notified if any connect requests have been received. The host will attempt to keep the connection open by sending TCP keep alive packets approximately every 60 seconds. This makes completely compatible with application proxy firewalls, dynamic IP addresses and network/port address translation (NAT/PAT). On the client side, the remote or mobile worker launches a browser, visits the secure Web site, enters a user name/password and clicks on a connect button for the desired computer, sending an SSL-authenticated, encrypted request to the broker. During an active connection, the Web site displays a session-in-use notification. Users can also review their own connection histories to confirm the absence of suspicious activity such as failed log-in attempts. 2

Figure 1: Communication Architecture The broker is a matchmaker it listens for connection requests and maps them to registered computers. When a match occurs, the broker assigns the session to a communication server. The client Viewer and host computer are supplied with the communication server address and a unique session ID. At this point, the client Viewer a tiny session-specific executable is automatically loaded by the browser s Java Virtual Machine. This Viewer gives remote workers access to their computers from any computer with a Java-enabled browser, including many wireless mobile devices. The communication server relays an opaque, highly compressed, encrypted stream from client to host. The client and host mutually authenticate each other, using a shared secret (a computer access code) known only to them. For scalability, reliability and optimal performance, the broker automatically load balances sessions across a pool of geographically distributed communication servers. Implementation with ease enables secure remote access quickly, seamlessly and almost effortlessly. leverages an existing computer desktop by provid- 3

ing secure user-to-computer access. With screen sharing and sufficient bandwidth, users can have exactly the same desktop environment, whether working at the office, at home or on the road. On the client side, even the most basic PC, Mac, Unix workstation or Windows-based mobile device can be used as a remote monitor, keyboard and mouse. Because it requires just a browser, can even run on public computers. On the host side, the user s existing Mac or PC does all the heavy lifting providing CPU, memory, disk and applications. is an end-to-end solution, designed to avoid any complications with your workplace network. Travelers working at a customer or business partner office, staying in a hotel with broadband Internet access or using a public computer often find these environments hostile to IPsec clients, but not. Its protocol design is compatible with dynamic and static IP addresses, network and port address translation (NAT/PAT) and firewalls that block incoming sessions. integrates with an organization s existing network and security infrastructure to lower total cost of implementation in a manner that allows the network owner to retain complete control over remote-access users and services. Keep it secure can be used at your workplace. Some workers use products that get around LAN security by dialing directly into office computers. eliminates this temptation by using the Internet. With, there is no need to punch holes through corporate firewalls. All connections are initiated by the client and host and use outgoing TCP ports frequently left open: 80, 443 and/or 8200. encapsulates all traffic even encrypted packets carrying proprietary protocol inside standard HTTP wrappers, ensuring compatibility with firewalls that inspect payload. IPsec even SSL-based VPN services usually require firewall adjustments. Instead, adjusts itself to the firewall. However, enterprises that want firewall control over can do so very easily, using a single IP-level filter to block traffic to Citrix Online s broker. Upon request, Citrix Online will also filter connections made to a company s network address block, ensuring that only company-authorized computers can be accessed by company-authorized users. uses multiple, nested passwords to keep outsiders away. The broker authenticates itself with a digital certificate. Clients authenticate themselves by user name/password, exchanged over SSL, with a three strikes rule (account disabled for a user-designated number of minutes after a user-designated number of failed log-in attempts). When hosts register with the broker, each is assigned a unique random number. Hosts authenticate themselves by signing their number with MD5 and user name/password. Thereafter, the broker and hosts exchange MD5 challenge/response messages based on a sequence known only to the pair. For added privacy, whenever a client connects to a host, they also authenticate each other, using a shared secret known only to the end user and the accessed computer. Each end point generates a large random number and digitally signs that number with the computer s access code. This exchange also forms the basis for generating 128-bit session keys used to encrypt data. For an additional level of security, One-Time Passwords can be used to thwart keystroke capture attacks by making secret-stealing pointless. 4

provides data confidentiality with a highly compressed encrypted stream that ensures confidentiality without sacrificing performance. implements 128-bit Advanced Encryption Standard (AES). AES was selected due to its computational efficiency, flexibility, simplicity and security; it is the U.S. government s designated cipher for protecting sensitive information. Screen sharing and file-transfer packets include a sequence number to prevent message-replay attacks. These packets carry highly compressed binary data that are framed in a proprietary protocol and encrypted with AES. A hacker cannot modify these packets without corrupting them. Any third party attempting to inject or replay packets would have to know both the session key and the current state of the AES engine. Lack of clear text makes it exceedingly difficult to guess the encryption key through traffic analysis. And of course, each key is good for just one session. One of the advantages of providing remote access through screen sharing is the ability to leverage the access controls already in place on the corporate LAN. For example, when connects, the remote user must enter a Windows login and password to access the computer and be granted file, host and domain-level permissions associated with his or her account. In other words, the remote user does not have tunneled access to the enterprise network he or she only has access to a single computer s desktop, and is subject to access controls already in place for that desktop. Host screen blanking and host keyboard/mouse input blocking increase the physical security of the computer being accessed. It s also important that remote-access sessions be terminated after inactivity. Remote users walk away from public computers without logging out and leave home computers unattended. uses inactivity time-outs to help mitigate these threats. Users are automatically logged out of the.com Web site when their SSL session remains inactive for 15 minutes. In addition, users can configure the Viewer to time out after a period of inactivity. Although most security features are pre-configured, users can activate additional features such as local computer keyboard/screen lockout during remote access. 5

Conclusion is a very attractive solution for individual desktop remote access that is secure, fast, easy to use and reliable. Excerpted from a white paper by: Lisa Phifer Core Competence, Inc. lisa@corecom.com About Lisa Phifer: Lisa A. Phifer, vice president and co-owner of Core Competence, has been involved in the design, implementation and evaluation of data communications, internetworking, security and network-management products for over 20 years. At Core Competence, she has advised companies large and small regarding security needs, product assessment and the use of emerging technologies and best practices. Citrix Online Division 6500 Hollister Avenue Goleta, CA 93117 U.S.A. T 1 805 690 6400 info@citrixonline.com Media inquiries: pr@citrixonline.com T +1 805 690 2969 Citrix Online Europe Middle East & Africa Citrix Online UK Ltd Chalfont Park House Chalfont Park, Gerrards Cross Bucks SL9 0DZ United Kingdom T +44 (0) 800 011 2120 europe@citrixonline.com Citrix Online Asia Pacific Suite 3201 32nd Floor One International Finance Center 1 Harbour View Street Central, Hong Kong SAR T +852 100 5000 asiapac@citrixonline.com About Citrix Online Citrix Online solutions enable people to work from anywhere. Our products include GoToAssist for remote support, GoToManage for IT management, GoToMeeting for online meetings, for remote access, GoToTraining for interactive online training and GoToWebinar for larger Web events. 6 2010 Citrix Online, LLC. All rights reserved. Citrix is a registered trademark of Citrix Systems, Inc., in the United States and other countries. GoToAssist, GoToManage, GoToMeeting,, GoToTraining and GoToWebinar are trademarks or registered trademarks of Citrix Online, LLC, in the United States and other countries. All other trademarks and registered trademarks are the property of their respective owners. 03.15.10/B-16031/PDF

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information