Information Technology Reference
In-Depth Information
CHAPTER 4
■ ■ ■
Routing and Remote Access
Service (Remote Access)
R
outing and Remote Access Services (RRAS) was officially born in 1996 when Microsoft
released the service to replace the more basic Remote Access Service (RAS) in Windows NT 4.0.
As its name implies, RRAS provides services for network routing and remote access.
In Chapter 5, we will discuss the configuration of RRAS as a full-featured network router.
In this chapter, however, we will discuss how remote access services work; remote access
services are an integral part of RRAS, yet they are deserving of their own chapter.
Remote access services come in many forms. Generally, remote access refers to any method
that an end user can employ to connect to a non-local site. We will focus on two common
scenarios in this chapter:
•
An end user manually establishes a remote connection in order to access data on the
remote network. The end user may be at home, at an airport, or at a customer's business
location.
Two remote sites are connected by a dedicated or on-demand link. No end user inter-
vention is required to establish or restore the link.
In today's computing environment, with so much emphasis placed on Internet access,
security has (or should) become a driving factor in any network implementation. Whether your
users and administrators select a remote-control solution, such as Microsoft's Remote Desktop,
Terminal Services, or Symantec's pcAnywhere, the implementation must be considered with
security in mind in order to reduce the risk of unauthorized intrusion, data or identity theft, or
any compromise of the internal (trusted) network.
Creating virtual private networks (VPNs) is one method that can be used to secure remote
connections. VPNs are frequently described as “tunnels” through an untrusted network
(typically the Internet) that securely connect two points. These endpoints include the end user
requesting the remote access and the RRAS server providing the service; it may alternatively
consist of two RRAS servers connected to each other through the Internet.
VPNs operate over one of two protocols: Point-to-Point Tunneling Protocol (PPTP) or
Layer-2 Tunneling Protocol (L2TP). Microsoft RRAS supports both protocols. In general, PPTP
connections are easier for an end user to configure, but they are less secure than L2TP connections
due to the fundamental design of the protocol. As a system administrator, you should consider
which implementation is best for you by identifying not only the systems you are trying to
141
