SSH Tectia

Remote Access with SSH Tectia Client/Server

SSH Tectia can be used to enable cost-effective secure remote access to selected applications over the Internet although it is not a complete virtual private network (VPN) solution. It is possible to use the SSH Tectia client/server solution together with a perimeter VPN solution to create an extra layer of end-to-end security to most mission-critical applications. In those implementations where the VPN supports DHCP over IPSec or uses a similar method for providing the remote machine with a private IP address, SSH Tectia Client/Connector should work similarly over the internal and external network.

SSH Tectia Connector can be deployed so that its usage is fully transparent to the applications and to the user, whether connecting from the intranet or the Internet. Access to the intranet services is completed through a SSH Tectia Server with Tunneling Expansion Pack that is accessed with a public IP address. SSH Tectia Server with Tunneling Expansion Pack can reside either on the perimeter of the corporate network (with a public IP address), or inside the network (with a private IP address) if the firewall is configured to forward connections made to the SecSh port (i.e. regular port 22) to the private IP address owned by SSH Tectia Server with Tunneling Expansion Pack.

When using SSH Tectia Connector on a laptop for both local and remote access to the same shared resources, it is good to note the following:

Figure 5.5 illustrates how SSH Tectia client/server solution can be used to provide VPN-like functionality.

Remote access with SSH Tectia client/server solution

Figure 5.5. Remote access with SSH Tectia client/server solution

See also Securing Ascent CRM with SSH Tectia Connector Compatibility Note at http://www.ssh.com/resources/material/compatibility/.