Terminal Servers
A different twist on remote computing is found with terminal server products, which can sometimes be used in conjunction with one of the VPN solutions. Leading vendors in this area include Microsoft, SSH Communications (limited to text-only applications), and Citrix.
Here a computer runs a special operating system that turns a Windows PC into a multi-user environment. Remote users are just sent screen images and keyboard commands, cutting down on the amount of data that needs to be transmitted across a slower-speed link.
The terminal server solution makes for a more secure endpoint, since an infected remote PC also doesn’t appear on the enterprise network and no actual data files are moved over the link. And enterprise applications do not need to be installed on the remote PC. However, these solutions can be expensive to deploy and maintain.
“Web-based Remote Access”
The last solution we’ll call “Web-based remote access,” (WBRA) and this involves using a remote-control application from leading vendors such as LogMeIn and Citirx/GoToMyPC to send screen images and keyboard commands across the link, just like terminal servers.
The difference is that instead of connecting into a central server, the remote access users are doing one-to-one connections to a specific desktop computer that is running the host version. All that is needed on the remote end is a browser, just like the SSL VPNs.
Unlike the other three solutions, Web-based remote access is fairly easy to setup and doesn’t require much if any IT support. They maintain end-point security just like the terminal servers, because no data files (or viruses or other infections) are moved across the remote link.
Finally, Web-based remote access products can cost significantly less than the other three solutions because there is no dedicated concentrator or gateway hardware involved.
The downside to the Web-based remote access is they are one-to-one solutions, so each remote user must be connecting to a target host PC on the enterprise network, and this host PC must not be turned off when the user is away from their desk.
Some corporate IT policies prohibit desktops from always being powered on. However, having a “second” PC back in the office could be more cost effective than buying a VPN concentrator and related software, especially when the support costs of having a VPN are included.
Which remote access solution you ultimately choose will depend on a lot of factors—cost, convenience, and support levels required. For some companies, a mixture of approaches might be best.