Q

Tools to help include extranet services within the perimeter

I want to provide a secure means for authentication for partners and remote customers by including extranet services within our perimeter. Are there any tools you can recommend that will help me provide this service in an integrated and secure manner?

Providing secure extranet and partner access is one of the more difficult things to do from a security perspective.

The issue really boils down to a question of control. In general, you don't have control over your extranet partners systems and yet they have access to your systems. This puts your network at risk.

The traditional method of providing authentication of partners and remote customers has been via VPN connections and either certificates or pre-shared keys. While this is an effective solution, it still leaves your network susceptible to risk -- even if a system is authenticated and using the VPN, a virus can still spread to your network. As a result, I have found myself more and more often recommending remote control solutions utilizing either Microsoft Terminal Services or Citrix MetaFrame to allow extranet partner access to resources. This allows you to provide all of the services, including authentication, to your extranet partner while leaving your network completely insulated from the partner system. In fact, when using Citrix Secure Gateway the extranet partner accesses your network using a Web browser, allowing you to reduce the amount of ports you need to open in your firewall. The traffic is also completely proxied by the Secure Gateway, further ensuring that your network is secured from partner systems you can't control.

This was first published in December 2004

Dig deeper on Network intrusion detection and prevention and malware removal

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close