The secure middle connectivity method
Easy-Connect is simple to set up because
both halves authenticate to, and connect through, a secure middle-point server
that acts as a data exchange.
The core advantage of the secure middle approach is that
installation at both server and client ends becomes "load and go."
If you think about your PC, you will realize that you
can get out to the Internet very easily. Whether you are sitting behind a dial-up
line with its floating IP number, or ADSL or Cable similarly configured, you
just connect. Similarly, if you have several people in your business and they
share the connection through a NAT proxy firewall router, things just "work."
Conversely, if you want to make a server directly accessible,
you have to put in dedicated routes, and an extremely secure firewall system.
The reason the first is simple, and the second complex
and expensive, is because of the nature of the connection being made. In the
case of client access, security is presumed because only outbound connections
are being made. Trust of employees is presumed (in most cases). In the second
case, people have to be able to find you to connect to you, and you don't know
who is connecting, or their purpose. Therefore, you have to go to extraordinary
lengths to make yourself visible on the one hand, and to protect yourself against
entry by anyone other than those you specifically want to enter.
The secure middle principal lets both client and server
connect outbound as clients to a secure server in the middle. This means that
both ends can connect using standard low cost client grade connectivity, and
can connect in minutes using standard protocols.
|