Posts Tagged ‘hotel’

In part one of this two-part series, we explored the problem that many IPsec users face when trying to connect to their corporate network from the road, especially hotels. This being, some hotels block IPsec ports because of the misconception that SSL is universally employed.

So what’s the solution? Firstly, for security reasons, users should not deactivate the firewall or the proxy server. However, compelling a hotel guest to send or receive sensitive information via unsecured connections is no option either. Even using SSL is not a suitable for all situations, as SSL does not provide the same level of security as IPsec. And to further complicate matters, SSL only works with applications that are optimized for browser access.

However, there is a third option that combines the best of both worlds: NCP’s VPN Path Finder Technology. When a guest wants to establish a connection to his company network from a hotel, NCP’s Secure Client automatically recognizes if the company’s VPN gateway is not available via IPsec. In this case, the client software automatically switches to a modified IPsec protocol mode.This modified IPsec mode uses a TCP encapsulation and prefixes a SSL header. The IPsec client simulates a SSL connection via the standard HTTPS Port 443 and uses it to establish an IPsec tunnel to the company network.

The main advantage of this solution: there is no discernible change for users. They continue using all their regular authentication mechanisms — and reap the benefits of IPsec. Also, the corporate system administrators can enforce this security policy without having to make exceptions for single users who would undermine the company’s security concept. And finally, the hotel managers, too, profit from NCP’s VPN Path Finder Technology. Their guests are content because they are able to easily and securely access their company network, despite firewall and proxy server issues.

Not so long ago, business travelers could only access the Internet through a telephone line and a notebook modem in a hotel. Today, Internet access has become not only ubiquitous, but also fast and largely reliable.  The vast majority of hotels provide Wi-Fi or LAN connections for guests to connect their notebooks, tablet PCs or smartphones and log onto their corporate network.

Unfortunately, too many hotels operate under the misconception that everyone uses SSL VPNs to remotely connect to their corporate networks. The reality is, however, a large number of companies prefer IPsec VPNs but many hotels block these connections. In fact, there are two network components frequently cause this trouble in hotels – the firewall or the proxy server. And this is not just annoying for guests, but it’s bad for the hotel’s business. What hotel wants to be tarred with a reputation for being unaccommodating to the needs of business travelers?

It is not just hotels that struggle with such problems regarding IPsec connections. Each sales employee who has tried to logon to a guest Wi-Fi network at a customer’s site has likely faced similar issues. Not only do many firewalls block IPsec connections, but so do several radio communication networks.

Now that we’ve identified the problem with securing remote access in hotels and other remote sites, what will it take for guests to easily and securely access their company network, despite firewall and proxy server issues? Tune in next time for part two —  the solution.