ciso-platform-annual-summit-2013-Remote access server on multi tenant cloud for telc os & osps(pradeep k yadav)
1. Remote Access
Server on Multi
Tenant Cloud for
Telcos & OSPs
BY
PRADEEP KUMAR YADAV. (CEO & CISO, HITEC INDIA)
2. Remote Access Server
Remote Access is the ability to get access to a computer or a network from
a remote distance. A Remote Access Server is the computer and
associated software that is set up to handle users seeking access to
network remotely.
A Remote Access Server usually includes or is associated with a firewall
server to ensure security and a router that can forward the remote access
request to another part of the corporate network.
A remote access server could be hosted on a multi-tenant cloud so that a
small group of different organizations Remote Access Users can share the
common pool of RAS and its routers.
A remote access server may also be used as part of a virtual private
network (VPN) or a Cloud connecting with Service Providers cloud.
4. Remote Access Requirements as
per Regulatory Compliances
TSP must deploy Remote Access Server by 31/12/2013 .
All Remote Access to the TSP be done only via Remote Access Server with the entire
Remote sessions Server Activities video recording, Users credentials records, Access within
Country only, Device Log records, storage on the TSP data center.
The Remote monitoring of on-Line and Off Line session by term cell.
Data for 2 Years to be kept on 1-year Online and 1 Year off line mode for audit by
DoT.Vendors to TSP also adhere to the requirements and do the needful at their NOC
End.
5. Key Elements of Remote Access
1 ACL (Access Control List)
1.1 MAC (Media Access Control) filtering
1.2 IP (Internet Protocol) address filtering
2 Tunneling and encryption
2.1 SSL VPN (Secure Sockets Layer Virtual Private Network)
2.2 VPN (Virtual Private Network)
2.3 L2TP (Layer 2 Tunneling Protocol)
2.4 PPTP (Point-to-Point Tunneling Protocol)
2.5 IPsec (Internet Protocol Security)
3 Remote access
3.1 RAS (Remote Access Service)
3.2 RDP (Remote Desktop Protocol)
3.3 PPPoE (Point-to-Point Protocol over Ethernet)
3.4 PPP (Point-to-Point Protocol)
3.5 VNC (Virtual Network Computing)
3.6 ICA (Independent Computing Architecture)
4 Screen, Command, and Session Activity Log recording Software tool (and Monitoring)
5 Device LOG and Change Management Recording as Text File
6 Data Base with 1+1 Year Storage. 1 GB + 1 GB Ok for One Vendor Remote Session.
6. Multi Tenancy Architecture Basics
Multi-tenancy is an architecture in which a single instance of a software
application serves multiple customers. Each customer is called a tenant.
Tenants may be given the ability to customize some parts of the
application.
Multi-tenancy can be economical because software, hardware and
maintenance costs are shared. It can be contrasted with single-tenancy,
an architecture in which each customer has their own software instance
and may be given access to limited Network and applications.
A software-as-a-service (SaaS) provider, for example, can run one instance
of its application on one instance of a database and provide web access
to multiple customers. In such a scenario, each tenant's data is isolated
and remains invisible to other tenants.