Custom Connect. All Area Networks. customer s guide to how it works version 1.0

Similar documents
NetPro. from Wireless Logic. Available on a per SIM license basis. No CAPEX. Retain your Airtime Contracts with your existing providers

Virtual private networks

WIFI CALLING. Contents. Page 2

VIRTUAL PRIVATE NETWORKS (VPN)

Simple and Secure Micro-Segmentation for Internet of Things (IoT)

1100 Dexter Avenue N Seattle, WA NetMotion Mobility Architecture A Look Under the Hood

School of Computer Sciences Universiti Sains Malaysia Pulau Pinang

Secure VPNs for Enterprise Networks

Data Services. Reliable, high-speed data connectivity

Network Services Internet VPN

Vodacom Power to you. Managed Network Services for Ready Business.

Private Voice & Data Extra Annex to BT One Phone Schedule

31270 Networking Essentials Focus, Pre-Quiz, and Sample Exam Answers

ON-LINE EXPERT SUPPORT THROUGH VPN ACCESS

User Guide IP Connect GPRS Wireless Maingate

NetSupport Manager v11

Overview of GPRS and UMTS

Reliable, fast data connectivity

Transform your network and your customer experience. Introducing SD-WAN Concierge

Page 2 Skype Connect Requirements Guide

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

Data Services. Reliable, high-speed data connectivity

Reaping the Full Benefits of a Hybrid Network

Area Covered is small Area covered is large. Data transfer rate is high Data transfer rate is low

Partner Managed WANs

An introduction to MPLS IPVPN. TTB PRES MPLS IPVPN DIRECT v2.indd 1 25/08/ :48

Transform your network and your customer experience. Introducing SD-WAN Concierge

CLOUD INFRASTRUCTURE DESIGN GUIDE

Network Services. Mobile Xpress

Security. Reliability

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems

Hillstone IPSec VPN Solution

Copyright 2011 Nomadix, Inc. All Rights Reserved Agoura Road Suite 102 Agoura Hills CA USA White Paper

CYBER RISK CONSULTING. Smartphone Security Issues

HOW TO CONFIGURE AN IPSEC VPN

Cisco ASR 5000 Series Small Cell Gateway

Beyond Your Device. Control, Connect, Experience. BT GS Analyst and consultant call 2 July 2013

VPN Cloud. Mako s SD-WAN Technology

Enabling the Wireless Internet

MPLS SOLUTION How to Make the Best Choice for Your Business

MyPBX. The All-in-One Business PBX with Advanced Features and Low Cost Calls. omtelecom.net.au

X-Kryptor Secures all Networks

Data Services. Reliable, high-speed data connectivity. Group Ltd

TECHNICAL BRIEFING: MOBILE ACCESS TO THE INTERNET. Bornholm, October 2003

Quad BRI GSM Gateway with 8 GSM Ports

NGN: The Evolution of Wireless Networks

CORPORATE GLOBAL ROAMING PRODUCT SPECIFICATION

EXTENSIBLE WIDE AREA NETWORKING

Boost your business with a more flexible phone system. Cut costs and do more with your calls with BT Cloud Voice

IP Mobility vs. Session Mobility

Machine to Machine (m2m) Wholesale 3G Mobile Connectivity For a Smarter Connected Society

Choose an internet connection to suit your business

SEPARATING WORK AND PERSONAL

Virtual Private Networks (VPNs)

CtrlS Datacenters Placement Questions And Answers

MPLS VPN: Business Ready Networks. The cost-effective, scalable and robust network solution

VPN Tracker for Mac OS X

BT Wholesale Machine to Machine

Wireless-G Router User s Guide

AT&T Global Network Client for Mac User s Guide Version 1.7.3

ALCATEL Edge Services Router

Avaya IP Office Solution

GPRS Overview Applications over GPRS

NetMotion Mobility and Microsoft DirectAccess Comparison

T325 Summary T305 T325 B BLOCK 2 4 PART III T325. Session 1 Block III Part 2 Section 2 - Continous Network Architecture. Dr. Saatchi, Seyed Mohsen

Tiscali Business Services Wholesale IPVPN Services Summary

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

GPRS billing: getting ready for UMTS

Spectrum Enterprise SIP Trunking Service Vertical TM Wave IP500TM / Wave IP2500 TM Release 4.0, 4.5 IP PBX Configuration Guide

Contents. Enterprise Solution 04. Why Samsung? 05 WLAN 06. Voice Solution 08. Mobile Unified Communications 09. Enterprise Security 10

IP VPn COMMITTED TO QUALITY

Talk 4: WLAN-GPRS Integration for Next-Generation Mobile Data Networks

FAQ Guide. i-mo 310 & 540 Series Bonding Routers. FAQ Guide. for the i-mo 310 & 540 Series Appliances

Trust Harris for LTE. Critical Conditions Require Critical Response

RingCentral White Paper UCaaS Connectivity Options in the New Age. White Paper. UCaaS Connectivity Options in the New Age: Best Practices

How to find your IP address information

Machine to Machine (m2m) Wholesale 3G Mobile Connectivity

Bright House Networks Enterprise Solutions. FINAL Proposal for: WE RE WIRED DIFFERENTLY. Voice Data Cloud Managed Services. Proposal Date: 4/14/2016

Service Managed Gateway TM. Configuring IPSec VPN

Configuring Security on the GGSN

Industrial Control System Security white paper

Agenda. Networking Intro MPLS Tech MPBN WAN MPBN Functionality Security Monitoring

TECHNICAL SPECIFICATION WIDE AREA MOBILE DATA (WAMD)

CASE STUDY. Customer-at-a-Glance. Industry. Sophos Solutions. Fitas Flax Indústria e Comércio Ltda. Brazil. Manufacturing

Automating VPN Management

Network fundamentals IB Computer Science. Content developed by Dartford Grammar School Computer Science Department

white paper The Benefits of IPv6 for the Mobile Internet

Never Drop a Call With TecInfo SIP Proxy White Paper

SAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION 2. SERVICE DEFINITION. 2.1 Service Overview. 2.2 Standard Service Features APPENDIX 2

AT&T SD-WAN Network Based service quick start guide

90 % of WAN decision makers cite their

KERIO TECHNOLOGIES KERIO WINROUTE FIREWALL 6.3 REVIEWER S GUIDE

GPRS security. Helsinki University of Technology S Security of Communication Protocols

Datasheet. Millimeter-Wave Radio (MMW) Security of MMW. Overview

Networking interview questions

The Billion 8800NL R2 - All-In-One Bridge modem solution for the UK For use with a dedicated firewall

Managed Services Rely on us to manage your business services

VPN Setup for CNet s CWR g Wireless Router

Cloud Services. Introduction

Business Considerations for Migration to IMT-2000

Transcription:

All Area Networks Custom Connect customer s guide to how it works version 1.0 The information in this technical user guide and the glossary of terms has been prepared in good faith and is correct at the time of production. This document is subject to change in accordance with the terms and conditions for the supply of Custom Connect. Custom Connect General Specification LEG (GENSPEC)

contents All Area Networks, from Orange what is Custom Connect? how it works multiple APNs managing your VPN compatibility basic access IP addressing at firewall IP addressing devices technology information IPSec VPNs what s an APN? connection security international roaming the internet customer support network consultancy network management customer service glossary of terms

All Area Networks, from Orange Many organisations are now looking to build corporate networks that break out of the inherent limitations of the LAN and the WAN, and provide connectivity everywhere that people want or need to work. We ve developed our All Area Networks portfolio specifically to meet this need. An All Area Network from Orange lets you give your people secure, high speed access to corporate services and applications, from more or less anywhere. We provide the means of access and the secure network connection; and we ll work with you to select, adapt or tune applications to work on the devices you choose to use. Seamlessly combining fixed and wireless technologies, and with a choice of security infrastructures, an All Area Network enables your business to develop a new level of location-independent working. a choice of resilient, scalable solutions Our All Area Networks portfolio includes comprehensive voice and data access via a choice of secure networking solutions: Custom Connect, internet connectivity using your own VPN Managed VPN, the secure internet-based solution One Network, a leased-line solution for data and voice We ve built resilience into the portfolio, and made sure it s scalable to suit whatever business architecture or project development plan is agreed. Flexibility and choice are key: no two businesses are the same, and we need to fit our solutions round your business plan, not vice versa. We ll work with your team to design, specify and implement a seamless integration between the Orange managed network services and your existing infrastructure.

what is Custom Connect? Many companies already use their own Virtual Private Network (VPN) solutions to allow remote workers to connect to corporate IT systems via non-secure access points. These may range from homeworkers using dial-up or broadband connections, through field-based employees logging on from customer sites, to executives using wireless hotspots in coffee shops, trains and airports. If you re moving towards location-independent working through mobilising new parts of your workforce, you may want to continue using your own VPN client software. Custom Connect is about enabling you to do that. We will work with you to help you achieve direct, secure connection from your users mobile devices to your corporate networks, via the Orange mobile network and using your own VPN solution. Under Custom Connect, your remote and mobile users will be able to access their corporate LAN from a handset, laptop or PDA, via the Orange GPRS, EDGE, 3G or 3G+ networks, using a business grade Access Point Name (APN) designed specifically for VPN usage. how it works Custom Connect uses a dedicated Access Point Name (APN), accessed via the Orange GPRS, EDGE, 3G or 3G+ networks. Instead of the standard orangeinternet APN, which is designed for standard browsing and contains additional optimisation and content filtering services, Custom Connect uses the dedicated internetvpn APN. internetvpn can be provisioned on the SIM of any data device that is required to be used with VPN client software. Orange Business Everywhere devices are automatically set up with this APN.

multiple APNs You can have more than one APN set up on a device, but swapping between APNs can be a little more complicated on some handsets. For data cards, the Business Everywhere Connection Manager software has orangeinternet scripted behind the internet button, and internetvpn scripted behind the office/vpn button as a default. From Business Everywhere version 8.0 onwards, the assignment of buttons and the scripting behind them is fully flexible and can be individually customised. This means you can configure the software to your company s specific requirements, ready to roll them out to your team. You can for example, let the software pick the best network for you, to meet your priorities for speed, cost and location. It s also where you can store all the security rules regarding remote access to business applications. Custom Connect enables you to: Provide simple, secure access for remote or mobile workers to office-based applications. Ensure that your existing IT security policies are enforced for mobile workers, especially when used with the Business Everywhere connection manager. Integrate mobile data handsets such as PDAs and SmartPhones with line-of-business applications (though a VPN client is required on the user device, which may slow down performance on smaller devices). Manage your own VPN and resilience strategy.

managing your VPN compatibility Custom Connect supports IPSec (ESP mode) and PPTP VPN protocols as standard. Other VPN protocols that are not sensitive to Network Address Translation (NAT) should also work. While we don t recommend any specific VPN client/servers, we have experience of a wide range of (typically IPSec) VPN implementations. Provided your vendor complies with the protocols above, your VPN overlay should operate successfully. Your Orange account manager will arrange for a discussion with our Technical Pre Sales team to iron out any specific issues or concerns about compatibility with your own IT systems. basic access Device Authentication Each user s device will be authenticated and authorised via the Orange SIM, to allow access to both the Orange network and the internetvpn APN. User Authentication This depends on the VPN client you use and your own security policy. Typically this will be a user name and password log-in prompt IP address allocation Device IP addresses are dynamically assigned by the GGSN, from the range specified by the customer. IP addressing at firewall The following NAT address ranges are used for internetvpn. 213.205.192.0/ 18 (213.205.192.1 213.205.255.254) 89.192.0.0 / 17 (89.192.0.1 89.192.127.254) The NAT timer is 180s. IP addressing devices The following private address ranges are dynamically assigned by default: 10.18.32.0 / 21 (10.18.32.1 10.18.39.254) 10.18.48.0 / 21 (10.18.48.1 10.18.55.254) If you have issues with IP addressing or believe you are encountering private address conflicts, your account manager can arrange for a discussion with our Technical Pre Sales team to see if an alternative internetvpn assignment is required.

technology information IPSec VPNs IPSec VPNs are encrypted connections between private networks over a public network. They enable the internet to be used as the medium for transporting data between the Orange network and the customer LAN infrastructure. Powerful industrystandard IPSec encryption technology, and other security mechanisms, are used to ensure that only authorised users can access the network and that the data can t be intercepted. IPSec supports multiple protocols, has high reliability and extensive scalability. IPSec can be used to secure all communications between parties, by using authentication and encryption, without requiring any further modifications to applications or protocols. IPSec provides: Data Confidentiality The IPSec sender encrypts packets before transmitting them across the public internet. Data Integrity The IPSec receiver authenticates packets sent by the IPSec sender to ensure that the data has not been altered during transmission. Data Origin Authentication The IPSec receiver authenticates the source of the IPSec packets sent. This service is dependent on the data integrity service. Anti-replay The IPSec receiver can detect and reject replayed packets. what s an APN? An Access Point Name (APN) is the radio access equivalent of an ISP s dialup phone number. Customers can access their APN via a GPRS, EDGE, 3G or 3G+ enabled device. The mobile device will be configured with the appropriate settings to connect to any given APN. The SIM in the device must also be provisioned to access this APN. The APN provides routing information for the Serving GPRS Support Nodes (SGSN), and the Gateway GPRS Support Nodes (GGSN. The SGSN uses the APN name to firstly determine whether the mobile user is permitted to access the APN. The GGSN uses the APN configuration to assign an IP address and other parameters, as specified in the APN such as DNS,to the device.

connection security The Orange GSM infrastructure has been in use for a number of years, involving millions of users worldwide and has largely been proven as a secure environment. The Orange mobile network was designed with a high level of security built in. Orange was designed as a digital network from the outset, and as a consequence does not suffer from some of the security shortcomings in the original analogue networks. The GSM standards are well proven in terms of security, and this has been enhanced as the network has evolved to support GPRS, EDGE, 3G and 3G+ services. The primary security features of the Orange network include: Legitimate business systems can connect to the network All user data transmitted over the air interface is encrypted User identities are secured Encryption between the mobile device and the GPRS network changes each time the device connects to the network IP addresses are never transmitted in the clear over the air interface Connections between the enterprise and the Orange GPRS network using a VPN offer secure connections from end to end international roaming Custom Connect allows a user to connect to their APN when they re in Orange roaming partner countries, via GPRS, EDGE, 3G and 3G+ enabled networks. The mobile user seamlessly connects to the roaming partner s network, which connects them to their specific APN in exactly the same way as if they were in the UK. This service is completely transparent to the user. the internet Custom Connect is dependent on an existing customer internet connection. The customer s internet Service Provider (ISP) provides the connection from the customer site to the internet. The ISP will provide a network termination device, usually a router. Each ISP owns its infrastructure and interconnects with others to provide internet access to its clients. Within its network, an ISP can guarantee a level of service. The internet is fully resilient by design, and can be considered as reliable as a resilient leased line. However, it must be noted that no end-to-end Service Level Agreement (SLA) can be defined on any internet service.

customer support network consultancy Expert Orange consultants can help you to analyse your requirements and overcome any technical issues relating to implementing your VPN. Some services may be charged for. network management The Orange data network is managed round the clock, with 24-hour specialist support available. Upgrades and reconfigurations are simple and quick. customer service A dedicated customer support team operates 24 hours a day, 365 days a year, backed up by the Orange Network Management Centres. The Business Customer Services (BCS) team has access to comprehensive network and customer information. They are your single point of contact for provisioning, fault reporting and billing enquiries, providing a uniform level of service.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback