Making life simpler for remote and mobile workers

Similar documents
Citrix GoToMyPC Corporate Technology A SIMPLER APPROACH TO SECURE REMOTE ACCESS

GoToMyPC Corporate Product Guide

MAC HOST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your Mac computer

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems

WINDOWS HOST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your PC or Server

Guide: HIPPA Compliance. Corporate HIPAA Compliance Guide. Privacy, productivity and remote access. gotomypc.com

VNC Connect security whitepaper. VNC Connect. Instant support FAQs

HP Instant Support Enterprise Edition (ISEE) Security overview

End User Device Strategy: Interoperability Standards

Clientless SSL VPN Remote Users

Transport Level Security

Securing Wireless Networks by By Joe Klemencic Mon. Apr

TECHNOLOGY Introduction The Difference Protection at the End Points Security made Simple

Security in Bomgar Remote Support

Xerox ConnectKey Technology Remote Control Panel White Paper

Splashtop Enterprise for IoT Devices - Quick Start Guide v1.0

School of Computer Sciences Universiti Sains Malaysia Pulau Pinang

NETOP GUEST FOR ANDROID GUIDE

Security in the Privileged Remote Access Appliance

GoToMyPC Corporate Administrator Guide

CSC 4900 Computer Networks: Security Protocols (2)

Clientless SSL VPN End User Set-up

ios GUEST GUIDE Remote Support & Management PC Mac Tablet Smartphone Embedded device 1. An Introduction WiseMo Host module on your computer or device

1100 Dexter Avenue N Seattle, WA NetMotion Mobility Architecture A Look Under the Hood

On the Internet, nobody knows you re a dog.

Payment Card Industry and Citrix XenApp and XenDesktop Deployment Scenarios

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Sample excerpt. Virtual Private Networks. Contents

Virtual private networks

VI. Corente Services Client

Aventail WorkPlace. User s Guide Version 8.7.0

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Transport Layer Security

Easy To Install. Easy To Manage. Always Up-To-Date.

Firewalls, Tunnels, and Network Intrusion Detection

Wireless Terminal Emulation Advanced Terminal Session Management (ATSM) Device Management Stay-Linked

COPYRIGHTED MATERIAL. Index

Brocade Virtual Traffic Manager and Parallels Remote Application Server

Accessing an Extremely Secure LAN Via Remote Access That Was Not Possible With Previous Technologies

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0. Feature and Technical Overview

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Solutions Business Manager Web Application Security Assessment

Chapter Three test. CompTIA Security+ SYO-401: Read each question carefully and select the best answer by circling it.

Standard For IIUM Wireless Networking

(2½ hours) Total Marks: 75

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

Lesson 3: Identifying Key Characteristics of Workgroups and Domains

SurfSolo VPN VPN PRIVACY TUNNEL. SurfSolo VPN. User Manual. Version 1.0. User Manual v.1.0 Page 1

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0

Managing and Maintaining Windows 8

The StrideLinx Remote Access Solution comprises the StrideLinx router, web-based platform, and VPN client.

BIG-IP Access Policy Manager : Implementations. Version 12.1

Network+ Guide to Networks 6 th Edition

Security Guide Zoom Video Communications Inc.

WHITE PAPER. Good Mobile Intranet Technical Overview

Monitoring Remote Access VPN Services

NetMotion Mobility and Microsoft DirectAccess Comparison

CrashPlan Pro Client Introduction: Install on any computer you want to backup

Network Administrator s Guide

NetSupport Manager v11

Parallels Remote Application Server

Enhancing VMware Horizon View with F5 Solutions

WAM!NET Submission Icons. Help Guide. March 2015

Level 1 Technical. Microsoft Lync Basics. Contents

Certificate Enrollment for the Atlas Platform

InterCall Virtual Environments and Webcasting

Citrix XenDesktop 4 Proof of Concept

SASKTEL INTEGRATED BUSINESS COMMUNICATIONS (IBC)

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

1.264 FINAL EXAM FALL 2012 NAME. Exam guidelines:

Aventail Connect Client with Smart Tunneling

Safeguarding Cardholder Account Data

Dell One Identity Cloud Access Manager 8.0. Overview

Chapter 24 Wireless Network Security

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

Level 1 Technical Firewall Traversal & Security. Level 1 Technical. Firewall Traversal & Security. V2 Page 1 of 16

KERIO TECHNOLOGIES KERIO WINROUTE FIREWALL 6.3 REVIEWER S GUIDE

BlackBerry Enterprise Server for IBM Lotus Domino Version: 5.0. Feature and Technical Overview

08 March 2017 NETOP HOST FOR ANDROID USER S GUIDE

Hardware and Software Requirements

Setup for Cisco Unified Communications Manager

System Requirements. Network Administrator Guide

Privileged Identity App Launcher and Session Recording

Virtual Private Networks

WHG711 Wireless LAN Controller

Sophos Mobile Control Technical guide

Stratusphere. Security Overview

INSTRUCTION MANUAL BreakingSecurity.net. Revision Remcos v2.3.0

ON-LINE EXPERT SUPPORT THROUGH VPN ACCESS

Pulseway Security White Paper

CounterACT 7.0. Quick Installation Guide for a Single Virtual CounterACT Appliance

Advanced Security Measures for Clients and Servers

Remote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN

Cloud Video Conferencing. A Comprehensive Guide

NGFW Security Management Center

Quick Start Guide. Laplink Software, Inc. Quick Start Guide. w w w. l a p l i n k. c o m / s u p p o r t MN-LLG-EN-14 (REV. 01/08)

802.1x Port Based Authentication

Calls. Chat. Meeting. MiCollab for Mobile Client. Android device. ios device. Headsets/Audio Devices

Gigabit SSL VPN Security Router

Training UNIFIED SECURITY. Signature based packet analysis

Transcription:

: Technology GoToMyPC Technology Making life simpler for remote and mobile workers Learn why GoToMyPC is the most secure, cost-effective and easy-to-use solution for providing remote access to the desktop. gotomypc.com

Today, secure remote access to your computers is no longer a luxury it has become a necessity. Being able to tap into your home or office computer from hotels, Internet cafés and airport kiosks can greatly increase your efficiency, productivity and job satisfaction. Yes, you can get there from here GoToMyPC is a hosted service that enables secure remote access to any Internet-connected Mac or PC. Features include a screen-sharing viewer, drag-anddrop file transfer, remote printing, guest invite, use with multiple monitors, mobile apps and chat. You can easily install and use GoToMyPC. Unlike other solutions, GoToMyPC does not require permanent client software or a network change. A resizable viewer, launched from any browser on an Internet connection with cable, ISDN, DSL or better, enables interactive access to any desktop application (even those that are not web-based). The file transfer feature sends and receives files, folders and directories, including those located on LANconnected fileshares. Remote printing allows printing to a client printer from the host computer viewer. Third parties can even be granted temporary access to a GoToMyPC-enabled desktop with guest invite. GoToMyPC s client viewer and host are designed from the ground up for efficient, secure communication over any network. Keyboard, mouse and display updates are transmitted over a highly compressed, encrypted stream, generating an experience that s like being there. By providing fast, reliable, easy-to-use remote access to the user s native desktop, GoToMyPC can increase your productivity. Under the covers, GoToMyPC is a hosted service, made up of five components. A small footprint server is installed on the computer to be accessed typically, a home or office computer with alwayson Internet access. Many other solutions require servers to receive incoming packets at a public IP address. The GoToMyPC host establishes a persistent TCP connection to the GoToMyPC broker (poll.gotomypc. com) that allows it to be notified if any connect requests have been received. The host will attempt to keep the connection open by sending TCP keep alive packets approximately every 60 seconds. This makes GoToMyPC completely compatible with application proxy firewalls, dynamic IP addresses and network/port address translation (NAT/PAT). On the client side, the remote or mobile worker launches a browser, visits the secure GoToMyPC website, enters a user name/password and clicks on a connect button for the desired computer, sending an SSL-authenticated, encrypted request to the broker. During an active connection, the GoToMyPC website displays a session-in-use notification. Users can also review their own connection histories to confirm the absence of suspicious activity such as failed log-in attempts. The GoToMyPC broker is a matchmaker it listens for connection requests and maps them to registered computers. When a match occurs, the broker assigns the session to a communication server. The client viewer and host computer are supplied with the communication server address and a unique session ID. At this point, the client viewer a tiny session-specific executable is automatically loaded by the browser. This viewer gives remote workers access to their computers from any device with a web browser, including many wireless smartphones and tablets. gotomypc.com 2

The communication server relays an opaque, highly compressed, encrypted stream from client to host. The client and host mutually authenticate each other, using a shared secret (a computer access code) known only to them. For scalability, reliability and optimal performance, the broker automatically load balances sessions across a pool of geographically distributed communication servers. Once the user is authenticated and connected, GoToMyPC attempts to establish a direct connection between the client and host, bypassing the GoToMyPC communication server whenever possible to increase the connection speed and improve in-session performance. The Direct Connections feature instructs both the client and host to send outgoing signals to each other; whichever signal arrives first creates an incoming connection at the arrival point, and the other signal is dropped. Should the direct connection be blocked or interrupted, the previously established connection through the communication server maintains remote access service. Implement with ease GoToMyPC enables secure remote access quickly, seamlessly and almost effortlessly. GoToMyPC leverages an existing computer desktop by providing secure user-to-computer access. With screen sharing and sufficient bandwidth, users can have exactly the same desktop environment, whether working at the office, at home or on the road. On the client side, even the most basic PC or Mac workstation or mobile device can be used as a remote monitor, keyboard and mouse. Because it requires just a browser, GoToMyPC can even run on public computers. On the host side, the user s existing Mac or PC does all the heavy lifting providing CPU, memory, disk and applications. GoToMyPC is an end-to-end solution, designed to avoid any complications with your workplace network. Travelers working at a customer or business partner office, staying in a hotel with broadband Internet access or using a public computer often find these environments hostile to IPsec clients, but not GoToMyPC. Its protocol design is compatible with dynamic and static IP addresses, network and port address translation (NAT/PAT) and firewalls. GoToMyPC integrates with an organization s existing network and security infrastructure to lower total cost of mplementation in a manner that allows the network owner to retain complete control over remote-access users and services. Keep it secure GoToMyPC can be used at your workplace. Some workers use products that get around LAN security by dialing directly into office computers. GoToMyPC eliminates this temptation by using the Internet. With GoToMyPC, there is no need to punch holes through corporate firewalls. All sessions are initiated by the client and host using outgoing TCP ports frequently left open: 80, 443 and/or 8200. GoToMyPC encapsulates all traffic even encrypted packets carrying proprietary protocol inside standard HTTP wrappers, ensuring compatibility with firewalls that inspect payload. IPsec even SSL-based VPN services usually require firewall adjustments. Instead, GoToMyPC adjusts itself to the firewall. However, enterprises that want firewall control over GoToMyPC can do so very easily, using a single IP-level filter to block traffic to the broker. Upon request, we will also filter GoToMyPC connections made to a company s network address block, ensuring that only companyauthorized computers can be accessed by company-authorized users. Please note that some firewalls may block Direct Connections, or give you a warning message asking gotomypc.com 3

for your permission to allow it, because it creates an incoming connection at one point. This does not limit compatibility with firewalls, though; if Direct Connections is blocked or interrupted, the GoToMyPC connection will simply automatically continue through the communication server via outgoing signals. GoToMyPC Corporate administrators also have the option to disable Direct Connections if they so desire. GoToMyPC uses multiple, nested passwords to keep outsiders away. Users also have the option of enabling 2-step verification as an extra layer of security. This feature sends a unique authentication code via SMS to the user s phone whenever he or she attempts to log in. The user then enters this code into the website or mobile app to gain access. The broker authenticates itself with a digital certificate. Clients authenticate themselves by user name/password, exchanged over SSL, with a three strikes rule (account disabled for a user-designated number of minutes after a user-designated number of failed log-in attempts). When hosts register with the broker, each is assigned a unique random number. Hosts authenticate themselves by signing their number with MD5 and user name/password. Thereafter, the broker and hosts exchange MD5 challenge/response messages based on a sequence known only to the pair. For added privacy, whenever a client connects to a host, they also authenticate each other, using a shared secret known only to the end user and the accessed computer. Each end point generates a large random number and digitally signs that number with the computer s access code. This exchange also forms the basis for generating 128- bit session keys used to encrypt data. For an additional level of security, one-time passwords can be used to thwart keystroke capture attacks by making secret-stealing pointless. GoToMyPC provides data confidentiality with a highly compressed encrypted stream that ensures confidentiality without sacrificing performance. GoToMyPC implements 128-bit Advanced Encryption Standard (AES). AES was selected due to its computational efficiency, flexibility, simplicity and security; it is the U.S. government s designated cipher for protecting sensitive information. Screen sharing and file-transfer packets include a sequence number to prevent message-replay attacks. These packets carry highly compressed binary data that are framed in a proprietary protocol and encrypted with AES. A hacker cannot modify these packets without corrupting them. Any third party attempting to inject or replay packets would have to know both the session key and the current state of the AES engine. Lack of clear text makes it exceedingly difficult to guess the encryption key through traffic analysis. And of course, each key is good for just one session. One of the advantages of providing remote access through screen sharing is the ability to leverage the access controls already in place on the corporate LAN. For example, when GoToMyPC connects, the remote user must enter a Windows login and password to access the computer and be granted file, host and domain-level permissions associated with his or her account. In other words, the remote user does not have tunneled access to the enterprise network he or she only has access to a single computer s desktop, and is subject to access controls already in place for that desktop. Host screen blanking and host keyboard/mouse input blocking increase the physical security of the computer being accessed. It s also important that remote-access sessions be terminated after inactivity. Remote users walk away from public computers without logging out and leave home computers and mobile devices unattended. GoToMyPC uses inactivity time-outs to help mitigate these threats. Users are automatically logged out of the GoToMyPC.com website when their SSL session remains inactive for 15 minutes and out of the mobile app after 5 minutes. In gotomypc.com 4

addition, users can configure the viewer to time out after a period of inactivity. Although most security features are pre-configured, users can activate additional features such as local computer keyboard/screen lockout during remote access. Conclusion GoToMyPC is a very attractive solution for individual desktop remote access that is secure, fast, easy to use and reliable. To learn more about GoToMyPC, please call us toll-free at 1 888 646 0016. Or, visit our website at www.gotomypc.com. 2017 LogMeIn, Inc. All rights reserved. gotomypc.com 7.21.2017/BX00155/PDF 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback