{"id":4782,"date":"2016-06-23T10:38:05","date_gmt":"2016-06-23T15:38:05","guid":{"rendered":"https:\/\/www.poweradmin.com\/blog\/?p=4782"},"modified":"2016-06-21T10:59:02","modified_gmt":"2016-06-21T15:59:02","slug":"free-and-secure-remote-access-sort-of","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/free-and-secure-remote-access-sort-of\/","title":{"rendered":"Free and Secure Remote Access?  Sort of &#8230;"},"content":{"rendered":"<p><span style=\"font-family: verdana, geneva, sans-serif;\">Recently, <a href=\"http:\/\/krebsonsecurity.com\/2016\/06\/citing-attack-gotomypc-resets-all-passwords\/\" target=\"_blank\" rel=\"nofollow\">GoToMyPC forced all customers to reset their passwords<img class=\"extlink-icon\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/plugins\/external-links-nofollow-open-in-new-tab-favicon\/images\/extlink.png\"><\/a>. \u00a0They were not hacked, but rather saw that hackers were attempting to access their customers\u2019 computers using credentials that had been hacked from other places.<\/span><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">This seems like a good opportunity to show off how PA Server Monitor can allow remote access in a completely safe way. \u00a0 How can we make that claim?<\/span><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">This picture comes from our help documentation at:<\/span><\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\"><a href=\"https:\/\/www.poweradmin.com\/help\/pa-server-monitor-6-2\/config_remote_monitoring.aspx?ref=blog\">https:\/\/www.poweradmin.com\/help\/pa-server-monitor-6-2\/config_remote_monitoring.aspx<\/a><\/span><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\"><a href=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2016\/06\/arch_remote_sm.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4783\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2016\/06\/arch_remote_sm.png\" alt=\"arch_remote_sm\" width=\"596\" height=\"567\" srcset=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2016\/06\/arch_remote_sm.png 596w, https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2016\/06\/arch_remote_sm-300x285.png 300w\" sizes=\"auto, (max-width: 596px) 100vw, 596px\"><\/a><\/span><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">There is a lot going on, but it boils down to the PA Server Monitor Satellites (shown as the blue circle computer icons near the bottom of the image) at remote sites make HTTPS calls back into _your_ central site (top left corner).<\/span><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">This leads to safety in a few ways:<\/span><\/p>\n<p>\u00a0<\/p>\n<ol>\n<li><span style=\"font-family: verdana, geneva, sans-serif;\">1. The remote Satellite locations don\u2019t open any incoming ports in their firewalls. \u00a0There is nothing to attack on that side.<\/span><\/li>\n<li><span style=\"font-family: verdana, geneva, sans-serif;\">2. The\u00a0communication between Central Service and the Satellite is all HTTPS encrypted traffic.<\/span><\/li>\n<li><span style=\"font-family: verdana, geneva, sans-serif;\">3. The Central Service is at your site\u00a0inside your firewall.<\/span><\/li>\n<li><span style=\"font-family: verdana, geneva, sans-serif;\">4. Access to remote Satellites is done from your site, inside you firewall, by connecting to the Central Service. \u00a0<\/span><\/li>\n<li><span style=\"font-family: verdana, geneva, sans-serif;\">5. The ports used to access the Central Service for remote viewing are not exposed to the firewall<\/span><\/li>\n<\/ol>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">This configuration allows you to connect to your monitored servers using any product you like, such as Windows Remote Desktop (RDP), VNC, etc.<\/span><\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">So assuming internet hackers are not inside your central network (which is a whole separate subject), there\u00a0is\u00a0nowhere for\u00a0them to try and attack in order to gain access to the Satellites.<\/span><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">So what\u2019s this about free access? \u00a0Normally you have to pay to get remote access to a bunch of distributed sites, especially if you\u2019re that access for business purposes. \u00a0With the PA Server Monitor Ultra license (which is what is used to enable Satellites), that remote access is already built in. \u00a0No additional monthly fees! \u00a0 And since it runs on\u00a0your hardware, you are in full control. \u00a0Once you have your monitoring system built out, you get remote access for free.<\/span><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"font-family: verdana, geneva, sans-serif;\">If you\u2019re interested in reading more, look at our <a href=\"https:\/\/www.poweradmin.com\/help\/pa-server-monitor-6-2\/config_snap_tunnel.aspx?ref=blog\">SNAP Tunnel<\/a>\u00a0documentation \u2013 that\u2019s how RDP\/VNC\/etc connections are tunneled.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recently, GoToMyPC forced all customers to reset their passwords. \u00a0They were not hacked, but rather saw that hackers were attempting to access their customers\u2019 computers using credentials that had been hacked from other places. \u00a0 This seems like a good opportunity to show off how PA Server Monitor can allow remote access in a completely [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":4783,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,13,8],"tags":[],"class_list":["post-4782","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-it","category-pc-security","category-windows"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4782","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=4782"}],"version-history":[{"count":3,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4782\/revisions"}],"predecessor-version":[{"id":4786,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4782\/revisions\/4786"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/4783"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=4782"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=4782"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=4782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}