Accessing & exchanging network residing data
The train passenger sending a memo via a cellular modem, the salesperson transmitting a proposal from a hotel room near an airport, and the harried executive who wakes up at 2am and hurries downstairs to send a presentation to an office printer, all illustrate the growing importance of remote communications.
Similarly, the time-pressed executive dialing out to the World Wide Web or to an online service to gather critical business intelligence, as well as a regional sales manager dialling in from his branch office LAN into the LAN at corporate headquarters to download key sales figures demonstrate how remote communications is becoming a common part of many people's lives.
Remote access, the largest component of remote communications, is broadly defined as the ability to access and exchange data residing on networks and computers in different locations. These activities fall into three general areas:
- Dial-in: users dial in to access corporate computing resources (LANs, PCs, AS400s, mainframes, etc) from a remote location over analogue or high speed telephone lines;
- Dial-out: users dial out from the local network, primarily to access Internet-based resources and online services;
- LAN-to-LAN: users make remote connections over their intranet to share information with colleagues.
There are two key ingrediants to a successful remote access solution: optimisation and tariff management. Optimisation is the improvement of communication from an end-user's point of view. The overall goal of remote access optimisation is to create a system that comes as close as possible to making remote use "just like being there".
Tariff management, the corollary to optimisation, is the process of finding and implementing tools and solutions that can be used to create cost-effective networks for both the near and far term.
Only a system that is optimised from end-to-end can hope to provide remote access that truly approaches local access. That goal requires that a system designer focus on issues like end-user ease of use, performance, and breadth of protocol and application support. A complete remote access system encompasses more than just the components provided by the remote access vendor. A complete system includes remote PCs, application and operating system software, modems, phone lines, and a host of other components in addition to the remote access specific servers and clients.
Choices made by the remote access vendor - such as hardware design, protocol support, software integration, etc, have profound effects on the end-to-end optimisation of a complete remote access system. At the same time, choices made by the customer as he/she puts the whole system together - such as type of remote PC, application software, or operating system - may have equally profound effects on system optimisation.
To create a successful, end-to-end optimised system, the customer must first select the remote access vendor whose products best match his/her system requirements, and then put together the remaining pieces of the system with remote access optimisation in mind. Excluding the remote computer itself, there are 12 parts of the equation which must be optimised. These are the PC serial port, application software, remote computer operating system, network operating system, remote access client software, modems, the phone connections, remote access security, remote access server hardware, remote access server software, network management and LAN efficiency.
Remote Computer - A computer used for remote access must function as a standalone system when it is not connected to any network and as a full network node when it is dialled-in through the remote access system. It cannot rely on a high speed LAN connection for storage of application software, nor is it merely a keyboard, mouse, and monitor surrogate in a remote control system. Therefore, the remote computer must perform adequately by itself, with enough CPU power, memory and disk storage to run the end-user's applications.
PC serial port - Serial port performance has an effect on the overall performance of a remote access system that far outweighs the attention it usually receives when choosing a remote PC. No amount of tuning will make a PC with an inadequate serial port interface perform well in a remote access system. Surprisingly, the burden placed on a PC's CPU by an interface is often inversely proportional to the maximum speed that interface can move data. Most high speed interfaces, such as LAN cards, use sophisticated controllers that move large blocks of data with virtually no CPU intervention. Because the interfaces are so fast, sophisticated controllers are a requirement for the PC to keep up.
Applications software - The choice of network applications may have more effect on remote access performance than any other issue. Because remote access systems provide inherently lower data throughput than LAN-only systems, it is critical that applications minimise the amount of data they send over the network. A network application that is not optimised for remote access may send so much network data that it cannot possibly perform well over a remote connection.
Remote computer operating system - In an optimised remote access system, end users should face no restrictions on the environment from which they can establish a remote access connection. For example, it should be possible to establish a remote access connection in DOS, switch to Windows, and still make use of the remote access link. Conversely, it should be possible to establish a connection in Windows and use it in DOS. Making connections from Windows is generally the simplest, easiest way for a PC end-user to make use of a remote access system; so for optimum end-user usability and convenience, the remote access system should include client software that can establish and end remote access connections from either DOS or Windows, and the NOS client must either be able to load and stay resident without requiring a connection, or must be able to be loaded on demand in either DOS or Windows.
Network operating system - The protocol implementation used by the NOS can also play a key role in determining the overall performance of a remote access system. The speed of a remote access system is primarily a function of the system's raw capacity to move undifferentiated data (bandwidth) and of its ability to use that bandwidth efficiently by keeping it filled with useful information. The NOS protocol implementation bears a large responsibility for the efficiency with which available bandwidth is kept filled with useful information. Data typically moves in networking systems by a two-way interaction between computers, in which one computer asks the other for some data and then sends back a confirmation when it receives a response. This interaction can potentially cause inefficient use of available bandwidth due to protocol design or implementation considerations.
Remote access client software - The remote access client software is an end-user's primary link into the remote access system, and it is the prime determinant of a remote access system's ultimate ease of use. The remote access client is also critical to compatibility with a wide range of protocols and equipment and a major factor in the system's overall speed. A remote access system should support any standard or de-facto standard remote access client software that is available for an operating system. Mac users should be able to use Apple's standard remote access client, called AppleTalk Remote Access. UNIX users should be able to choose any standard serial line Internet protocol (SLIP) or point-to-point protocol (PPP) implementation. Because Windows and DOS do not yet have standard remote access clients, the remote access vendor must supply them.
Modems - Remote links have only a fraction of the bandwidth available to LANs. Networking applications are typically designed to work best at LAN bandwidths, and are noticeably slower over remote connections. To minimise the difference between local and remote performance, it is critical to use the fastest modem technology available for remote connections.
Phone lines - Today's high speed modems are remarkably tolerant of difficult phone line conditions, but nonetheless, phone connections can have all sorts of problems - among them noise, distortion, and echoes - any one of which can drastically reduce either the reliability or speed of a modem link. Phone connection trouble is one of the most annoying problems because it is rarely consistent and often is extremely difficult to pin down. In many urban areas, switched digital links which avoid the unreliability and the inconsistency of analogue modem connections, are now available. ISDN and Switched56 service are fast becoming viable options for remote users who dial-in from fixed locations. In addition to offering more reliable service than analogue connections, switched digital links provide superior performance as well. An optimised remote access system should take advantage of switched digital connections wherever they are available.
Remote access security - Optimising security in a remote access system requires tradeoffs among level of security, complexity, manageability, cost, case of use, and many other factors. Each network manger makes those tradeoffs differently, so there is no single optimal solution for remote access security. There are, now, optimisation strategies that make sense for certain specific categories of remote access system. A small, relatively simple remote access installation with straightforward security requirements should place as few demands on its network manager as possible. Therefore, the optimal security system for such installations is simple and requires minimal initial set up time. Simplicity and low start-up effort are best obtained by using the remote access server's internal database to store authentication and authorisation information.
Remote access server hardware - Ideally, the hardware used for a remote access server should be designed for, tested for, and optimised for remote access. Force fitting remote access into a general purpose hardware platform like a PC is likely to result in compromises of speed, form-factor, reliability, and convenience. Performance of remote access server hardware is primarily determined by its ability to move data through its serial ports without much attention from the CPU, and by the CPU's ability to perform the routing, filtering, etc, that it must do without adding undue delays as it forwards packets. Remote access server hardware should therefore be optimised for serial port throughput and general CPU power.
Remote access server software - Perhaps the most important thing to look for in a remote access server is versatility, which is primarily a function of the server software. Since the remote access server makes use of scarce resources modems and phone lines - it should support as many uses of those modems and phone lines as possible. This web-page focuses on end-to-end optimisation of single-user dial-in access, but for optimal use of modems and phone lines, the remote access server should support shared dialout and LAN-to-LAN connectivity as well. The remote access server should provide a single point of remote access for PC, Mac and UNIX users. Therefore, as with the client software, it is critical that the remote access server support a wide variety of protocols, with a minimum set for PC-based systems including IPX, TCP/IP, NetBEUI, and LLC/802.2. For Macs the combination of AppleTalk and TCP/IP will cover almost all Mac applications, and UNIX users need TCP/IP almost exclusively.
Network management - Network management for a remote access system should be optimised to minimise the total time that a network manager must invest in setting up and maintaining that system. For small remote access installations, an optimum system usually emphasises speed, simplicity, and interactive use. For large installations, power, automation, and integration with other management systems are the key.
LAN efficiency - As is true with any networking solution, optimising a remote access system requires the network manager to monitor and gauge the efficiency of the LAN. If the LAN is heavily used, then remote access performance will be affected. In general, internetworks that are routed perform more efficiently than those that are bridged. If a LAN segment is heavily used, further segmenting the network via routing technology can provide a higher level of performance both locally and remotely. There are many network monitoring tools that provide ongoing information on LAN bandwidth use.
A complete remote access solution requires the optimisation of all its varied components. The demands on a remote system are many - it must support its users' networked applications, must provide adequate performance, must be easy to use, easy to manage, and secure. A weak. A weak link anywhere jeopardises the integrity of the entire system. The remote access system designer must carefully consider issues that go beyond the choice of remote access server and client alone. Remote computer hardware must be suited for remote access. Network applications must perform well on low bandwidth links. Different network operating system versions may have profound effects on the system's ultimate success. Security, management, network addressing, and a host of other system attributes must'd be tailored for each system's particular needs.
A concept which goes hand-in-hand with optimisation is tariff management. As the networking and data communications marketplace is rapidly changing, more and more users are not only demanding efficient, secure, high performance remote information access, but are also quickly honing in on the concept of cost control. Users are expanding remote access out of the environs of the corporate LAN and quickly deploying high speed WAN connections with leased lines. While the optimisation of these connections is vitally important, corporations have realised they can't operate at an "optimise-at-any-cost" mentality if they intend to reach next quarter of business.
Leased lines provide "bandwidth all the time," meaning the company pays for the lines regardless of the time they are in use. While this technology is sufficient for enterprises that need consistent connectivity, it does not meet the performance and cost control needs of companies that have multiple users and offices accessing client/server applications remotely. Branch offices or remote users that only need access for a few hours a day are better served by WAN switched services such as ISDN. In the ISDN environment, fast call set up times and other attributes of switched services enable "bandwidth on demand," meaning bandwidth is available when it is needed and charges are only incurred when data is actually being transmitted over the line.
With switched services such as ISDN, it is cost-effective to connect even the smallest remote or home office. Despite the many advantages of switched services, however, the must be managed properly to realise the maximum benefits. Tariff Management is based on the three technology areas:
- Bandwidth control;
- Connection control;
- Data Control.
Bandwidth control reaps maximum network efficiency at minimum cost by deploying flexible and dynamic bandwidth-on-demand techniques. Connection control provides the most efficient way of connecting remote locations. This is based on taking advantage of different tariffs and on prioritising connections. Connection control also provides fast and efficient recovery from failure. Data control makes the most efficient use of available bandwidth by using spoofing and triggered routing update techniques. It ensures that usage-sensitive LAN-to-WAN services such as ISDN are not left "on" when there is no data to send. Data control also uses data compression to squeeze as much data as possible into the available bandwidth.
When these concepts are integrated under a tariff management umbrella, network managers are able to gain the greatest possible monetary and competitive value from remote network access. There are many costs to consider when implementing a network solution. The cost of transferring data across the WAN is quantifiable and is the largest cost associated with managing a network.
Founded in 1836, Deere & Company is the world's largest manufacturer of farm equipment leading supplier of industrial equipment, providing customers in 160 countries from harvesters to lawn care products. In recent years, the company has rapidly expanded its business into Europe, and is now targeting new markets in Latin America and the Far East. Deere & Company is a company which has mastered the art of both end-to-end optimisation and tariff management. For Deere remote access has to cast a wide net to serve two primary groups: an external pool of several thousand national and international dealers, and the internal staff at the company's headquarters and regional offices.
But is it possible to develop a system that is far-reaching, convenient for multiple protocols, provides easy access to dealers, and is still mar ageable? "We're developing a new system called JDRemote based on Shiva LanRovers," he says. "JDRemote will support dealers dialling in over TCP/IP, IPX, and AppleTalk. Our users currently keep 500 asynchronous modems busy throughout the day, and a major goal is to eventually eliminate that pool by migrating users to the new system."
JDRemote will allow personnel such as territory managers to dial in and gain full netwok services. "We have factories in Spain, France and Germany, so we installed a LanRover in Mannheim Germany. Anyone in Europe can dial in to the number over analogue phone lines via X.25 and gain access to John Deere services," he says. When implementing remote access, the largest obstacle faced by Deere was installation of remote access client software. Mr Mally points out.
"We don't have one standard TCP/IP client on Windows PCs. It all boils down to this: all modems and IP stacks aren't created equal." As Deere sees it, remote access will continue to be a strategic advantage.
Please me and tell me if you liked my technical information, if I've made any mistakes or even if you might have ideas on topics for me to include here.
To go back to my 'techo' page, please press or
to go back to my Home Page, or even to goto my employer's home page.
This page has been accessed
Last revised: Sunday, 07 March 1999