Billion South Africa - ADSL Modem/Router, Wireless ADSL Router, Powerline ADSL Router, Homeplug Adapter, VoIP ADSL Modem/Router, Security Router, Broadband Router, SHDSL Bridge/Router, Wireless broadband

South Africa

Corporate Overview

News

Events

Awards

	Home	\|	Education	\|	BiGuard SSL/IPSec VPN Education	\|	SSL VPN Case Studies & Testimonials	\|	Professional Services

SSL VPN Case Studies for Professional Services

» Richard Cargill / SOHO / UK / BiGuard S5

Secure access to small office network from anywhere,
using BiGuard S5 SSL VPN
Organisations can give easier HQ access to home workers and
increased mobility to senior management

As a senior IT Manager for one of the large banking / finance groups, Richard Cargill is no stranger to finding the right technological solution to real-world business problems. So when he wanted to access his secure home office network when away on business, he began the search for a robust and flexible solution, and, after looking at several options, chose the Billion BiGuard S5 SSL VPN Security Appliance.

“When I’m working away, I need to keep in contact / check on my home network. This can be anywhere from simply the 100+mile daily London commute, to potentially any of the four corners of the globe. Basically, the BiGuard S5 has given me a reliable way of staying in contact as long as I can find someway to get internet access, be it at one of our corporate offices, hotel, local hotspot, internet cafe, GPRS etc,” explains Richard.

“When I’m working away, I need to keep in contact… from any of the four corners of the globe. The BiGuard S5 has given me a reliable way to do that,” says Richard Cargill.

Overview on SOHO solution for Richard Cargill

Business Type: IT professional within banking / finance industry

Location: London, UK

SSL VPN Solution: BiGuard S5 SSL VPN Security Appliance

SSL VPN Applications: Network Extender, NAT functionality, sharing files and access to home security / home automation

Selecting the right VPN product for the job

Richard was looking for something that could offer ‘clientless’ VPN access to his secure network at home. “I’d tried several approaches using other routers with IPSec or L2TPN support, but all had the requirement of needing some level of end user client component running, and often couldn’t control what was downloaded on the end platform / pc, as I was working from an Internet Cafe or locked down corporate network,” he says. Recognising he needed a solution that would simply operate from a web browser, Richard started to look into SSL VPN devices. “The initial offerings I found were aimed at large scale corporate facilities, and price tags just put them out of my reach, and therefore I initially did some investigation into the possibility of using an open source software solution. Whilst the latter worked, it was “flaky” in terms of operation, and I just didn’t have the time to spend working out what was going wrong, and correcting it,” he comments. With a background in low level software development in Unix platforms, Richard was at an advantage here, and could at least tackle this as a potential option – which would clearly be off the agenda for most people. While trying to hunt down a solution to the problem with the open source setup on Linux, Richard came across some product launch briefings from Billion on the (BiGuard S5) and (BiGuard S10). “A quick check of the specification on the web, confirmed that at the time there didn’t seem to be much around with the same functionality in that price range. I simply found a UK reseller and the box was delivered in a couple of days,” comments Richard. “Instead of needing to download client-based software with IPSec systems, with the Billion’s BiGuard SSL VPN I find that I can configure one of the inbuilt client applications to support my basic needs – even if I still have to overcome restrictions in the installation of Active X.”

Deciding on BiGuard S5
Richard had a strict set of requirements that the new appliance had to enable:

•	Checking security cameras, access to home automation.
•	Check email / messages in a secure manner.
•	Picking up voicemail messages, answering telephone calls if he’s on line.
•	Pickup and download of data and files from the fileserver.
•	Run a few specialist applications on his pc or Linux box without having to reinstall each time he’s working in a different location.

”In terms of the key decision of finally selecting the BiGuard S5, I was looking for something that would operate as a network utility device, and had nothing inherently in its design that would limit operation to any specific platform OS. However, it must give some level of flexibility to work with the existing security approach that I'd implemented.”

Home office network setup
Basically Richard’s home office network can be considered as being composed of three main components:

•	Home security / automation server (Red-Hat / Fedora Linux) - provides remote house monitoring from webcams and network cameras, plus can switch the lights on and off etc.
•	PC / File server (XP professional currently going up to Vista) - used to run some basic small programs (Office etc.), but also acts as the main file server (with 1Tb capacity).
•	Linux (Fedora) application and SIP server - running some basic utility and monitoring programs, but it’s also setup for connection to local PTSN:“So that I can effectively make and receive calls “from / to” home wherever I am in the world. Think of this as a home grown “Skype”,and as long as I can get a VoIP client running, it works without too much problem,” he says.

The home Internet connection is over a standard 8Mb ADSL broadband connection, courtesy of BT, with address registered via dynamic DNS. To gain access, Richard uses the following end devices:

•	Standard laptop (which he generally carries on most trips).
•	PDA / Smartphone used mainly via Wifi hotspots, and occasionally via GPRS (bandwidth / throughput is generally the limiting factor here).
•	Alternatives can be an Internet Cafe or a locked down desktop on the corporate network.

The BiGuard S5 sits between Richard’s servers and the ADSL router, with the latter tunnelling https requests to the BiGuard S5 WAN interface. This arrangement gives him two levels of service: use of the inbuilt BiGuard S5 portal applications for when there is only limited control over the end point, such as an Internet Café; Network Extender and inbuilt applications when running on his laptop.

Installation and administration
Richard found the installation and configuration very simple. “Following the quick start guide got me up and running in about 20 minutes. Once I’d learned how some of the more advanced features worked on the menu, it meant probably about another 20 minutes worth of re-configuration. Apart from that, the only other time I’ve really done anything to it is in terms of running a firmware upgrade,” says Richard. Since it’s only a basic setup, Richard found that once it’s been configured it has taken no effective administration time to support. However, he does have the box “talking” to a syslog daemon, along with the ADSL router, on the basis of picking up any unusual events / potential intrusion detection. As for support, Richard has found the process to be prompt and accurate in the information supplied: “I’ve only had to make one call to technical support team, and that was on some minor query related to new features in the firmware upgrade,” he adds.

BiGuard product features
“As long as I’m using a platform that can support the Active X control, then I find Network Extender invaluable, for example when running a VoIP client to Linux platform from my laptop,” comments Richard. In addition, Richard is exploiting the NAT functionality to provide an additional level of security in “exposing” the servers. The clientless login has proved popular. “Bluntly, I’ve found no issue at all, and others in my family who are far from computer literate have found it very easy to use, once the basic concepts have been explained,” says Richard.

The future
The major benefit of the BiGuard S5 is how it enables secure flexible access from any location:
“I know I can consistently get some link back to my home office network - in the words of the old Martini advert “Anytime, Anyplace, Anywhere,” says Richard. In future, he predicts significant growth in demand for SSL VPNs as businesses change their working practices and adapt to modern life: “Personally, I’m happy that the BiGuard S5 is covering my immediate and short-term needs. However, I can see an increasing demand for this type of requirement generally, as more organisations move to extended home working and increased access / mobility to their senior management,” Richard concludes.