How to quickly Web-enable corporate apps

With today’s focus on efficiency, the ability for workers to access corporate data anytime, from anywhere is on the way to becoming a business best practice. When IT is tasked with implementing a remote access project, a number of stumbling blocks immediately present themselves. One of the largest problems IT must solve is how to provide secure remote access to any and all “legacy” applications (which I define as “anything in production!”), including mainframe and client/server, without requiring a complete rewrite of the applications to make them Web friendly.

One traditional approach to solving this problem is through VPN technologies, in which an encrypted “tunnel” is established between the remote PC and the corporate network. The problem with VPNs is that, unless the application being provided is Web friendly (that is, it can be accessed directly from a Web browser), the client application must be loaded on the PC. This introduces a number of operational headaches and expenses, as the remote applications and workstations must be maintained and supported by IT.

Alternatives to VPNs have been released in recent years that enable remote applications of all varieties to be securely accessed from a Web browser, anywhere. These products generally take on two architectures: Web-to-desktop or Web-to-presentation server. Both architectures utilize a standard Web browser and do not require any vendor-specific software on the remote PC; all required components are dynamically downloaded at run-time.

In Web-to-desktop products a user connects via a Web browser to a central Web server, which then establishes a secure connection through the corporate firewall (using standard ports) directly to the user’s PC. An agent loaded on the PC sends the contents of the desktop to the remote Web browser, providing full remote control of the PC. I tested one product, GoToMyPC Corporate, with very good results, even over a 28K bit/sec modem link. These products work well for remote workers that have dedicated PCs back at the office, but they are not cost-effective for a company with a large mobile workforce. Pricing for these products, which are usually marketed as services, ranges from $10 to $20 per month, per user.

In Web-to-presentation server products, the user accesses a corporate Web server, signs on, and is provided secure access to their remote Windows “desktop,” hosted on a central presentation server. The most robust product I have used is the Citrix MetaFrame Secure Access Manager (MSAM), which provides access to a virtual Windows desktop hosted on a Citrix MetaFrame Presentation Server.

I tested the Citrix MSAM product over a 28K bit/sec modem link and a Sprint wireless data card and experienced excellent response time and rock-solid reliability in all instances. Advantages of this architecture include greater security (Citrix, for instance, supports two-factor authentication and third-party encryption) and scalability, fully leveraging the advantages of presentation services architectures. The sweet spot for this type of product is clearly large enterprises that are already invested in presentation servers, and who can easily offset the initial investment cost through cost savings and increased worker productivity.

Regardless of which method you choose, these new Web-based remote access products work well even under bandwidth-constrained circumstances such as dial-up and wireless modems. I highly recommend you consider one of these alternatives if you are looking for a way to rapidly provide remote access to virtually any corporate application, anytime, from anywhere.