Methods of Remote Networking

Remote Networking Introduction.

VPN, RDS and VDI are three of the most famous TLA’s (three letter abbreviations) handed around these days, and are very useful practices for remote working. But what are the advantages? When should you use which one? Following article helps try to explain each method to help you decide, which suits your needs best.

Virtual Private Network.

By far the most common, VPN enables you from your network, to connect to another, for example from home to work, or from one company to another, in a secure and encrypted fashion.

It can be used to access shared folders, drives (if you don’t use cloud) and even devices on another ‘network’ with additional software such as mstsc.exe or the remote desktop applications that are available.
VPN can be client based using the OS, or, third party application usually and app or web page to build and maintain the connection. Or, on a grander scale you can construct a permanent VPN tunnel linking firewalls of one company to another, allowing multiple clients access to resources and different domains.

VPN has a big brother too called remoteaccess, think of this as an always on VPN, very useful, and does away with the manual involvement of having to connect. Largest issue with this method its aimed more at more modern network design IPv6, so if you have any older legacy systems it may be a problem implementing

Advantages, cheap, quick and easy to setup. Able to configure the protocol security type.

Disadvantages, Dependent on set up but you can give an awful lot of network view up. (even if you do your security should restrict wanderers). Can get complex when networks share IP ranges, so you have to NAT Network Access Translate addresses on one side so the masquerade as a different network. For example the widely used common internet facing network IP 192.168.x.x can be referenced as internal network IP 10.10.x.x.

RDS

There’s some confusion with RDS and VDI, so much so people use the term for both, but there is a difference. RDS (Remote Desktop Service) is the replacement for the older terminal services.

So, you can think of it as generating a standard template of a windows desktop machine that will be presented to every user who accesses it. In RDS the template is not designed to be able to be modified by the user, simply just used for their exact requirement.
You give the user a standard interface and applications to work with, with the data paths being set to alternative shared/private drives folders.

In addition to an entire desktop, there are also remote apps which are virtualised applications (Vapps) that can be provided over the remote interface. Suppose for example that 5 users need an invoicing application. Instead of installing on 5 machines create a single Vapp, where each user can call up the application as an when needed.
By centralising the application, there’s only ever one installation to update so that all users are on the latest/same version.

Advantages
Accrssibility to only the software and applications what the user requires, clamps down the security risks. Reduces individual machine set up by supplying that one standard virtual environment.
Disadvantages
Maintaining the template, so that updates are applied to ensure user is on the latest version of the software. Can become painful with multiple / regular updates

VDI

Virtual Desktop Interface, RDS with boots on. VDI creates several templates that can be presented over remote desktop services. But, each template is its own virtual machine for a specific user. VDI takes a little more consideration to setup, as you have to provide and environment that brokers connections, runs the virtual for the user. Depending on your user requirement you may have to deliver a hefty template to a user with lots of RAM, several processors So planning the servers that do this work takes planning and proper consideration.
But done right VDI provides a easy to maintain virtual ecosystem that allows your users to be anyway, connect and have a perfect work desktop delivered to them. There’s no need to buy equipment for users from home, they can use their own home computer to generate a virtualised power machine to work on.

Advantages
Run a PC from a tablet, Windows android or ios device. User has the control you allow to add additional software or to update existing installation. A true work anywhere solution, incorporates BOYD
Disadvantages
Initial cost and time in the setup is the biggest disadvantage.

Connectivity
If your working remotely your connectivity is imperative. I’ve encountered issues with users where their home broadband provider doesn’t allow for specific types of VPN, so ended up having to work around their issue by creating or using an alternative VPN, great it cures their problem, but it more to maintain.
VPN short term is okay over a mobile type 4G but remember signal changes as you move around, it may be difficult getting a good stable connection in the middle or nowhere, or in the middle of busy large city and peak times.
A good steady connection for RDS and VDI is vital, failing to do so provides a frustrating slow and regularly dropping out connection for the end user. Plus, a lot of frustration for IT having to unlock / free up dropped virtual sessions on the server.

Advertisements

Turn off WiFi when connected via Ethernet cable

 

Okay we’ve all been there, your trusty laptop in hand in the office, only to find the Wi-Fi is down, or it’s a little shaky in that side of the building and you have to swap to a Ethernet cable to maintain a good connection.

Easy enough plug it an and away you go.. But, although Windows 10 will simply swap to the Ethernet cable to work, Wi-FI still runs chewing away at your precious laptop battery life

Luckily you can configure your laptop to turn off WiFi automatically when a Ethernet cable is connected (Note dependant on the network adapter in the laptop) and save a little more power to prolong your use

Best done before the event as always, but ensure you’re on the WIFI when you configure your laptop adapter to do this

From the System tray right click on the WiFI/Network icon and select Open Network and Sharing Centre. In the Active networks click on the wi fi connection to open the status window

wifi1

wifi2

Click on the Properties button to get the current settings of the adapter, under the networking tab you’ll see the following, click the Configure button to get the fill properties of the adapter

wifi3

Now click on the Advanced tab, the property look for Disable Upon Wired Connect, and ensure its set/changed  to Enabled for the value

wifi4

IMPORTANT Should the Disable Upon Wired Connect option not appear, it’s most probable that your network adapter doesn’t support this feature.

Finally, click OK button, and presto all sorted. From now on, whenever you connect an Ethernet cable to your laptop, Windows 10 automatically turns off the Wi-Fi saving precious battery life.

Linx10v64 Review

Late in 2016 Linx launched the Versae range of tablets in a 10inch  and larger 12inch model. But, these new systems presented as a 2-1 model, (as were the older Linx10 and 1010b m10v64boxodels), have a sharper more professional look and feel to that of the older model. Many of the websites seem to confuse this model with the 1010b, and the 10v64 and it’s a very different beast indeed.

As gone is the rubberised no slip surface on the back of the tablet, now replaced with sturdy black aluminium. The fold out or origami keyboard stand has gone, and is now supplied with a separate click connect keyboard a la Surface, and the unit having its own kick stand, mimics the classic Microsoft Surface look and feel styling overall.

If you get a hold of one of these machines from Exertis, you won’t be disappointed. Provided you know what you’re taking on, as although it has the appearance of a Surface Clone, it most certainly isn’t one. The V64 is the first clue, the system comes with limited maximum 64Gb on board storage, but does allow for some expansion by means of the micro SD card slot.  The system utilises the last of the Intel Atom processors in a quad core configuration, which gives the little machine quite a boost operationally with fast RAM, but low power use. But, the processor is also a nail in the coffin of the device, as Intel have now ceased work on the Atom processor, and is no longer being manufactured by Intel.

 

With Microsoft’s Edu push for the Windows 10S and cheap systems, it’s a shame the 10v64 is already ‘out of date’, as its specifications are great for a good solid base computer for Education needs. The 10v64 has the styling and look of the Surface, but the bargain price comes with a few limitations. Measuring your requirement, means you may be able to have this Linx as your mobility device and yes, it can replace your laptop (depending on your circumstances), all without burning a hole in the pocket/purse strings. It’s an ideal take to school/college device, and for a good solid mobile device for work.

Setup/OOB

The traditional blue study cardboard box contains the tablet unit, and keyboard, with a box for the power supply and USB to mini USB adaptor. The power supply is now an all in one affair, with no click assembly as did the older models. A gripe I have is that the length of the charger is that supplied to all tablets (too short), fine on the desktop power supply, but will have a struggle if you need to go to the floor for a power outlet. But, the 2in1 was not designed to be plugged in permanently, it’s a device for being on the move, so shouldn’t grumble about that point.

First hurdle you’ll  probably encounter is the Windows 0/S upgrade, as the system comes with 1511 version of Windows 10. Not that the upgrade is not smooth to 1607 or 1703 for that matter, it’s  just getting to the upgrade download that’s a bit of an obstacle. The Linx settings not to download on specific battery charge % means that you’ll have to fully charge, and alter the battery saver settings to get the ball rolling on the upgrade. Once upgraded there’s no issues with Camera, blue tooth etc. Hence the smooth transition I mentioned.

The second hurdle will be the SD expansion, remember to reboot after you insert the SD card so it’s recognised by the system. Having got over these two minor obstacles you’re up and away.

Unlike the original 8 and 10 tablets that the company launched, the Versare doesn’t come with Office 365 included (no doubt Microsoft are weaning users off the old style personal edition). Instead, on install you’ll see three blank tiles that act as shortcuts to the store, so you can download the Word, Excel and PowerPoint apps to use if you have a 365 account already. In a way, this is advantageous disk space wise, in not having to install the full Office suite. But, the Office apps are more than adequate for use on the move for word-processing and spreadsheet use, and are upgraded regularly adding extra features.

 

The device

Having 4GB RAM is a first for Linx, and lets the Windows 10 Home software it comes with work fine, a definite bonus for the more power hungry old tablet users that are out there, capable to multitasking around four applications with no noticeable degradation to performance.

kickstandThe 10v64 fits nicely in the sub £200 bracket, obvious hardware restrictions were used in its manufacture. For example, the front and rear built in webcams are both 2 mega pixels not exactly the best, but sufficient for video calling and taking the occasional snap if needs be. The 10″ touchscreen is 720 standard HD 1200×800, again not the highest quality, but provides a good clear quality image for the desktop use and general viewing purposes, even for long periods of time.

The tablet unit itself is a weighty affair (remember I’m used to working with the smaller 8″ tablets) not only by its increased size, but the aluminium body and kickstand that allows the tablet to be used in laptop mode, so this in my opinion is a machine for using more in laptop mode remotely, rather than tablet style wandering about, as it will become unwieldy after a time.

Under the hood beats one of the last and best Atom processors the x5-Z8300 a 64bit Quad core solid heart. You’ll  find that the Linx can work well in desktop mode and handle a moderate amount of multitasking in its stride. The battery’s no disappointment, with you getting a good 5 hours processing time out of it before the sirens start to wail J which isn’t that bad for work purposes, as you can sneak in a recharge top up easily at lunch whilst in use.

The charger has gone back to a one-piece micro usb affair, and the device does take a little time to re charge fully.

 

Additional ports

Another difference between the 1010 and the 10v64 is the addition of a full sized USB 3 port on the unit.

10v64 portsThere’s also the standard Linx mini USB port (with an adapter supplied) enabling two full size USB ports to be available. Which is handy for a mouse, and connecting to external storage for example. The mini HDMI port is also available, allowing the unit to output to another screen if so required.

 

Keyboard

The system comes with a click connect keyboard now, much like the Surface, with a good positive click connection. Overall the keyboard (which is obviously reduced by the 10” size) works well, and doubles as a folder over cover.

10v64keyboardThe ability to use Fn key and alternative keys marked in the classic blue colour gives you the missing additional characters, and a number pad replication. The keyboard also contains the central mouse pad. Never been a great fan of mousepads, but once you get used to the occasional quirk, (moving mouse pointer and hitting the left/right button area) this works okay too. But for heavy mouse work, I’d recommend you make use of the USB and plug in an external one, to save your sanity.

 

 

Upgrade-ability?

My device was recently upgrade to the 1703 Creators Edition of Windows10 and everything ran fine with the update, and not one of the “this application has been removed as it’s  no longer compatible  messages. Hardware wise you’re  stuck with the 4GB DDR3 SDRAM (which is quite nippy) and the 64gb internal. The SD card can be expanded to allow another 200gb.

 

In the field?

So, is this a tablet that can replace your laptop?  It certainly can for me!  Both work and home computing for me is heavily reliant on cloud, using the 10v64 was no different to me using the laptop/notebook as that’s  where much of the software I use is held. Basically, give me tablet and a fast internet connection to sail her by and I’m  fine.

10v64modelThe 4GB memory and what I can only say is best of the Atom processors it’s  a Quad core! Really work together well for locally installed applications, there’s very little lag in launching and running applications. Going through updates is much easier with SSD as I’ve found.

The screen quality is good clear with a crisp resolution and usable in bright light. With the kick stand you only get two viewing angles 40 and 80 degrees but a desk the angle is sufficient to allow the screen to be visible without too much glare from windows or overhead lights, so is fine for working at the desk, at a table or a good flat surface somewhere if you’re out and about.

The keyboard arrangement works well uses a powerful magnetic catch that connects two prongs on the top of the hinge  to a single opening on the bottom edge of the tablet screen. A small connective strip between the prongs forms the electrical connection between the keyboard and the screen. The keyboard connects and more importantly stays connected well without the need for a release clip/button, and if you need to move the keyboard folders over the screen to make a good cover.

On the whole this is a great little machine, now the alternative to my use of the 8″ tablet work working on the move. The 10v64 is well built, works well and a solid reliable device

 

 

 

 

 

 

 

Dynamic Lock Windows 10 1703 Version

To add that little more security when you’re away from your PC you can use Dynamic lock, a new feature from the Windows creator update. Where your device is linked to the phone via bluetooth. When you (and your phone) are out of the range down comes the door locking your PC until you return. It’s a feature that will keep the ISO security brigade happy

Pair your phone

To enable Dynamic Lock, you must pair your phone with your PC. You can skip down to the next header if you already have paired your phone to the device.

On your PC, go to Settings > Devices > Bluetooth & other devices.

Turn on Bluetooth with the toggle switch there. (Turn on your phone’s Bluetooth as well).

Next, tap the “+” button for Add Bluetooth or other device.

In the pop-up Add a device window, tap Bluetooth, then choose your device from the list that appears.

Prompts should appear on both your PC and phone. Accept them to pair.

Turn on Dynamic Lock

This is a simple switch on, so go to Settings > Accounts and then tap Sign-in options in the left panel.

Scroll to the Dynamic Lock section and check the box for Allow Windows to detect when you’re away and automatically lock the device.

 

Dynamic Lock what it does

The device PC/Tablet will continue unlocked while your active on the device and until you and your phone are out of Bluetooth range. It takes 30 seconds after you’re out of range for the lock to engage, so if someone hops on your machine in under that time frame the lock will not engage as the machine is active

 

ISO states you should regularly lock your PC when you leave your desk, then perhaps Dynamic Lock can be useful as a safety net, kicking in to lock your PC should you forget, perhaps when you run out of your office Friday close of business J

Unlocking

This currently on your return has to be done manually. Only if you have Windows Hello active can you use face / biometric finger print etc to unlock the device. It would be nice if when you wandered back into the range for a time that the device unlocked itself, buit I suppose tha t would be a lapse in security if someone stole your phone for example

Telework/Remote Worker considerations

Working from home or on the move being a mobile worker is on the rise. A quick google and countless pages tell of employer/employee satisfaction. Large companies and small business can all thrive from the “remote worker” but providing its done right. For, as many success stories there are, there’s also horrible  fails.

But with the advent of recent hardware/software changes telework is an easy thing to introduce for employees, its benefits for employer office space wise, and employee not facing the dreaded commute are amongst the main advantages. But, how can both maintain good productivity?

Sadly, although some employees may expect “teleworking” as a perk, the productivity can fail. Employers offering the facility working from home can start to notice “failings”. As with anything there’s good/bad practices.

As an occasional teleworker for a continental company I can see these, but good practices get rid of the failings. Bridging the space between the office and home worker is the real key important factor, provision of equipment, and availability on Skype or some other conferencing tool, is not just the answer, there’s some liability on the employee themselves, to be effective and productive working remotely.

 

Internet Access

Sounds a silly, subject to check but even today there are still some blind spots with internet access, slow speeds and unreliable connections. If you’re offering home/telework as an employer, ensure that the user has an adequate internet access speed to be capable of doing the work. Certain providers effectively “block” some some forms of home working by adding security to the router and disallowing VPN types, or recognise your using bandwidth for business not home purposes. Get the employee to check they’ll be able to work out of office. A simple trial connection to the office and the software the user will need over a day or two should suffice, but be prepared for changes too.

Without doubt a good solid base landline /cable connection is needed, although 4G is nice, it’s not reliable. I live near five schools, and come lunchtime try and get a 4G signal as the kids are on lunch, as the local mast gets hammered, is a lottery connection wise. Mobile data is fine, but consider the environment, you should be fine in a town or office, but not if your working in an environment, that’s like a cellar in an old stone building! Check in advance of your visit that internet connectivity is possible for you, or that there’s some alternative arrangements connection wise.

Seeing staff grumble their internet connection is down, on social media when they have no backup is not what employers or clients want to be seeing. After all your expectation is going to be what is this person doing remotely without a connection? Colleagues working for larger companies have the “luxury” of having the internet provided for them by the employer, its not always the case and internet connectivity by the home worker is the top priority, you should not want to hear that “my connections dodgy today” from end users..

Also the watch out for the café culture  free wifi is handy, but firstly sending data over an unsecure connection (more on this later) is a bad idea. Also, be aware of your environment, do you really want a skype call from the local burger joint, where kids are screaming in the background, and the shouts of the bar / café staff? Think how this would look professionally.

 

VPN

Remote workers benefit pure and simple from VPN, not only does it offer a secure encrypted connection (getting around the internet access from free wifi we mentioned earlier). It allows access to the corporate/company domain facailities remotely.

Yes the employee has their company issued machine at home, or may even use their own if you allow BYOD, but do you really want your data saved on a remote machine? Simple answer NO, it should be stored on the corporate network. Or, at least somewhere accessible to the company such as cloud or local domain storage, in the even of loss/thief or accidental damage to the device.

Ok, you can protect a device with for example bitlocker, so if the device gets lost, stolen the information is unusable, but it’s still lost! If stored locally on the device hard drive. Encourage use of cloud storage and saving to the domain, its fine to have a local copy but lose the device, drop and damage it and you’re up the creek without the proverbial just keeping things local.

 

RDP/RDS

For the BYOD brigade use RDS or remote apps, even let the employee remote into a desktop device on the office for security sake. IT should basically not allow external devices onto the network, unless they’ve been checked. Maintaining domain access via a networking method is a good way of avoiding risks, as the network defences are the same both internally and externally for users.

The moment someone has a different machine the toll of IT support starts to rise with the can I have this installed, product X doesn’t work the same when I’m at home. Provision of a familiar environment always sounds like your clamping down on the end user, and to a degree you are. Otherwise, ensure that the end user has some base IT knowledge so they can map to drives they have permission or access  to. They don’t need to be a  Bill Gates of knowledge, work on the car principle as I call it. You need to have knowledge of changing the oil, water and wiper blades to maintain its running, but when something goes wrong, the user has to be able to tell you where the knocking sound is coming from at least, so the mechanic can know where to look at resolve the issue quickly.

Sadly too many remote workers have a lack of Basic IT skills, ensure that you offer training or assess their capabilities, before you let them work remotely. Again this avoids end user frustration not being able to complete tasks, and a whole lot of time for your ICT staff.

 

VOIP

Keeping the remote user on the same phone network eases having to remember mobile numbers, enables you to transfer calls, so you or other clients don’t have to ring or give out alternative home/mobile numbers of remote workers to contact. Remember VOIP will run on phone and device , so the teleworker when away from the device can still be contactable. Voip generally uses less bandwidth as does teleconferencing, if your office uses it, the remote work can simply join in on conference calls as they would frm their own desk.

Again the remote worker should consider their environment, if making a business call listening to “little Martin” screaming in the background, or being on the receiving end of remote workers taste in streamed music is a no no.

 

Skype/Teleconference

This is classed as one of major tools of tele/remote work, but in honesty it’s a blessing and a curse. Some folk simply don’t use Skype correctly, and as such is a constant source of distraction, with the bleep/bloop ring tone breaking the users concentration from their task.

Software has safety features, such as informing others your available, busy etc. Use them, don’t ignore them. Being in contact and knowing what remote workers are doing is essential, the manager should know that they are busy finalising an urgent  report, and therefore keep other minor interruptions clear of the worker.

As with any two edge sword, they should also wonder why the remote worker isn’t available when they’ve or clients have tried to contact them too.

If you’re going to conference with clients, don’t do it from the local burger emporium, or the living room with the tv/radio on.  It sets a very unprofessional presence, if you’re working from home, ideally have a home office, or at least a real quiet corner so you can focus on the call.

 

Collaboration software

Really that’s up to what the user and the company needs. Office 365 is a real boon, with the ability to share work, pick up others work and continue. You’re not bound to the device, and can pick up and work on the bus, from home, hotel etc.

Ensure remote users know how to work with a shared file system, again a number of times there’s been “I can’t edit the spreadsheet, as Fred’s in it” I’ve had to fend off, purely because users left files open and did another task, or the internet connections dropped leaving the file lock marker and IT wasn’t notified.

At the end of the day the worker is remote NOT ISOLATED they should report problems to IT and be able to contribute in their solution.

Remoting the remote worker for “repairs” to issues is easy Windows10 has facilities built in, or other products such as TeamViewer make ICT ‘s job of being their easier. Make sure you facilitate for such events. A remote worker without that the facility to work remotely is a waste of time effort and money.

Cloud provisioning

All of the above fits nicely into cloud, VPN to the corporate domain servers ensures access and security of information, working hand in hand with the collaboration  and ability to share work. DaaS accessibility to workers etc.

Onedrive/Drop box all allow the saving of information securely and remotely allowing other access if required. Cloud is something that should be explored not ignored for true remote working.

 

 

 

To Sleep, perchance to Hibernate or Shutdown ?

With the wide collection of new Windows mobile computing devices such as tablets and 2 in 1’s the question to Sleep, Hibernate or shut down a machine has become more of a grey area. Is there a right or wrong way?
Well No basically, it really does depend on what and, believe it or not, where/how you use the computer, as users utilising sleep often encounter issues caused by how they use the machine and in what environment.

As the computer that can be used anywhere brings in further problems which users may not even consider, how many users, do the following close the laptop lid, slide the laptop into their case and dash off after meetings. Or, at home leave the laptop on the couch/settee cushion when they work, or lay on the floor carpet.

Basically, blocking the air vents on devices with small footprints that rely on circulation to keep cool, is a bad idea and can lead to hardware problems. Try using a tablet after streaming a movie, and you’ll notice it gets warmer to hold. It really does depend on what you’re doing. Light use such as email, browsing hardly uses any power, so you don’t get heating problem as the processor isn’t breaking a sweat, so closing the lid is less of a worry.
Any way the rules of thumb I’d recommend, aren’t just for battery/power saving but also take into consideration the actual components in your machine.

Sleep
The option to use if you’re away from the machine for a short period of time, and want the device to start up quickly when you return or get to the next location in a short time. As all power except to RAM is effectively disconnected. The system has basically remembered what it was doing, so it can recall that state instantly on power up.
Problem is, leave it for a long time or during lower battery and you have the risk of RAM fail and possible corruption of memory, with the system not waking correctly and having to do a reboot.

Hibernate
The big sleep, the entire state of your computer is saved to disk basically, so when you wake the machine from this state it takes a while longer than sleep as the saved file contents are read back to reinitialise the machine from the state prior to hibernating. So you can you this for long periods, as power save is more effective than napping/sleeping the system
Issue you have here is inexperienced users panic in the time it takes to wake, and start hitting power buttons keys, which can interrupt the reinitialise and therefore they start thinking it broken, when it doesn’t restart instantly.

Power off
For me the better option, yes it takes longer to start the machine in comparison, if it’s taking ages, I’d recommend reviewing the apps you have is start up, are they all necessary?
Why is it better? Re starting the machine, gives you clean disk caches, reloads the registry, and clean RAM, so everything is ready to go with a clean slate. The start clean ensures no memory resident stuff left from apps that you may have run still hogging memory from sleep/hibernate is cluttering, or even more dangerously still holding in memory resident possible threat (malware for example)

Lots of users have ‘bad habits’ my heart sinks when I see folk wandering around the office with an open laptop balance precariously in one hand, mug of tea in the other, knowing that another possible “repair” is coming my way. The above functions work, use them in the correct fashion and you’ll be able to come back to, or transit a machine without a problem. Also note that the battery life is a recommendation not a guarantee when using them 🙂

What is Private Cloud?

Private cloud differs from “public” cloud in that it’s design is to provide access only to ‘authorized’ users.  It still delivers the flexibility and scalability of cloud architecture but in a more secure manner. Private Cloud is the usual choice of business to deliver a more reassured secure method of Cloud deployment.

 
Private cloud can be delivered in two main ways:-

Externally hosted – provisioned from a cloud service provider by means of an accessible virtualized storage server(s), off the network domain.
Internal Provisioning – Deployed virtualized server within the organizations domain network, delivered via HyperV, Oracle’s Virtual Box

 
Either method deployed delivers a service that end users generally access it through web based panels and local applications access it through API integration. The large difference is that there is some form of additional security so that the server service is not directly accessible to all and sundry via the internet.

 
For external hosting a dedicated line via encrypted VPN or SSL connects the cluster(s) to the client network. There is no direct method of accessing the private cloud over the internet without the additional security level of the connection.

 
Internal provisioning relies on the domain link network, and the virtualized server is access via internal IP address or machine reference. End users access can be limited from access via the virtualized server OS security (validating users)