7.0.8 Insight Remote Support Security White Paper

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Next Gen Software

Customer

Customer target

systems or devices

Remote

Access

Portal

Customer Access Server

SSH Tunnel

IPSec Tunnel

SSH Tunneled

Application traffic

Telnet, VNC, RDP,

PCAnywhere, etc.

Internet,

ISDN,

Leased line

HP Support

Specialist

Internal

firewall

Firewall

Customer

Firewall

Customer

internal

Firewall

Raw Application traffic

Telnet, VNC, RDP,

PCAnywhere, etc.

Customer routing device

HP Routing device

Access Server

Figure 9: General IPSec VPN Access with SSH

CustomerHP

Customer target

systems or devices

Customer Access

Server

Internet

HP Support

Specialist

SSH tunnel to HP access server TCP/22 (SSH) – inbound

SSH tunneled application traffic Application specific – inbound

Raw application traffic Application specific – inbound

IPSEC VPN Tunnel Protocol 50 (ESP) & UDP 500 (IKE)

Customer

Firewall

Customer

internal

Firewall

Remote Access

Connection System

VPN routing

device

VPN routing

device

Figure 10: General IPSec VPN Access Without SSH