The following two real-world scenarios compare nokLINK™ with an alternative solution to help you identify ideal implementations.
Remote users who require limited access to application(s) on 3rd party networks are an ideal implementation for nokLINK™. One example is a company deploying Microsoft® Project (EPM) for use by employees, supplies, consultants and customers.
Enterprise Project Management (EPM) typically requires access to highly sensitive information by individuals who belong to multiple separate organizations. In order to secure the data, most EPM consultants will recommend implementing a VPN. However the IT department in the organization implementing MS Project does not want to provide VPN access to unknown users and devices. The end result can be a stalemate between the consultant and the IT department, or the implementation of a VPN that can be difficult, expensive and unnecessarily exposes security vulnerabilities.
Unlike VPNs which require extensive IT knowledge to set up and maintain, nokLINK™ provides remote access to individual applications that are easy to set up and maintain, without exposing the entire network to undesired access. Unlike traditional VPNs, nokLINK™ does not attach remote users to the networks in use; rather it provides secure application-specific tunneling between the client and server. Both client and server networks are always hidden — protected from being detected, seen and attacked. The following diagram illustrates how client and server are isolated from one another but still able to communicate via a nokLINK Master.
As the above diagram illustrates, nokLINK™ devices communicate securely between 2 separate networks. nokLINK™ Clients may connect to nokLINK™ Servers via one or more nokLINK™ Master brokers, and nokLINK™ Master brokers may route connections between themselves based on performance and load balance parameters at the time of connection. nokLINK™ clients initiate a connection to a nokLINK™ server on demand, without exposing either client or server to the Internet or to one another, as requests are responded to only when a nokLINK™ Master authenticates each end-point.
Any attempt to trace communication to a server and attacking a foreign network is thwarted by the nokLINK™ Master that must broker all connections. If this were an EPM implementation, nokLINK™ may provide remote access to the web server running Project Web Access. nokLINK™ may also provide remote access to the SQL database in order for project managers to securely publish projects without exposing the database to attacks. Remote administrators can also have access to a system for configuration using Terminal Server without opening any holes in the firewall. The result is a secured, isolated application access to specific devices without unwanted exposure to any networks in use.
Users from dispersed networks utilizing protocols which require secure, real-time, 2 way communications can greatly benefit from nokLINK™. One example is a technology organization developing VOIP, ISO8583, Messaging or other client / server systems could implement nokLINK™ as the security and routing protocol, an easier, more powerful alternative to a VPN. Implementing a traditional VPN may have significant configuration, security and performance issues since VPNs provide users the ability to attach themselves to a single foreign network. A VPN may not be ideal for use with VOIP as it requires fast, secure, real-time access to multiple dispersed networks. Deploying a traditional VPN may result in poor performance or in the alternate, the exposure of the VOIP communication to the Internet, which can then be filtered, tracked and attacked.
nokLINK™, users are never attached to another network. With nokLINK an end-point to end-point encrypted connection is established via one or more nokLINK™ Masters. The traffic is not transmitted as VOIP and therefore cannot be filtered or viewed. What’s more, 100% privacy is maintained because all nokLINK traffic is brokered by the Master and therefore cannot be traced from one end point to another. In addition to the security and privacy benefits, a nokLINK™ network with the appropriate topology is capable of improving performance between end-points that reside thousands of miles apart, by altering the connection and routing parameters in real-time.
The capability of any nokLINK™ enabled device to act as both server and client without exposing itself to the internet or another device is a feature not possible with traditional VPNs. Every nokLINK™ enabled device is assigned a virtual .vsx name and transformed into a stand alone domain which is an authorized participant of a “Dynamic Virtual Network”, capable of receiving requests regardless of network or firewall configuration. This topology is ideal for applications which can benefit from true 2 way communication, including VOIP, file transfer, Messaging, Database applications, B2B systems, POS Applications, media distribution systems - essentially any client/server application.
The above diagram illustrates how multiple clients and servers connect to one another from separate, discrete networks, without ever being exposed to one another or the Internet. Every request is authenticated and brokered by the Master(s) to ensure privacy and integrity of ALL end-points. It is important to note that nokLINK™ is an end-point to end-point encryption and routing system, where only the intended recipient can decrypt the communication. The Master can only decrypt the header for authentication and routing but is unable to decrypt and access the message. The result, a “Virtual Application Tunnel”, is established on demand between 2 end-points, either of which may act as client or server. Whereas with traditional VPNs the connection is not “Always On” and requires a client to establish the connection, making it unfeasible for true 2 way communications.