NetOp Gateway is a special version of the NetOp Host module designed to act as a dedicated routing mechanism for NetOp remote-control traffic. This module is typically used as a single dial-in point, allowing guest users to access networked hosts via a central routing system.

Gateway lets you control multiple PCs using multiple protocols. It is possible to route calls from one protocol on your network to another, and vice-versa. It also includes the option to initiate multiple sessions through a firewall with only one TCP port open. The system also offers excellent security features ? access to the routing mechanism for Guests using dial-in can be protected with local NetOp authentication and centralized authentication using Windows NT SAM database and Microsoft Active Directory (Windows version).

What’s more, Gateway is the perfect tool to provide remote access to networked client PCs, or your own office PC. Gateway can route calls via another Gateway, making it possible for guest and host users relying on different communication protocols to access each other anywhere in the world. Gateway is available for OS/2 and Windows operating systems.

The Windows version of the NetOp Gateway is capable of routing from a networking protocol to a dial-up protocol. This permits a guest on the network to dial out using a modem on the Gateway and thereby reaches a remote host via modem or ISDN without having such a device on the guest computer.

Easy access to all networked PCs via a single routing point, scan the network for available host PCs, access users from one Gateway to another, supports incoming calls via dial-up (modem, ISDN or APPC ? OS/2 only) or across networks (IPX, NetBIOS and TCP/IP), data is compressed for maximum performance, full firewall security, log remote-control activity locally on PCs or centrally on a NetOp Security Server.

Gateway는 NetOp for OS/2 6.5 와 NetOp Remote Control V6.0또는 그 이상과 호환

(Windows version)

* Only supported on the server console

The purpose of the optional NetOp Name Management concept is to centralize NetOp Names in a TCP/IP environment, making it easier to link to remote PCs. The NetOp Name Management concept consists of three components: The NetOp Name Server, the NetOp Remote Control Guest and the NetOp Remote Control Host.

NetOp Name Server

The NetOp Name Server is a special Host module that can resolve queries from other NetOp modules about NetOp Names and convert them into IP addresses. NetOp Names can be: Host PC names, User login names, Security Server group names, Log Server group names, Help provider names, Guest names and Serial number names.

Every time a NetOp module initializes the TCP/IP communication, an automatic registration of its NetOp Names and current IP address takes place on the NetOp Name Server(s). They are represented by the fixed IP addresses or DNS names in the advanced configuration of the TCP/IP communication profile of the NetOp module.

The default NetOp Name Server addresses in the NetOp modules are the two public NetOp Name Servers represented by the DNS host names nns1.netop.com and nns2.netop.dk.

To facilitate the use of NetOp Name Servers accessed by more than one organization, the term “Name space ID” has been introduced to group NetOp modules belonging to the same organization. This will limit the answers from the NetOp Name Server to just the NetOp Names with the same Name space ID.

A housekeeping procedure on the NetOp Name Server cleans up inactive NetOp names that have not been renewed by the specific NetOp module within a certain number of minutes.

The NetOp Remote Control Guest will use the NetOp Name Servers every time it tries to call a NetOp Remote Host, if the TCP/IP configuration is set use it. It works both when the Guest issues a call on a specific name and when the browse function is used.

The NetOp Remote Control Host uses the NetOp Name Server to locate NetOp Help Providers - the Request Help feature.

NetOp Name Server is compatible with NetOp Remote Control 7.x and later.

(Windows version)

* Only supported on the server console.

The purpose of the optional NetOp Security Management is to control and administrate NetOp security in a centralized and fault-tolerant way. The concept consists of five components: The NetOp Security Server, the NetOp Security Manager, an ODBC database, the NetOp Guest and the NetOp Host.

The NetOp Security Server is a special Host module that can answer queries from other NetOp modules about session permissions and rights across a network connection by forwarding the queries to the ODBC database. The program must have access to the ODBC database containing security relations between the Guests and the Hosts. It is also capable of receiving NetOp log events and saving them in the ODBC database. For redundancy and load balancing, it is preferable to use more than one NetOp Security Server.

It is possible to use the NetOp Security Server in mixed environments with NetOp modules not supporting NetOp Security Management. In addition you can enable backwards compatibility by letting the NetOp Security Server work as an older NetOp Access Server. This will allow it to handle all OS/2 Hosts and Windows Hosts using the Access Server authentication scheme from previous releases.

The NetOp Security Manager configures how the NetOp Security Servers operate in your network. It is a client program that can edit information in a supported ODBC compatible database. The database is input to the NetOp Security Servers, and it is from this information the Security Servers allow or deny NetOp Guests access to NetOp Hosts. The NetOp Security Manager must be run on a Windows NT, 2000, XP or 2003 platform for full functionality.

The ODBC database can be any database system capable of handling communication through the ODBC interface. By using a standard interface like ODBC, you can use your own database system, which might contain fault-tolerance and other features for making the system available 24 hours a day. If you do not have any database system available, the NetOp Security Manager can create a local database for you based on the Microsoft Jet Engine. Once you have the data source ready, the NetOp Security Manager will construct customized default tables for you to start working immediately.

The NetOp Guests can initiate sessions with NetOp Hosts. When a NetOp Guest program tries to contact a NetOp Host program, the Guest identifies itself with a name and a password, which usually are a Windows Domain user name and a password. After the Windows Domain has validated user name and password, the Host program sends the user name to the Security Server together with information about the Host computer. The Security Server queries all relevant Role Assignment records in the ODBC database (a Role Assignment is a database record with a Guest field, a Host field and a Role field). It then returns to the Host information about what the Guest is allowed to do. On Windows NT, 2000, XP or 2003, the rights granted could be affected by the Windows Domain user logged in on the host computer.

The NetOp Host module can optionally be configured to use NetOp Security Management instead of the other available security methods. It uses an authentication key pair to secure the relationship with a specific NetOp Security Server group. Every time a NetOp Guest tries to gain access, the Host will perform a query to the NetOp Security Server to verify the session permissions and rights.

A NetOp Host can from a security point of view be handled as a computer and a person. You can specify an individual workstation as a host, but this requires that you explicitly enter roles for each and every workstation into the database. Instead, you can group computers into domains (or workgroups) that already exist on your network. If you connect to a computer and no one is logged in on that computer, you obtain the accumulated rights you have against the workstation and its domain. When you add a new computer to a domain, it will automatically be subject to the same NetOp security procedures as all other PCs in that domain or workgroup.

If someone is logged on to the computer you connect to, you obtain the accumulated rights you have against the logged-in NT user and all the NT user groups, which he/she is a member of. If nobody is logged in, the workstation identification counts. If that someone is not a globally defined user, but one that is only defined locally, he/she will be ignored and rights against the workstation will be granted. Global security is defined on global users only. From the Policy List view, you can set a Host mode, where you always ignore a logged-in user, and always grant rights based on the workstation name.

NetOp Security Server is compatible with NetOp Remote Control 7.0 and later. Backwards compability is available for NetOp Remote Control 6.x and NetOp for OS/2 6.x running ‘Use NetOp Access Server on host side’ authentication.