Accessing iFINITY servers Advice March 2020 (COVID-19)

The need to access our servers in order to run RDP sessions for users of the Advanced Accounting Console working from home during the COVID-19 crisis has given rise to some pressure on server management and admin.

The considered advice at this point from our Head of Infrastructure is for you to get a single  VPN provider for all of your staff that require access, and provide me with the IP ranges used by the VPN provider.  This is the best advice.  Using a VPN is a simple task – once installed the user clicks a button.

This is not just our advice but System Admins around the globe are giving the same advice. We have been in discussion with colleagues across the planet and we all agree on the best way forward.

From every perspective we believe this advice is in the best interests of our clients.

Given the UK may be on lockdown over the next few days it is even more important to maintain access for staff and action this advice

We do not control the internet and there are many points of failure that we must consider in planning our own networking.

Normally we are able to add IP addresses to our whitelists for one or two homeworkers.

We have always gone out of our  way to accommodate those requests and we can normally respond very quickly.

Home users will likely be on a dynamic IP address, people move location, IP addresses change, wrong IP addresses are given to us and there may be other issues. Some dynamic IPs will change very quickly – and then it becomes a problem as your staff will not be able to connect. We have one of my own users that can have multi IPs addresses in a day, not even in the same range.

We may not be able to update the whitelist in a timely manner and you could end up with staff unable to connect.

The number of people in our organisation that can access the firewall is very limited for obvious reasons.
It does take time to change\update your whitelists – it can easily take me 10-20 minutes to update a single  IP whitelist address and there will be a long wait to apply those changes.

If we open RDP port (3389) to public access,  there  will be 1000s of hackers in minutes and it will very quickly kill performance, and I will be  putting our network at risk – which is not an option for us.

What can be done?

  • You can use the iMIS Staff Web site.
  • Most iMIS work can be done via the Staff site – this is already available.
  • For most,  there is very little functionality in iMIS Desktop that is not in the Staff site.

Your Office\work place is already whitelisted.

Your staff can connect to their office computers, and from their workstations to the RDS server we host for you.

Failing that - Here is a list of VPN providers I found for you.. ..

I cannot advise on the suitability or quality of service. Other options are available.

If you create enough accounts for your staff on a single VPN service, and supply me full details of their IP address ranges then I can that to add those our whitelist – Please do not ask your users to find their own VPN provider, you will need to choose one for your organisation

If you have any questions please contact me