Old ways of thinking can be difficult to overcome. Most companies still use the traditional method of providing remote access services: internally housing RAS servers that have attached dial-up devices (e.g., modems, ISDN terminal adapters) in a central data center or at individual branch offices. This setup forces organizations and their administrators to shoulder all the financial and administrative burden related to the necessary equipment. In addition to maintaining costly servers, modem banks, and telco lines, many companies provide costly-to-maintain toll-free numbers for their remote users to use on the road. The popularity of this setup doesn't mean it's the best way to provide remote access. Perhaps the time has come to consider a radical new approach: Throw away your modems.
I'm not suggesting that you actually toss good equipment into the garbage. My point is that you should consider other avenues for providing remote access. One idea is to outsource your dial-up infrastructure to companies better suited to maintain it. In the past few years, competition in the dial-up ISP market has grown to the point that dial-up Internet services are a commodity, and many dial-up accounts cost less than $20 per month per user. In addition to reducing costs, the increased competition has forced many ISPs to offer their customers additional services such as 24 * 7 support and nationwide local access numbers. This quality and level of service is difficult and expensive for corporate IT shops to duplicate.
These developments represent a significant boon to RAS administrators who can now use ISPs not only for special needs (e.g., providing Internet access to traveling employees) but also for the company's general dial-up remote access needs. And Windows 2000's fast new VPN technologies (e.g., Layer 2 Tunneling Protocol—L2TP—and IP Security—IPSec) make doing so even more feasible. Although PPTP is still a viable VPN technology, it is notorious for exacting a substantial performance penalty from VPN connections—a situation that is especially troublesome for low-bandwidth modem connections. Therefore, if you're considering outsourcing your dial-up infrastructure and focusing internally on maintaining a VPN RAS infrastructure, avoid PPTP and use L2TP- or IPSec-based implementations when possible. Your ability to avoid PPTP will depend on the OSs your RAS clients use. At this time, only Win2K supports L2TP and IPSec out of the box.
Using an ISP to provide the dial-up and Internet portion of a VPN connection will free you from maintaining dial-up hardware and let you focus on VPN-centric RAS or RRAS servers. In this scenario, the primary function of your RAS or RRAS servers will be to facilitate incoming VPN connections—no modems or cables required. Of course, you'll probably want to keep at least one or two modems around for times when the Internet connection goes down and you need an alternative way to access the network.
Whether this remote access solution is appropriate for your organization depends on your network environment. If you're charged with maintaining a substantial number of dial-up lines or large numbers of remote users, or you expect your organization's RAS needs to grow significantly in the future, you might benefit greatly from outsourcing the "dial-tone" portion of your RAS connection. If, however, your organization has security or political considerations that prevent you from outsourcing or has recently invested in new dial-up equipment, the beeps and static of connecting modems will remain a part of your daily life.