While many of you are having to work from home, we have seen an increase in reported connectivity issues from clients when accessing SunSystems remotely.
One of the simplest ways clients can work remotely under these current circumstances is to be set up with a VPN (Virtual Private Connection) on your laptop to enable access to all your usual applications. This is convenient, however can potentially see some issues arise.
SunSystems and the companion products are multi-tiered applications. They have components that run on a client PC that need a constant network connection to the application and/or database server to run.
If the network connection between the client application process and servers is interrupted in any way, the currently accessed application will display a connectivity error. The user is then forced to close and re-open the application. Additionally, a system administrator may be required to unlock your user ID within the applications, and to clear server and database processes in order to allow the user to re-use the application promptly.
The most common connection error prompts for the different SunSystems client suite of applications and versions are shown below.
PA Products 3-Tier
PA Products 2-Tier
Wi-Fi is one of the biggest contributors to connectivity reliability as it works over a radio signal rather than a stable cable connection. For multi-layered Client / Server applications to run reliably, they need an uninterrupted connection during the session.
Now let’s briefly discuss the scenario of running client / server-based applications over VPN’s. This post’s objective is not to be technically heavy, so comparisons and technical detail about different VPNs and settings will not be discussed here. However, the point of a VPN is to enable authorised access to the organisation’s infrastructure through the company’s firewall from the client PC utilising an encrypted tunnel. VPN provides a low cost, secure mechanism to allow the users to run their applications remotely. The main shortcoming of running client / server applications over VPN is that the application is more prone to connectivity timeouts and performance issues. VPN and firewall inactivity timeout settings need to be reviewed also. The client application process usually runs on the laptop communicating over the internet via the VPN, making connection reliability and hence application error disconnects an issue.
Another common scenario for those clients where users have desktop computers rather than portable laptops is to leave their desktop workstation switched on in the office and use VPN to connect via RDP (Remote Desktop Protocol). While this does address the connection reliability issue in this scenario, there is no guarantee of workstation up-time. Unless there is a person in the workstation’s physical location, there is no guarantee that the desktop will always be powered on and connected to the network.
Ensuring availability and increasing reliability
So, what is the solution? The main objective is to improve the connection reliability and availability between the client PC application layer process and the server application layer(s).
To do this there are a couple of options:
- Remote Desktop Services (RDS) / Citrix Server
This solution is designed specifically for remote work. Having the client PC application components running on an RDS server means they can run on the same physical network as the application / database servers. This provides the most reliable network connection possible between the running client application process and the server layers.
Connection from a home PC to the RDS Server can still be achieved via VPN or through an RDS gateway setup. Although the connectivity between the home PC and RDS server still has the same level of reliability, the key difference is that the client application process now runs from the RDS server, maintaining a reliable connection to the application and database server through a dedicated network connection.
The user has the ability to “resume” related SunSystems application sessions via RDP Desktop or applications once the internet connectivity has returned.
Remote Desktop Terminal Services does incur additional Microsoft Terminal Server licensing, however there is an initial grace period of 120 days.
Adding an optional Citrix layer on top of Terminal Services can offer additional management and control benefits. Citrix can also be used to provide the next option discussed: Virtual Desktop Infrastructure (VDI).
- Virtual Desktop / PC
An alternative to RDS is to use virtual desktops or Virtual Desktop Infrastructure (VDI). This is where one or more host servers are used to host and provide a virtual desktop to the users that can be accessed remotely through a gateway. As the virtual desktop, back end servers, and data reside on the dedicated network, the SunSystems Client application layer will remain intact if the remote connection drops out, reducing the need for administrators to clear locked users and hung processes.
This solution provides the most secure, configurable, high performing option. There are quite a few providers like Citrix and VMware that provide VDI based solutions.
Implementing an RDS Server or Virtual Desktop solution requires minimal planning to ensure the right amount of resources are allocated to the RDS Server(s) or Virtual Desktops. A simple guide is to base it on the number of concurrent users and applications used during the busiest month end periods.
The table below provides a summary of the remote access options.
|VPN||RDS Server||VDI (Virtual Desktops)|
|Cost||Initial Low||Ongoing Low||High|
|Maintenance||High, numerous machines to be patched.||Ongoing maintenance is low if client machine access is revoked and only RDS Server is used.||High, numerous machines to be patched.|
|Security||High. Data is encrypted and protected in transit. Data can leave the corporate network.||High. Data can be restricted from leaving corporate network.||Highest. Data is restricted from leaving corporate network.|
|Client Process||Client application process run on client machine.||Client application process along with other user client processes, run on RDS Server, located on same LAN network as back end servers.||Client application process, run on dedicated resourced virtual desktop, located on same LAN network as back end servers.|
|Client/Server Application Connection Reliability||Low||High||High|
|User Experience and Customisable||Dedicated personalised familiar User customised Windows 10 Desktop experience.||Shared Windows Server User experience.||Dedicated personalised familiar User customised Windows 10 Desktop experience.|
|User Base Suitability||Suited for small user base, short term use.||Suited for small to large user base, long term use.||Suited for large user base, with heavy graphic processing, long term use.|
VPN alone can provide a cost-effective short-term remote access solution but is not ideal for the long term. Utilising RDS or Virtual Desktops via a gateway or via VPN shifts the client application processing to occur on the same dedicated network as the servers and data, providing improved reliability and availability.
Professional Advantage can assist in recommending and setting up the best long-term remote access option for clients using SunSystems, based on the existing business user base and infrastructure.