|
IQ CENTRAL HOSTING SERVER |
||
|
Most litigation Repositories make use of Client/Server topologies (also called "thick client") and all will provide a reasonable solution based upon your requirements. IQWEST presents an additional option that is based upon a newer approach to "thin client" technology. SummaryBasically, "thick client" means that much of the executable software resides on the client (user's PC on the internet) and files are downloaded. A "thin client" infers processing at the web server with only screen shots and mouse movements moving across the internet. Litigation Document applications have extremely high bandwidth demands; a single page tiff file is 40kb to 60kb in file size. While the data base record is small and returns fast results to the internet client user, when that user wants to view documents, and a search results in several documents to be downloaded, the user quickly becomes impatient waiting to view whether or not search results produced relevant documents. In a "thin client" server (as a Citrix) views of original images to the screen happen very quickly (far less information passing across the internet). The problem with "thin client" has to do when the user needs to save a file, PRINT or otherwise locally process the documents. In this case all the above applications will have difficulty, because now they are sending entire documents or images across the internet. IQ Central Introduces the "Rich Client" The resulting new breed of rich client offers more than either the thick or thin client approaches. Modern litigation searches require richer interaction between their hosted document server and the users of those applications. Users will increasingly demand the ability to present very large document subsets to a dispersed audience without sacrificing the functionality or speed on a remote server. One advantage of the classic thin client is the elimination of any download and installation of user interface software on the user's system. This is where published applications over thin clients differ from standard web based applications that leave the burden of processing the data to the local computer. Published Applications In today's business litigation world the advent of sharing case data amongst in-house counsel and outside counsel or experts has become a driver of this technology. The efficiency attained with this method has allowed firms to slowly move to sharing this case data through a technology called hosting. Typical web based applications will perform well in displaying raw data , although in the case of business litigation hosting this raw data is accommodated by images of the original documents which are linked directly to the documents being analyzed. As long the user is viewing the data they do not notice many variations in speed of response. Although as soon the original image needs to be downloaded and displayed on the user's local system the inconsistencies in case data reliability shows itself. In a thin client environment, since all processing is performed at the server, only keyboard, mouse and display paints need to be transferred over the often slower link between the client system and the hosting site. In the case of image extraction used previously the server will pull up the image at the hosted site and only display a picture of the image across the users desktop. This decreases the bandwidth requirements for such a task tenfold. A typical Tiff or PDF image of about 40-60 kilobytes will be decreased to a few kilobytes sufficient to display the image on the users desktop. In short, a thin client does most of its processing on a central server with as little hardware and software as possible at the users site. The following the topology by which the various experts on a case can access data seamlessly, while protecting the employing secure remote access solutions as a key element of the enterprise network architecture.
Introduction: SSL VPNs and the Breaking of Enterprise Security As previously mentioned your document base is likely to be shared between disparate groups as Co-Counsel, Experts, etc. Ensuring that enterprise network resources are available for this diversified user base - from any location, at any time - has become a fundamental requirement of doing business. In response to these needs, SSL VPNs have emerged as the vehicle of choice when extending authenticated network access to employees as well as organizational constituents traditionally considered "outsiders". Yet these advances come at a price: The exacerbation of enterprise security flaws By its very nature, SSL VPN technology compromises traditional efforts to secure the network perimeter. This troubling consequence is due to the fact that, with SSL, users pass through the perimeter firewall on encrypted sessions that cannot be monitored by intrusion detection systems or inspected by firewalls. As a result, an unbridled troop of road warriors, partners and telecommuters require secure access to the servers from a variety of unprotected endpoints, effectively bypassing the organization's perimeter security protocols. These unprotected endpoints include:
This amalgam of unprotected endpoints represents the "nomadic fringe" of the network, providing hackers with an array of potential attack vectors to exploit what are essentially doorways into an enterprise network. The "nomadic fringe" represents the single greatest source of vulnerability facing hosted environments today. The New Paradigm: Security Policy Enforcement IQWEST understands that the concept of the closed network with a hardened perimeter must evolve into a Web of largely autonomous security domains - each protecting one or a few applications. Access for application users must be regulated by adherence to strict security policies. In this forward-thinking view, the protective network boundary moves from the external perimeter to the internal domains. The distinctions between internal or external, trusted or un-trusted, local or remote fade away as access control morphs from exception-case policies to fine-grained control applied to all applications. This new security paradigm utilizes strict policy enforcement to grant access to secure information domains. Applications publish their security policies and user access is granted as a function of policy compliance. Characteristic of this new security paradigm is the necessity to lock down all doorways by default and to only open doors as required, and then only to users or services that comply with the dictated security policies. In order to securely accommodate differing levels of trust for diverse user communities, the security policy incorporate a variety of methods for granular access control on a user-by user or group basis. This powerful framework integrates external authentication and policy structures. It also works with numerous authentication and authorization protocols, including:
Solution: Concordance 8\Opticon 3 published as a thin client Using the aforementioned assumptions that attaining better accuracy through more reliable methods of client desktop communication (Thin Client) published over the most secure technology available today, coupled with the most efficient litigation based software is the ultimate solution for today's demanding world of business litigation hosting. |
||
