ADS provides a remote access service that enables staff to access their email and files when away from their office. The most frequent request from staff is to be able to access their email remotely. The remote access service also allows staff to access applications which are normally restricted to computers located within UCL, for example MyView. (Access to such applications is dependent on which remote access option is used; the sections below explain the various options).

This paper sets out what is available as part of the service, the process by which staff can use it and the requirements and benefits to each.

All ADS staff can access their email remotely in one of two ways:

• View email using a web browser (using Outlook Web Access)
• Use an email client such as Outlook to download or view emails on remote computer

A connection to the internet is necessary for either of these methods.

Option 1 - View email using a web browser using Outlook Web Access (OWA)

All staff are able to view their email using a web browser from any computer with an Internet connection. This provides a flexible way of viewing their mailbox and includes all sub folders, the calendar, the task list, public folders and setting an out of office message. Staff can read and reply to mail or create appointments as if at their desk. Guidance on how to access your email using the ADS webmail service can be found in here.

There are some known limitations in the current version of Outlook Web Access, namely the restriction of some characters in the subject line of an email causing the email to not be displayed. This is because some some symbols are considered to be harmful by the email server and are blocked for security reasons. This will be resolved by upgrading to Outlook Web Access 2007 which is due for completion in Summer 2008.

NOTE: ADS currently support the ADS webmail service for staff accessing the service using Windows XP with Internet Explorer 6 and 7.

The current version of OWA is not fully supported for staff accessing the ADS webmail service using Internet Explorer on a Microsoft Vista operating system. Staff will be able to read emails but will not be able to compose or reply to emails. This issue will be resolved when ADS' email servers are upgraded in summer 2008.

ADS recommend that staff using Vista to access the ADS webmail service, should use Mozilla Firefox as their web browser instead of Internet Explorer.

Requirements

1. A computer with Internet access
2. Knowledge of the webpage address for the ADS webmail service
3. ADS username and password

Back to Top

Approval Process

All staff using the ADS service are automatically registered for this service, therefore no additional approval is required.

Option 2 - Access email using IMAP

All staff are able to set up a remote computer to access their work email. Using this method the remote computer needs to have an email client installed, such as Outlook, that supports IMAP.

The ADS team supports the following email clients:

• Outlook 2003
• Outlook 2002
• Outlook Express version 6

With IMAP email messages do not get downloaded to the local computer. Email messages remain on the ADS email server. Guidance on how to access your email remotely using IMAP can also be found here.

Requirements

1. A computer with access to the Internet
2. ADS user name and password
3. Knowledge of the ADS email server connection settings
4. An email client such as Outlook or Outlook Express that supports IMAP

Back to Top

Approval Process

All staff using the ADS service are automatically registered for this service, therefore no additional approval is required.

Remote access to files is available for registered staff. To remotely access files on the ADS servers staff need to have additional privileges assigned to their user accounts. These privileges allow staff to remotely logon to the ADS domain and manipulate files. Staff are able to access files in the shared divisional folders (where they have permission to do so) and their own personal files (Z: drive).

This service allows staff greater access to ADS servers than the email options above. There is a security risk in allowing such remote access so ADS require that all requests to use this service are approved by the divisional Director. User reps will need to complete an ADS Remote Access form for each member of staff requiring remote access.

Once approval has been granted by a Director, staff will be notified by the ADS helpdesk and will be provided with guidance on how to access files remotely according to their requirements.

Requirements

Option 1 -The division provides the member of staff with a UCL owned and ADS configured computer. This is ADS' preferred option, as a higher level of support can be provided than option 2.

For this the following is needed:

1. Approval from the divisional Director (via an ADS Remote Access form)
2. Telephone line (for dial up connections) or broadband access (for VPN connections)
3. Remote access permissions set on the user account by the ADS team

Option 2 - Use of staff's own computer or laptop. For this option registration with the ADS Windows Update Service is mandatory as well as installing UCL anti-virus software.

NOTE: This option is only available for staff using the VPN (not dial up service) as a fast and reliable Internet connection is needed to use the ADS Windows Update Service.

For this option the following is required:

1. Approval from the divisional Director (via an ADS Remote Access form)
2. Telephone line (for dial up connections) or broadband access (for VPN connections)
3. Remote access permissions set on the user account by the ADS team
4. Registration with the ADS Windows Update Service
5. Installation of UCL anti-virus software

Staff will only be granted remote access permissions once their home computer has been successfully registered with the ADS Windows Update Service and they have agreed to the ADS Remote Access Terms and Conditions.

Back to Top

Accessing Files Remotely

ADS provide two services for accessing files remotely: the VPN (Virtual Private Network) and Dial-up services.

VPN (Virtual Private Network)

There are two ways of using the VPN service:

1. Using your own or UCL supplied computer to make a direct connection to your work computer using Remote Desktop Connection (RDC). This is a simple way of accessing files and emails and provides full access to a work computer, therefore staff are able to work as if they were at their desks.

This option is useful for staff who need to access specialist applications which may be installed on their work computer.

Note: RDC is restricted to one connection per computer, this means if you are accessing your work computer, no other person in the office will be able to use the computer.

2. For laptop users VPN access will be configured directly on the laptop they use so that the user can access their files and emails as if they were in the office, when they are working remotely. This eliminates the need to have a dedicated computer based in the office as in first option above.

Laptop users can also be set up with offline emails which allow staff to access their data when they are working "offline" i.e. not connected to the Internet of the UCL network.

Note: The ADS team will primarily support staff using broadband access connecting to UCL over a Virtual Private Network (VPN) connection since the majority of staff now have broadband internet access.

Back to Top

Dial-up

Using the dial-up service staff can access files using mapped drives. Staff cannot use RDC to make a direct connection to computers located at UCL because dial-up connections are much slower than VPN, therefore are unable to support the performance and bandwidth requirements of RDC.

Since broadband Internet connetions are more common now than dialup, the ADS team will primarily support staff using the VPN and will also continue to provide support for staff using dial-up access.

To enhance security, staff using this service and connecting via a telephone line are required to submit their telephone number (usually a home phone number) to ADS. The user’s laptop or home computer dials UCL, after authentication the line is dropped and the user is called back on their preset number. This provides added security because remote access to ADS will only available from the telephone number registered with ADS.

Approval Process

The Director of the Division should approve any requests for remote access to files. ADS computer representatives will need to complete an ADS Remote Access Form.

The ADS team will provide support for the following aspects of remote access for UCL owned, ADS-configured computers:

• Connection details and setup to the ADS servers for access to email and mail
• Connectivity support for users
• Support for the ADS remote access servers

For staff using their own personal computer (i.e. non-UCL owned and non-ADS configured), the ADS team will provide support for the following:

• Registration with the ADS Windows Update Service
• Limited support for connectivity issues for user (this will be on a best endeavours basis, as the ADS team will have no knowledge or experience of how staff's personal computers)
• Support for the ADS remote access servers
• Limited support for the installation of UCL anti-virus software

• Divisional directors will need to approve all requests for staff to access files remotely
• Divisions will need to decide if they will provide staff with a UCL-owned computer that ADS is responsible for configuring
• Divisions will need to decide on a case by case basis whether to meet the costs of a broadband connection on leave it to the individual member of staff to do so
• Divisions agree to ADS re-charging telephone calls if the cost of these becomes significant.

• Flexible, staff can pick up their email for any computer anywhere, as long as the computer has Internet access.
• Web interface looks similar, but not identical to Outlook (email client installed on the ADS desktop)
• All email remains stored on the email servers so there is not chance that it can be accidentally lost through the transfer to the remote computer

• Performance is dependent on the speed of the internet connection
• Staff cannot view email that is stored on archived into a personal folder files as these are not stored on the email server
• Staff cannot view other colleague's mailbox folders: calendars, shared contacts etc.

• If Outlook is used, then staff use the same interface as the one used at UCL
• Provides fast access to emails
• Can view emails which have punctuation symbols in the subject line (unlike webmail)

• More complex to set up and use than webmail
• Each computer that a staff member uses needs to be set up to send and receive email

• Allows access to emails, files and applications as if one were in the office
• More secure and provides better performance than the dial up service

• A dedicated computer may need to be reserved for remote working (option 1)
• Requires a degree of technical competency to set up

• Dial-up access does not require access to the Internet. Staff dial directly into the UCL network using a telephone line, therefore do not require an ISP (Internet Service Provider)

• Performance can be slower than a broadband Internet connection. If you are connecting to the ADS servers over a slow telephone connection then downloading files can be a slow process and can be prone to failure.