Remote access systems that enable access to a remote device from a guest device have become more commonplace in recent years. For example, such systems can be utilized by employees to remotely access data and applications on corporate networks and by technical support personnel to assist customers in troubleshooting technical problems on their computers. Existing remote access systems typically enable access to a remote device from a guest device through a publically accessible gateway, virtual private network, and/or via a centralized publically accessible routing point. To remotely execute applications, the guest device can receive application data through static port forwarding techniques from the remote device, or by utilizing a remotely-generated graphical user interface that is displayed on the guest device, e.g., a traditional remote desktop transfer.
However, existing remote access systems do not typically provide secure enough access to remote devices, in view of security policies and/or standards which are not robust enough. The access provided by existing remote access systems may be on a per-session basis but not fully take into account various factors, such as date, time, user, the type of remote connection, the connection origin, and other factors. For example, guest devices that access remote devices with existing remote access systems have the same rights and privileges, regardless of the user, type of remote connection, time, date, and/or application to be executed. In addition, static port forwarding of application data may be suboptimal because it requires prior knowledge of the existence of an endpoint and its configuration. Static port forwarding also requires static open ports in a firewall for communication, which may be a security risk. Furthermore, existing remote access systems may require installing remote access software on each endpoint that needs to have remote access. Installing such remote access software on certain types of devices, such as building control systems, may not be technically possible due to incompatibility issues or may result in unacceptable security risks. An additional drawback to existing remote access systems includes that the guest device and/or the remote device may need to have publically-accessible open ports in order to be reached from outside their respective networks.
Therefore, there exists an opportunity for a system and method that addresses these concerns.