Home Page

VPN & Cryptography

Firewalls

Email & Spam

Security Terminology

 

VPN Terminology

VPN Tutorial Guide

3DES

AES

Aggressive Mode

Authentication Header

Asymmetric Encryption

Authentication

Certification Authority

Data Integrity

DES

Diffie-Hellman

Digital Certificate

Dynamic IP addresses

Encryption

ESP

IKE Oakley & ISAKMP

IPSec

IPSec Quick Mode

L2TP

Main Mode

MD5

NAT-T

PFS

PKI

Policy-vs-Route-VPN

PPTP

Pre-Shared Key

Remote Access User

RSA

Security Association

Sha-1

Site to Site VPN

SSL VPN

Transform Sets

Tunnel mode and Transport mode

VPN client tunneling option

VPN Topologies

VPN Tunnel

 

Secure Socket Layer (SSL) VPN Web Portal

 

 

The Secure Socket Layer (SSL) application layer protocol is commonly used in conjunction with VPN connectivity. SSL provides excellent security for remote access users as well as ease of use.

The SSL protocol is already heavily used by many online web services such as when you shop online or access your bank account online, and when doing so you will notice an SSL protected web page as indicated by the “https” characters in the browser URL. The difference between SSL and IPsec VPNs is that when using IPsec, a remote user would require client software installed on his\her device, which would need to be configured before use. Once configured, the end user would be able to connect via the client and have access to his\her network resources. However with SSL VPN technology, you do not have to install any client software, as you log into a web portal, you just need the public facing IP address or the URL address and a web browser to access the portal. The portal is a web GUI interface that is accessed via a web browser and contains tools and utilities in order to access applications on the network, such as RDP and Outlook.

SSL VPN can imitate the way IPsec works via a lightweight software client that can be configured and installed directly from the same portal you log into, without much effort.

Key points between IPsec and SSL VPN's

The term 'SSL VPN' is when a user connects to a web portal via a public facing IP address or domain name, and after a secure https connection has been established between the client and the VPN gateway device, the user is able to log into the web portal. Once logged into the portal, a user would be able to access the configured enterprise applications, or download the VPN client software. Using an IPsec client on the other hand, the client would need to be installed and configured on the end user device before being able to use it to connect to resources on the corporate network.

Here are some comparisons between the IPsec client and the SSL VPN portal:

- The IPsec protocol is sometimes blocked in public places such as hotels and cafe's where SSL tends to be open.

- IPsec software has to be installed and configured on all client systems. With the use of SSL VPN portal, the remote user only requires a web browser such as Internet Explorer or Mozilla Firefox.

- The IPsec VPN client provides access on an IP level to all network resources without too much control at the application layer, where with the SSL VPN portal you are able to provide access to certain applications, provide posture checking services such as ensuring remote clients are compliant before allowing them access and including other tools such as the use of virtual desktop functionality for very secure environments

- IPsec can be used for site-to-site or remote access VPN connectivity where SSL VPN is mainly used for remote access only.

If you are looking to buy a dedicated VPN solution, here is list of SSL VPN vendors.

Further Reading

Wikipedia's guide to SSL