SSL VPN

A Secure Socket Layer Virtual Private Network (SSL VPN) lets remote users access Web applications, client-server apps, and internal network utilities and directories without the need for specialized client software. SSL VPN’s provide safe communication for all types of device traffic across public networks and private networks. All traffic between a Web browser and SSL VPN device is encrypted with the SSL protocol, or its successor protocol (TLS). SSL VPN’s solve the long standing frustrations found within both the traditional Wide Area Network (WAN) as well as IPSEC based VPNs. This ease of use quality allows for greater work efficiency, lowering costs and increasing employee and business practices. When properly used SSL VPN’s do not impact security network at all.

SSL VPN types

There are two major types of SSL VPNs:

• SSL Portal VPN — This type of SSL VPN allows for a single SSL connection to a website, through which a user can access a variety of private network services. The SSL VPN type is called a “portal” because it is essentially a single web page that leads to many other resources. Users can generally access this gateway using any modern browser, only requiring the identification and password provided by gateway service.
• SSL Tunnel VPN — This alternative type of SSL VPN allows a Web browser to securely access multiple network services that may not just be web-based, through a tunnel that is running under SSL. SSL tunnel VPNs necessitate a browser which can interact with and display active content increasing the versatility over just a simple SSL Portal VPN. Active content can mean anything from JavaScript to Flash based technology.

IPSEC VPN versus SSL VPN technology

Traditional VPN’s rely on IPSec (Internet Protocol Security) to tunnel between the two endpoints. IPSec works on the Network Layer of the OSI Model and must be managed deep within the actual OS network code, rather than within an software application. When connected through an IPSec VPN, the client computer is for all intents and purposes mimicking the qualities of terminal within the corporate network, allow to access anything an internal computer could. Most IPSec VPN solutions require either third-party hardware or software to be installed to interface with the network.

The main benefit of an IPSEC based VPN is the extra layer of security inherent to a system which requires specific and compatible hardware to run properly. This removes the ease of access that so often allows cyber criminals to attack exposed networks.

On the flipside, one of the cons is that it can be pretty heavy burden on a business to pay for and maintain the licenses for both the initial software installation, not to mention the tech support needed to maintain and update said software. This issue can be exacerbated even further if onsite installation isn’t always possible.

SSL is a common protocol and supported by most modern web browsers without any additional installations needed. At this point, an overwhelming majority of internet accessible computers already have the “client software” necessary to connect through an SSL VPN.

Another major benefit of SSL based VPNs is that they allow tunneling to specific applications, when network wide access is unnecessary. This is a great security and data safety feature. Not only that, but within the SSL framework, it is much easier to assign different administrative rights to users depending on the their seniority and access needs.

One of the benefits of SSL VPN can also be a hindrance when considering security. The fact that a VPN is simply accessed through a web browser means that only web based applications are useable within a the VPN without intensive technical customization, customization which defeats some of the benefits allowed by SSL VPNs. Another issue with SSL VPN’s relates to the inherent security of its terminal. Web browsers are susceptible to malware downloads, so a VPN with an open SSL terminal might have a chance of becoming infected. Not only that but the digital gateway of a webpage gives hackers a more direct line of sight for where to attack if they want to access sensitive information of any kind.

As VPNs in general become a much larger part of corporate and educational environments, simplifying and expanding the ease of use will become paramount. SSL VPN’s are useable by people with little to no computer literacy, are accessible from within any modern personal computer or device, and can be configured to be as secure as the IPSEC VPN protocol that preceded it. Businesses that can exist globally have access to a wider network of employees, and can expand securely without the overhead and knowledge required by more antiquated VPN technologies.