|
Today's increasingly mobile workforce can now take advantage of ubiquitous broadband service, expanding wireless access, and a proliferation of Internet-enabled devices. These users expect access from everywhere-whether they're at home, in a hotel room, working from behind another company's firewall, at an airport kiosk, or at the neighborhood coffee shop.
Secure Sockets Layer (SSL) VPN technology is designed specifically to enable increased productivity for remote users by providing easy-to-use, secure access to applications and resources on your network while minimizing many associated risks and significantly lowering administration and support costs.
HOW TO USE THIS PRIMER
This primer explains the basics of SSL VPN technology and includes distinguishing factors between Internet Protocol Security (IPSec) and SSL VPN technologies. You'll learn why these two technologies, based on fundamentally different designs and methodologies, each serve specific use cases best.
The format of this primer is designed to help you quickly find the necessary answers to many common questions about SSL VPNs and to understand the many advantages of SSL VPNs for everywhere remote access. Armed with facts about the capabilities of existing offerings, you'll be well-prepared to make decisions regarding the remote access technology that best meets your company's specific needs.
More secure. More access. It's that simple.
WHAT'S DRIVING THE NEED FOR SECURE REMOTE ACCESS?
To maintain the level of productivity that today's workforce demands, more users are accessing more applications remotely than ever before. They are doing so from a broad range of devices and environments, including many that IT departments cannot control such as personal mobile devices, home PCs, and wireless hotspots. With limited resources, IT must accomplish all of the following:
- Provide remote access to multiple complex applications
- Reduce risks from increasing numbers of unmanaged access points
- Lower administration and support costs A growing number of companies are turning to SSL VPNs for their flexibility, ease of administration, and proven security.
Compared to an IPSec VPN, an SSL VPN offers:
- Increased productivity, because it works for a greater number of wired and wireless use cases- including home PCs, kiosks, PDAs, smartphones, and other unmanaged devices.
- Lower costs, because it is ?clientless?-reducing management and support calls.
- Increased security suited to remote access-by providing granular access controls and end-point control.
WHAT IS AN SSL VPN?
This remote access technology is a type of virtual private network (VPN) that offers greater security; the SSL protocol protects all traffic using encryption and authentication to keep communications private between two devices, which are typically a Web server and a user's computer.
- SSL was originally designed to secure the HTTP protocol for better-protected Web-based communications at the application layer.
- In the most simplified form, an SSL VPN is a reverse proxy that uses SSL for encryption and a sophisticated access control engine.
An Aventail SSL VPN delivers secure remote access for business communications. Native Access Modules provide easy access to Citrix applications andWindows Terminal Services.
HOW DOES AN SSL VPN WORK?
From any Internet browser, a user connects to the SSL VPN appliance and, after valid authentication, gains access to the applications and resources for which he or she has access privileges. Access can be proxied, so there is never a direct connection to the network. In addition, this access occurs at the application layer, not the network layer, which enables finely grained access control. The entire data stream is encrypted using SSL.
WHAT IS AN IPSEC VPN?
This suite of protocols provides security for IP traffic at the network layer. Internet Protocol Security (IPSec) VPN technology is predicated on the existence of a trusted relationship between networks or between users and a network and defines how to provide data integrity, authenticity, and confidentiality across a public network such as the Internet. It accomplishes these goals through tunneling, encryption, and authentication, but allows enterprises to select the specific security policy appropriate for their business.
- IPSec VPN technology was originally developed to protect data communication between private, trusted networks over the Internet.
- IPSec solutions were later extended to protect data communication between mobile workers gaining remote access to a company's internal network in a more efficient manner than legacy dial-in methods.
|
