Find White Papers
Home About Contact Help
Free Membership Member Login
Oct 12, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

The SSL VPN Buyer's Guide

Aventail
By : Aventail
INFORMATION
Published : Jun 21, 2006
Length : 5
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :
The SSL VPN Buyer's Guide describes the 20 most important purchase requirements and 37 crucial questions you should ask before choosing an SSL VPN vendor. For example, at a minimum, your SSL VPN provider should offer security policy enforcement, support for access to any Web or client-server application, as well as any network and device, flexible and scalable policy management, and end user and IT ease-of-use to ensure productivity.
View All Items By This Company
Browse Related Categories :

IPSec

,

Network Security

,

Remote Access

,

Remote Network Management

,

SSL

,

Tunneling

,

VPN
 
SSL VPNs are rapidly becoming the remote access solution of choice for many organizations. Marketplace issues are driving the need for clientless access, proven security, easy deployment, and simpler administration than IPSec VPNs can offer. In fact, a recent Forrester Research report, "SSL VPNs Poised for Significant Growth", noted that 44 percent of North American businesses have adopted SSL VPN technology.

Before choosing an SSL VPN, you'll want to understand the business and technology benefits of using an SSL VPN for everywhere secure access. You'll also want to recognize the true differences between each of the SSL VPN vendors and their products. This guide provides six tips for choosing the right SSL VPN, as well as essential evaluation criteria to determine the right remote access solution for your enterprise.

Remote Access Trends

Businesses respond to economic pressures and industry developments
- Workforce mobility. Employees, business partners, and customers require secure anywhere access to network resources, preferably with an in-office desktop experience.
- Proliferation of access options. While managing a growing array of mobile devices, IT departments cannot possibly control the myriad end points and environments through which users access the network. Administrators must enforce policy based on the level of trust for the user, the device, and the access environment.
- Continued scrutiny of expenditures. Enterprises are seeking low-cost solutions that integrate seamlessly with existing resources and can scale to accommodate growth.
- Compliance requirements. Businesses need solutions that provide enhanced security options for sensitive corporate information.

Clientless SSL VPN technology offers unique attributes for remote access
- Easy access via any Web browser. With no clients to load and manage, SSL VPNs simplify access to the corporate network. Users can log in securely through their Internet browser for clientless access.
- Strong security foundation. The Secure Sockets Layer protocol protects all data traffic using encryption and authentication to keep communications private between two devices, typically a Web server and a user's computer.
- Focus on mobility. SSL was designed to secure the HTTP protocol for Web-based communications at the application layer. Highly granular access control enables users to safely access specified resources from many places and devices, even for anywhere Voice over Internet protocol (VoIP) communications and from high-risk kiosks, personal devices of all types, and even smartphones.

Enterprises realize the benefits of SSL VPN technology over that of IPSec VPNs
- Increased productivity, because SSL VPNs work in more wired and wireless environments?from devices such as home PCs, kiosks, and all types of mobile devices, including Symbian, Windows Mobile, Palm, i-mode (including DoCoMo), and WAP (including Blackberry) devices.
- Lower costs, because SSL VPNs are clientless and reduce management and support calls.
- Increased security suited for remote access, because SSL VPNs provide granular access and end-point control.

Remote Access Technologies

IPSec VPN: This technology assumes that the end point is secure and authorizes users unless otherwise restricted, which does not prevent a user from unwittingly entering the network with a virus or keystroke logger. IPSec VPNs have not proven effective in connecting a wide variety of networks because they demand changes in configuration with each connection. IPSec VPN solutions also can't provide granular access because they lack application-layer support.

SSL VPN: This technology restricts end-user access to any given resource unless authorized. As a result, SSL VPNs are more secure because they enforce extremely granular access control; all users, regardless of location, must be granted explicit permission to access specific network resources. Read the "SSL VPN Technical Primer" to gain a deep understanding of the intrinsic differences and advantages of these two technologies.

KEY QUESTIONS YOU SHOULD ASK VENDORS:

What applications and environments does your SSL VPN support? Can you prove it?

Can your SSL VPN provide access to client/server applications or those using VoIP?

Getting Started

To find the right remote access solution, invest the time to learn about available industry options. First, it's important to understand the technological differences between IPSec and SSL VPNs, briefly described at left. The next step is researching vendors and their solutions and support options. This document identifies, describes, and prioritizes selection criteria for choosing the right SSL VPN.
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map