SSL VPNs

Chapter 3 discussed IPsec VPNs, and Chapter 4 discussed PPTP and L2TP VPNs. All three of these VPN implementations provide network layer protection; they can protect traffic from the network layer and higher. However, one of their downsides is that they require special software to be installed on the client device, and possible user training on how to use the software.

Some companies want a solution that is more simple to use and more easy to maintain than the three I just mentioned. Secure Socket Layer (SSL) began as a protocol to protect web (HTTP) traffic between an end-user device and a web server. Normally, it is used to provide protection for online purchases and identity information at e-commerce sites such as Cisco Press and Cisco. However, many network vendors are leveraging SSL's capabilities and using SSL to implement VPN solutions. One main advantage that SSL VPNs have over the other three is that SSL VPNs require no VPN software, by default, to be installed on the user's desktop; a currently installed web browser is used. Using a web browser allows a user to access a central site securely from both corporate and non-corporate PCs. The remainder of this chapter will focus on the use of SSL for VPN implementations.