Designing and Building SSL Remote Access VPNs (WebVPN)

Providing remote access VPN connectivity is a relatively new application for the Secure Sockets Layer (SSL). SSL was designed to secure TCP-based protocols and applications such as HTTP (HTTPS), FTP (FTPS), POP3 (POP3S), and SMTP (SMTPS).

SSL is built in to most, if not all, web browsers, and this fact allows the deployment of SSL remote access VPNs without the requirement to install specific client software on remote user workstations or devicesonly a web browser is needed for basic (clientless) SSL remote access VPN connectivity.

Although clientless SSL remote access VPNs provide a basic level of access, more comprehensive access can be provided through the use of the Cisco SSL VPN Client. This software provides users with remote access VPN connectivity that is comparable to that provided by IPsec or Layer Two Tunneling Protocol (L2TP)/IPsec.

Figure 10-1 illustrates SSL remote access VPNs.

Figure 10-1. SSL Remote Access VPNs

In Figure 10-1, remote access users at an Internet café, airport Internet kiosk, and a hotel access the corporate network using variously HTTPS, POP3S, SMTPS, and port forwarding (TCP-based application traffic redirected over SSL). A telecommuter accesses the corporate network using the Cisco SSL VPN Client.

In this chapter, you will learn how SSL remote access VPNs compare to other types of remote access VPN. You will also find out the characteristics of SSL remote access VPNs, as well as how to design and implement them to provide exactly the type and level of functionality required.

Finally, you will learn how to properly secure SSL remote access VPNsa very important consideration, particularly when users may be accessing the corporate network from untrusted locations such as Internet cafés and airport kiosks.


Part I: Understanding VPN Technology

What Is a Virtual Private Network?

Part II: Site-to-Site VPNs

Designing and Deploying L2TPv3-Based Layer 2 VPNs

Designing and Implementing AToM-Based Layer 2 VPNs

Designing MPLS Layer 3 Site-to-Site VPNs

Advanced MPLS Layer 3 VPN Deployment Considerations

Deploying Site-to-Site IPsec VPNs

Scaling and Optimizing IPsec VPNs

Part III: Remote Access VPNs

Designing and Implementing L2TPv2 and L2TPv3 Remote Access VPNs

Designing and Deploying IPsec Remote Access and Teleworker VPNs

Designing and Building SSL Remote Access VPNs (WebVPN)

Part IV: Appendixes

Designing and Building SSL Remote Access VPNs (WebVPN)

Appendix B. Answers to Review Questions



Comparing, Designing, and Deploying VPHs
Comparing, Designing, and Deploying VPNs
ISBN: 1587051796
EAN: 2147483647
Year: 2007
Pages: 124
Authors: Mark Lewis

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net