Remote Access for employees is an important use of the Web, but there are numerous other business purposes for which SSL-type connectivity can be utilized. Besides the obvious purpose of on-line commerce, SSL access can also be used for interaction with partners and customers. For example, equipment manufacturers may make available design information to companies 'OEMing' their technology, law firms may share documents with clients, medical insurance companies may offer remote access to medical-claim information (to patients, their lawyers, and other insurance companies), insurance companies may allow 401(k)-plan and IRA participants the ability to remotely manage retirement accounts held at their firms. All of these activities can be automated, and made more convenient for users, by leveraging the World Wide Web. Of course, in each case security and privacy are of paramount concern.
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
Overview of this book
Virtual Private Networks (VPNs) provide remote workers with secure access to their company network via the internet by encrypting all data sent between the company network and the user?s machine (the client). Before SSL VPN this typically required the client machine to have special software installed, or at least be specially configured for the purpose.
Clientless SSL VPNs avoid the need for client machines to be specially configured. Any computer with a Web browser can access SSL VPN systems. This has several benefits:
Low admin costs, no remote configuration
Users can safely access the company network from any machine, be that a public workstation, a palmtop or mobile phone
By pass ISP restrictions on custom VPNs by using standard technologies
SSL VPN is usually provided by a hardware appliance that forms part of the company network. These appliances act as gateways, providing internal services such as file shares, email servers, and applications in a web based format encrypted using SSL. Existing players and new entrants, such as Nokia, Netilla, Symantec, Whale Communications, and NetScreen technologies, are rushing our SSL VPN products to meet growing demand.
This book provides a detailed technical and business introduction to SSL VPN. It explains how SSL VPN devices work along with their benefits and pitfalls. As well as covering SSL VPN technologies, the book also looks at how to authenticate and educate users ? a vital element in ensuring that the security of remote locations is not compromised. The book also looks at strategies for making legacy applications accessible via the SSL VPN.
Table of Contents (14 chapters)
SSL VPN
Credits
About the Authors
Introduction
Free Chapter
Introduction to SSL VPN
SSL VPN: The Business Case
How SSL VPNs Work
SSL VPN Security
Planning for an SSL VPN
Educating the User
Legacy Data Access
The Future of SSL VPN Technology
A Review of TCP, IP, and Ports
SSL VPN Gateways
Customer Reviews