A Crash Course in SSL VPN
Sophisticated SSL VPN products can provide nearly all the functionality of an IPSec VPN.
An article on Windows IT Pro provides an in-depth overview of SSL VPNs. Included is an explanation of how these products work, vulnerabilities associated with SSL VPNs that are not properly deployed, and the pros and cons of hardware-based and software-only SSL VPNs. The four main varieties of SSL VPNs simple gateway, hybrid gateway, multifunction gateway, and multifunction-hybrid gateway are also described.
"VPN technology began as a complex replacement for dedicated private data circuits between distant networks. The idea was to eliminate expensive monthly telecom fees by sending private data through virtual tunnels across the Internet. The tunnels are encrypted for security, making them nearly as secure as private links at practically zero recurring cost. These savings offset the considerable one-time effort necessary to set up a VPN, which requires dedicated hardware, tedious configuration, and arranging transit for VPN-specific IP protocols across the enterprise firewall. "Today, VPNs are the de facto standard for interconnecting private networks. They work very well for network-to-network interconnections. Alas, the complexity of traditional VPN technology has only increased, as VPN products try to serve other applications, including dial-up users, broadband, and wireless. The number of configurable options has exploded, making VPN configuration an ordeal even for experienced network engineers. Individual remote users must install special client software that can interfere with normal network operation and is itself complicated to configure and operate. Worse, some ISPs block VPN protocols, such as Cisco Generic Routing Encapsulation (GRE) and Layer 2 Tunneling Protocol (L2TP), charging an additional 'business class' fee to use them."