Best of 2006: SSL VPNs

The range of SSL virtual private network (VPN) products indicates that the genre is maturing rapidly.

The benefit of SSL VPNs is that there is no special client required. Users connect through a browser and set up an SSL session that provides an encrypted TCP mode. The time to use this type of approach is when you have moderate security requirements for a large or an uncontrollable community of users. An example would cover moderately secure customer connections to assets over the internet. A customer community falls into both the large and uncontrollable community, because you have no idea who your customers might be.

A common misconception about SSL VPNs is that they provide access control as well as confidentiality. They do not. SSL packets authenticate to the packet stream, not the application or device. This ensures that the entire stream is encrypted, but says nothing about whether the user is allowed to access the asset. That authentication requires additional capability, such as some sort of multifactor authentication, ID/password or certificate scheme.

So, to sum up, today's crop of SSL VPNs is, in general, quite competent. There is likely to be a product for you, but be sure that your application is appropriate for the genre. Not all remote VPN access is a good match for SSL.

SonicWall SSL VPN 2000 
Vendor: SonicWall 
Verdict: The SonicWall VPN is a feature-laden powerhouse.


Caymas 318 
Vendor: Caymas Systems 
Verdict: This is a solid product with excellent support at a rather high price.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.