Guide to SSL VPNs

847 KB | 3 files |  DOC, PDF

Secure Socket Layer (SSL) Virtual Private Networks (VPNs) are a great way to facilitate secure remote access to your network. This guide covers the basics of SSL VPNs and will help you evaluate this technology.

Secure Sockets Layer (SSL) virtual private networks (VPN) provide secure remote access to an organization's resources. A VPN is a virtual network, built on top of existing physical networks, that can provide a secure communications mechanism for data and other information transmitted between two endpoints. Because a VPN can be used over existing networks such as the Internet, it can facilitate the secure transfer of sensitive data across public networks. An SSL VPN consists of one or more VPN devices to which users connect using their Web browsers. The traffic between the Web browser and the SSL VPN device is encrypted with the SSL protocol or its successor, the Transport Layer Security (TLS) protocol. This type of VPN may be referred to as either an SSL VPN or a TLS VPN.

This guide uses the term SSL VPN. SSL VPNs provide remote users with access to Web applications and client/server applications, and connectivity to internal networks. Despite the popularity of SSL VPNs, they are not intended to replace Internet Protocol Security (IPsec) VPNs.1 The two VPN technologies are complementary and address separate network architectures and business needs. SSL VPNs offer versatility and ease of use because they use the SSL protocol, which is included with all standard Web browsers, so the client usually does not require configuration by the user. SSL VPNs offer granular control for a range of users on a variety of computers, accessing resources from many locations.

This publication discusses the fundamental technologies and features of SSL VPNs. It describes SSL and how it fits within the context of layered network security. It presents a phased approach to SSL VPN planning and implementation that can help in achieving successful SSL VPN deployments. It also compares the SSL VPN technology with IPsec VPNs and other VPN solutions. This information is particularly valuable for helping organizations to determine how best to deploy SSL VPNs within their specific network environments.

The attached Zip file includes:

Intro Page.doc

  • Cover Sheet and Terms.doc
  • Guide to SSL VPNs.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology» | Visit National Institute of Standards and Technology »
Related IT Downloads

Mobile45 Vetting the Security of Mobile Applications

The purpose of this document is to help organizations understand the process for vetting the security of mobile applications, plan for the implementation of an app vetting process, develop app security requirements, and understand the types of app vulnerabilities and the testing methods used to detect those vulnerabilities. ...  More >>

mobile30 Guidelines on Mobile Device Forensics

This guide provides an in-depth look into mobile devices and explains technologies involved and their relationship to forensic procedures. ...  More >>

HealthCare01 Wi-Fi Enabled Healthcare

This excerpt from chapter 6 looks at the use of Wi-Fi-enabled mobile medical devices in health care settings. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.