中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeInformation, Computer and Network SecurityBasic Security Technologies

SSL VPN: Secure Socket Layer Virtual Private Network

Secure Socket Layer (SSL) Virtual Private Network (VPNs) can provide secure and private communications for any types of traffic between the devices equipped with the same SSL technologies across a public network such as the Internet. A competing technology of the SSL VPN is the IPsec VPN. Actually, SSL is best used as the remote access and mobile access VPNs while IPsec is the best to create VPNs among fixed sites.

Using an SSL VPN, the connection between the remote user and the internal resource happens via a Web connection at the application-layer, as opposed to IPSec VPNs' open tunnel at the network-layer. The use of SSL is ideal for the remote and mobile user because:

  • SSL does not need to be downloaded onto the device being used to access corporate resources.
  • SSL does not need to be configured by the end user.
  • SSL is available wherever there is a standard Web browser, which exist on any computer and many mobil e devices.

SSL provides digital certificatebased client and server authentication, integrity checking, and confidentiality. SSL provides transport-level confidentiality through secret key cryptography, and key management and authentication through public key cryptography. The RSA handshake (or DH) is used in SSL VPN exactly as IKE in IPSec, and the SSL crypto library is used to secure the symmetric tunnel after that . B oth SSL VPN and IPsec VPN offer support for leading encryption, data integrity and authentication technologies such as 3-DES, 128 bit RC4, AES, MD5 or SHA-1.

SSL/TLS, a technology originally created by Netscape Communications, is popularly used for secured communication of web traffic (HTTPS). SSL /TLS is increasingly used to secure non-web application protocols (such as SMTP, LDAP, POP, IMAP, and TELNET). When used as a VPN technology, SSL can carry any TCP traffic, and some can handle UDP as well. Because SSL is a transport-layer service, an SSL VPN has the advantage of being able to apply this access control at transport- and application-layers, providing greater granularity of control.

Secure Socket Layer Virtual Private Network

SSL VPN: Secure Socket Layer Virtual Private Network

Related Terms: Tunneling, IPsec, SSL, TLS, PPTP, L2TP, L2F , SOCKS 5, Encryption, Encapsulation , MPLS VPN, IPsec VPN

‹ Sieve: An Email Filtering LanguageupTrusted Computing Technologies ›