The most basic question about SSL – and how to answer it

The most important question to ask when buying Secure Sockets Layer remote access gear is whether you actually need it.

The fact that it requires just a Web browser to make secure connections to corporate networks possible over the Internet is the overriding draw, but it’s not a blanket answer for all business connectivity over the Internet.

For example, if you plan only building-to-building connections, you want IPSec. SSL vendors have no site-to site support.

If you have users who need full network access, such as administrators, IPSec is again probably the way to go.

But if you have business partners who need access to just a few resources, or employees to whom you want to extend remote access to e-mail and corporate intranet data, then SSL may be the better choice. 

Once you embark on SSL as a technology, you have to compare competing products, as was noted in one of last week’s newsletters, which included a list of 10 questions to ask. In response to that newsletter, many of you wrote in with suggested questions of your own. Some of the responses overlapped with last week’s questions, so I culled them and came up with this supplemental list. If you have more, send them in and help out your fellow readers. Thanks.

* What range of applications does the device support without requiring Java or Active X downloads to the client browser?

* Can two of the SSL remote access gateways be tied together and fail over if one dies?

* Does the vendor have any other customers with a network the size of your proposed installation?

* Does the SSL system check the client machine for spyware that may be able to capture all data sent to and received from the client and the secure server, including network addresses, IDs and passwords?

* Does the vendor offer global, 24-hour support?