* Help Desk columnist Ron Nutter helps a user differentiate between IPSec- and SSL-based VPNs Nutter helps a user differentiate between IPSec- and SSL-based VPNsManagement is finally listening to my concerns about securing any external access to the network. They understand that some additional software may be necessary on remote PCs accessing our network and that some training may be needed by remote users as well as the staff administering the VPN system. In doing research on the best system to purchase for our needs, I have seen two – one that mentions the use of IPSec and the other, an SSL-based VPN. Which is best?VPN. This can use up to Triple-DES encryption to secure the communications from the remote users to your network. This requires that software be installed on remote users’ machines. This can add additional steps users must take before gaining access to your network. Examine different vendors’ solutions in this area and you should be able to find one that will allow you to send a CD or floppy with a scripted install that would require little to no input from the user during the installation process.– Via the InternetThe IPSec-based VPN is what you might think of as the “conventional”-type When implementing this type of solution, you may want to think about mandating some type of software policy for remote users that requires you be notified of software before it is installed on machines or that your department does the installation. While this may seem like unnecessary overhead, it can help you catch a problem before it becomes an issue. I have seen situations where seemingly “innocent” software, such as some of the game simulation packages or drivers for some multifunction printers (i.e. printer/copier/scanner), has caused the VPN software to stop working.The other VPN solution using SSL doesn’t require any software installation on remote PCs. Since this option uses a Web browser and an SSL connection to establish the connection, you will need to look at what resources users need to access to know if this will work. Since you won’t be able to map any drives directly (unless the SSL VPN vendor has included additional functionality in its product), you’ll be limited to whatever Web-based applications your company is currently using. This type of remote access can be cheaper to implement and/or operate than its IPSec counterpart but with tradeoffs that may limit how well it can address your remote access needs. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe