“Clientless VPN” technology is catching on as the term that describes products that serve as an alternative to traditional IP Security-based VPNs.These products come into play when an IPSec-based VPN has too much overhead, has too many proprietary extensions, is too expensive or is too limiting to solve the problem at hand. Case in point: An extranet-type VPN, with hundreds or thousands of companies participating, would be almost impossible to manage using off-the-shelf IPSec technology.Several vendors, including Aventail, Neoteris, Netilla, SafeWeb and TrueDisk, have introduced Secure Sockets Layer (SSL)-based VPN security gateways, while Check Point Software and Nortel have added SSL-based VPN service to their overall VPN products.The key to SSL-based VPNs is a client application available on everyone’s computer: the Web browser. An end user launches a Web browser and then connects, using HTTP-over-SSL, to the SSL security gateway. After the SSL gateway authenticates the user, it proxies the connection – typically using HTTP – to a Web server inside. One common application example is Web-based e-mail, such as Outlook Web Access (OWA), the Web front end to Microsoft’s popular Exchange mail system. By dropping an SSL-based VPN server in front of an OWA Web server, a network manager can add encryption, authentication and control without putting the additional load of SSL encryption directly on the OWA server.In this context, SSL-based VPNs not only encrypt the traffic passing over the Internet, but also keep the unwashed masses from having direct contact with an Internet Information Server. Some vendors have taken the idea of SSL-based VPNs even further by including protocol translators in their products. These gateway between the client-side HTTP-over-SSL and different protocols on the inside. This lets you browse your file system over the SSL VPN, for example.The security model used in SSL-based VPNs is weaker than the one used in IPSec. There are more opportunities for outside attack, the cryptographic model is not as robust, and the authentication is not as strong.Additionally, there are many applications that don’t work over SSL-based VPNs. But for many applications, an SSL-based VPN can provide sufficient security with almost none of the headaches of a full IPSec-based remote access product. Related content news Broadcom to lay off over 1,200 VMware employees as deal closes The closing of VMware’s $69 billion acquisition by Broadcom will lead to layoffs, with 1,267 VMware workers set to lose their jobs at the start of the new year. By Jon Gold Dec 01, 2023 3 mins Technology Industry Mergers and Acquisitions news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Network Management Software Network Management Software news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Certifications Certifications news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe