• Home
• Topics
• VPNs and WAN Security
• VPN design
• Are SSL VPNs secure enough for enterprise use?

Are SSL VPNs secure enough for enterprise use?

Requires Free Membership to View

Login



SearchEnterpriseWAN.com members gain immediate and unlimited access to breaking industry news, best practices for designing and managing Wide Area Networks, WAN Security, and more -- all at no cost. Join me on SearchEnterpriseWAN.com today!

Kate Gerwig, Editorial Director

• E-mail Address: 

By submitting your registration information to SearchEnterpriseWAN.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchEnterpriseWAN.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

The answer to this question is a typical security-type answer: It depends. Security frameworks differ in cost and complexity, and as such, the level of security should be adapted to the assets they are supposed to protect. The best approach would be to conduct a security audit to assess the level of risk related to the way company assets are being accessed or exposed. For the assessment, it is important to include all peers that participate in extranet-type communication.

On the server side, some of the assessment questions to answer would be:

• What systems are being accessed?
• How is access granted?
• Which assets are being accessed?
• What level of depth into the network is required for that type of access?
• What would happen if things go bad?
• What would this mean for the business?

 On the client side, the relevant questions to answer would be:

• What clients and client types will access the network?
• How will the VPN be used in terms of locations and access methods?
• What type and level of control do I want or need on the client side?

The client-side evaluation could potentially raise some red flags signaling that SSL VPN might not be the best choice due to the lack of client security, either from the browser or the client machine itself. A comprehensive assessment of all factors would highlight the potential weaknesses and reveals how relevant they may be to the network.

When choosing to use SSL VPNs, it is important not to overlook the level of client control which is one of the dangers of SSL VPN. It is suggested that security at the client end is a given, but even with endpoint protection, SSL VPNs are vulnerable from the client side. Client systems and browser applications should not be trusted blindly. Taking a proper management approach of the client and ensuring security and identity verification is vital to controlling who is coming inside the network.

There are two main scenarios that should make you think about using another type of VPN. First, if the security of your IT assets is a true concern and you will see a severely negative business impact if your data is exposed, lost or stolen. Second, if you want to exercise tighter client control to reduce your overall risk exposure or because of regulatory compliance reasons.

Email your VPN-related questions to editor@searchenterprisewan.com.

Dig Deeper

This was first published in December 2011

More from Related TechTarget Sites

• Networking
• Mobile Computing
• Telecom
• Unified Communications
• Networking Channel
• Networking UK
• Data Backup

• Networking

  • Overcoming wireless network interference in public venues

    In public venues, unplanned personal hotspots can cause wireless network interference. Wireless expert, Lisa Phifer explains how to overcome this and maintain Wi-Fi coverage.

  • Getting answers on HP OpenFlow and the HP 12500 data center switch

    At Interop 2012 we uncovered the latest on the HP 12500 switch and learned what the HP OpenFlow strategy is really about.

  • Application-aware networking flies under radar at Interop 2012

    At Interop 2012, clear signs emerge that application-aware networking is becoming a reality.

• Mobile Computing

  • Bringing BYOD to your enterprise

    Bring your own device (BYOD) can be a boon for both employees and enterprises, but clear policies and management tools are needed.

  • Meeting technical requirements for mobile health care deployments

    IT departments deploying mobile health care solutions must ensure that using mobile devices in health care settings doesn't violate federal laws or compromise security.

  • Making the call: Distributed antenna systems and in-building wireless

    Distributed antenna systems and in-building wireless solutions are two options to improve wireless cellular coverage within an enterprise facility.

• Telecom

  • Smartphone adoption spurs advanced services demand in Latin America

    Latin American smartphone adoption is more robust than North America's, and the consumers are more mobile-friendly than their peers in developed economies.

  • Need for wireless network upgrade is key AT&T/T-Mobile driver

    Rising demand for high-quality network service delivery will require operators to undertake a massive wireless network upgrade, driving deals like the AT&T/T-Mobile acquisition.

  • Video: ACG Research dissects telecom routing and switching market

    In this ACG Research HotSeat video, Managing Partner Ray Mota gives viewers a quarterly update on the telecom service provider routing and switching market.

• Unified Communications

  • Interop 2012: UC apps vendors must strive for interoperability

    Vendors are aware of and gradually responding to issues around multi-vendor UC strategies and UC interoperability, according to a discussion panel at Interop 2012.

  • Tackling virtual UC and VDI for the distributed enterprise

    Virtual UC applications are being deployed beyond the data center into the distributed enterprise and should be planned with virtual desktop infrastructure deployment.

  • Integrating cloud-based UC applications for the branch office

    As enterprises consider cloud-based UC applications for the branch office, they face integration issues between the cloud- and premises-based UC applications.

• Networking Channel

  • Partners learn to sell telemedicine solutions

    Selling telemedicine solutions can be an opportunity for partner growth, but it comes with its share of technology and skill set challenges to overcome.

  • Think you can't make digital signage sales?

    When video wall technology was expensive it was hard to sell. But selling digital signage has dropped in cost and many companies are now eager to replace static signs.

  • Cisco Partner Summit 2012: Support services, cloud and mobility reign

    At Cisco Partner Summit 2012, Cisco continues its attempt to improve business by refocusing its channel partner strategy with support services, mobility and cloud announcements.

• Networking UK

  • Cisco Live London: 40 and 100 GbE, souped up WLAN

    At Cisco Live London, Cisco launched 40 and 100 GbE switching, a souped-up 4-antenna WLAN access point, and a host of network virtualisation technologies.

  • UK Networkers should gear up for mobility implementations in 2012

    Companies are rethinking legacy tools to take advantage of what users get from having access to data and applications across all kinds of devices, according to TechTarget’s 2012 IT Priorities Survey.

  • Cloud gets vote of confidence from UK buyers in 2012 IT priorities

    The cloud is set to be a key investment area for UK buyers in 2012 with 30.5% of IT buyers pledging to spend on the technology, according to TechTarget’s 2012 IT Priorities Survey.

• searchDataBackup

  • Execs talk Backup Exec 2012, integrated appliances at Symantec Vision

    Our senior news director Dave Raffo attended Symantec Vision last week, and we have compiled his reporting for your convenience.

  • Run virtual machines from backup without first restoring them

    Find out how common it is to run virtual machines from backup without first restoring them in this Expert Response from Brien Posey.

  • CDP’s (continuous data protection) advantages in virtual server backup

    Find out the advantages CDP (continuous data protection) offers in backing up virtual servers in this Expert Response from Brien Posey.

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map