This history of VPN explains why traditional virtual private network solutions proved disadvantageous for businesses and how the advent of newer VPN technology has created more secure and
simpler-to-deploy solutions for wide area networks (WANs) and remote users.
A history of VPNs
Fifteen years ago, virtual private network (VPN) access was a fairly new concept to most businesses. While large corporations already had a good head-start with VPN technologies, the rest were starting to realize the potential and possibilities VPN connections provided them. Vendors such as Cisco, Checkpoint and Microsoft began producing a variety of products that provided VPN services to the business. Today, VPN is considered a standard feature in any serious security- and router-related product and is widely implemented throughout most companies.
Early VPN products required -- as many still do -- their own client, which is usually installed on the remote workstation that needs access to the local network. The encryption methods and supported protocols made them either a very good choice or simply a very bad one because it could be easily compromised. For example, Point-to-Point-Tunnel-Protocol (PPTP) was an extremely popular VPN solution, but it did not provide adequate security because of its weak encryption (GRE tunnels) and simple authentication methods (MS-CHAP). Today, IPsec-based VPNs are a standard. Using the IP Protocol Security and a number of other relative protocols, they provide adequate security and encryption to ensure that a session is secure and properly encrypted. VPN clients should be preconfigured by IT (usually a network administrator or a security engineer) with the necessary details, so that all end users need to do is launch the VPN program and enter credentials. Once credentials are verified, users are granted access to the company's network and all associated security polices (such as access control lists) are applied.
History of VPNs: The disadvantages
We would dare say that until recently (within the last five years), one of the major disadvantages of VPN solutions was the fact that their vendors would, in most cases, support only their own VPN client, making the product usable only with their software -- a major drawback for most companies. Another problem with VPN clients is the fact that they usually support specific operating systems. For example, many vendors provide VPN clients for Windows-based operating systems, but few support 64-bit operating systems! Linux and Unix systems are usually out of luck when it comes to vendor-based VPN clients, but thanks to the open source community, solutions are readily available. These are just a few of the problems VPN users and administrators face. Getting access to your corporate VPN in most cases requires custom ports to be open through the firewall that's in front. Hotels and public hotspots usually block these ports and allow only very specific protocols to pass through, such as HTTP, HTTPS, POP3, SMTP and others.
Web SSL VPN has changed all that. As the name implies, Web SSL VPN is a fairly new (the last five years or so) breed of VPNs, moving in a direction completely different from the one most vendors have been used to.
Continue learning about SSL VPN in this Introduction to Web SSL VPN, or skip to the sections of this VPN series you are interested in, using the table of contents below:
TABLE OF CONTENTS
About the author: Chris is the founder and senior editor of Firewall.cx -- one of the few websites recommended by Cisco Systems in its world class Cisco Academy program. Firewall.cx is also the only official Cisco Press reviewer in the world. Today, www.Firewall.cx with over 1,500,000 page views per month, is amongst the most popular and respected network portals in the world, covering Cisco networking, security VPN, routing, switching and VoIP Call Manager Express technologies. Firewall.cx analyzes over 450 topics, with over 35,000 answered forum questions and offers free Cisco training via their world-first free Cisco lab.
This was first published in April 2010