Traditional encryption-based VPNs utilized
With the advent of Web-based applications, the explosion of SSL to support Web-based security is not as surprising as it would seem. SSL has been around for quite some time, but is just now gaining traction in the marketplace (in the last two years).
The expansion of SSL has lead to VPN products offering multiple features and functionality to the enterprise. VPN gateways can now be categorized into four different categories based on the feature set supported by each. The four categories are as follows:
- SSL VPN gateway: SSL VPN, access control, access policy and client-audit capabilities
- Hybrid VPN gateway: SSL and IPSEC and access policy
- Multi-function VPN gateway: SSL, IPSEC and application and network-level security
- Multi-function hybrid VPN gateway: Combination of 2 & 3
Each of these classes of VPN gateways offers different levels of capabilities and control. Based on your enterprise-specific needs, one of these should provide the level of security you require.
The explosion of Web-based applications has created a requirement for SSL as a VPN technology to support secure data transfers across public or unprotected networks. The vendor community has responded by developing application-aware VPN gateways capable of supporting access control, security policies and network security within the VPN gateway itself. This supports secure access into the enterprise via a "gateway" technology that serves as a single threshold between protected assets and unwanted users or viruses.
Robbie Harrell (CCIE#3873) is the National Practice Lead for Advanced Infrastructure Solutions for SBC Communications. He has over ten years of experience providing strategic, business and technical consulting services. Robbie resides in Atlanta, and is a graduate of Clemson University. His background includes positions as a Principal Architect at International Network Services, Lucent, Frontway and Callisma.
This was first published in January 2006