What is SSL VPN (Secure Sockets Layer Virtual Private Network)?

You have probably heard about SSL VPN and may wonder what it is. In essence, an SSL VPN is a sort of VPN that can be used with a standard Web browser. While traditional Internet Protocol Security (IPSec) VPN requires the installation of specialized client software on the computer of the end user, an SSL VPN doesn’t need this. With an SSL VPN, it is possible to give remote users access to Web applications, client/server applications and internal network connections.

VPN, as you may know, stands for Virtual Private Network and this technology offers a secure communication system to transfer data and other information between two endpoints. There may be one or more VPN devices within an SSL VPN to which users connect to, using their web browser. To protect the traffic between the Web browser and the SSL VPN device, it is encrypted with the SSL protocol or Transport Layer Security (TLS) protocol.

One of the advantages of an SSL VPN is that it is very stable. In addition, it is easy to use and it provides greater control for a selection of users on multiple computers, accessing resources from multiple locations. Here you can find two main types of SSL VPNs:

SSL Portal VPN: This kind of SSL VPN supports a single SSL connection to a web site so the end user is able to securely access multiple network services. The site is known as a portal since it is one door (a single page) that provides access to many resources. The remote user can access the SSL VPN gateway using any modern Web browser. Then the user identifies themselves to the gateway using an authentication method supported by the gateway. It is presented with a Web page that works as the portal to the other services.

SSL Tunnel VPN: This is a type of SSL VPN that allows a Web browser to access multiple network services in a secure way. This includes applications and protocols that are not web-based and that can be accessed through a tunnel that runs under SSL. SSL tunnel VPNs requires the web browser to be able to manage active content. This allows them to provide functionality that can’t be accessed to SSL portal VPNs. Some examples of active content that we can cite are: Active X, Java, JavaScript or Flash applications or plug-ins.

We hope this has helped you to understand what SSL VPN is so if you see it mentioned again, you will have a better idea of what it means.