SSL VPN : Understanding, evaluating and planning secure, web-based remote access

More Information
Learn
  • How SSL VPN technology works, and how it fits into existing network architectures
  • Evaluating SSL VPN for your organization
  • Understand what to look out for when talking to vendors
  • How to plan an SSL VPN implementation for your business
  • Educate staff to maintain SSL VPN security
  • Strategies for providing access to internal legacy applications via SSL VPN
  • A heads-up on likely trends and possibilities for the future of SSL VPN

 

About

Virtual Private Networks (VPNs) provide remote workers with secure access to their company network via the internet by encrypting all data sent between the company network and the user?s machine (the client). Before SSL VPN this typically required the client machine to have special software installed, or at least be specially configured for the purpose.

Clientless SSL VPNs avoid the need for client machines to be specially configured. Any computer with a Web browser can access SSL VPN systems. This has several benefits:

  • Low admin costs, no remote configuration
  • Users can safely access the company network from any machine, be that a public workstation, a palmtop or mobile phone
  • By pass ISP restrictions on custom VPNs by using standard technologies

SSL VPN is usually provided by a hardware appliance that forms part of the company network. These appliances act as gateways, providing internal services such as file shares, email servers, and applications in a web based format encrypted using SSL. Existing players and new entrants, such as Nokia, Netilla, Symantec, Whale Communications, and NetScreen technologies, are rushing our SSL VPN products to meet growing demand.

This book provides a detailed technical and business introduction to SSL VPN. It explains how SSL VPN devices work along with their benefits and pitfalls. As well as covering SSL VPN technologies, the book also looks at how to authenticate and educate users ? a vital element in ensuring that the security of remote locations is not compromised. The book also looks at strategies for making legacy applications accessible via the SSL VPN.

Features
  • Understand how SSL VPN technology works
  • Evaluate how SSL VPN could fit into your organisation?s security strategy
  • Practical advice on educating users, integrating legacy systems, and eliminating security loopholes
  • Written by experienced SSL VPN and data security professionals

 

Page Count 212
Course Length 6 hours 21 minutes
ISBN 9781904811077
Date Of Publication 9 Mar 2005

Authors

Joseph Steinberg

Joseph Steinberg is CEO of Green Armor Solutions, an information-systems security product vendor specializing in technology that combats phishing, pharming, and online fraud. Prior to joining Green Armor, he spent more than four years with Whale Communications, one of the pioneers of SSL VPN technology. Earlier, he served in senior-management capacities at several product vendors and consulting firms, and worked in technical positions at Citibank and AT&T.

Mr. Steinberg's May 2003 article 'SSL VPN Security' introduced an awareness of critical security issues created by SSL VPN technology; since its publication, nearly every SSL VPN vendor has acted upon the concerns and recommendations made in the article.

Mr. Steinberg earned an M.S. in Computer Science from NYU, and holds a CISSP (Certified Information Systems Security Professional) credential as well as advanced certifications in IT security management (ISSMP) and architecture (ISSAP). He has lectured on topics related to IT Security and Management and is the author of numerous articles in various journals, magazines, and other publications. A recognized expert on IT security, he is also interviewed on a regular basis by media personalities and sits on panels discussing IT-security related matters.

Mr. Steinberg lives in the suburbs of New York City with his wife and two daughters.

Tim Speed

Tim Speed is an IBM Systems (IBM Senior Certified) Architect with IBM Software Services for Lotus (ISSL). In that capacity, Tim is responsible for designing, and implementing technical solutions our customers. He has been an IBM/Lotus employee for 16 years. He has been working with Notes for over 19 years focusing on messaging, security, and infrastructure. Tim has published a total of 10 books on various topics including Internet Security and Lotus Notes and Domino.