Q

What tools can limit users' acess to applications and network resources?

In this expert Q&A, Joel Dubin explains how SSL VPNS can limit outsider access to applications and network resources.

I have SharePoint sites that are being accessed by the public (vendors, consultants, etc). They require an account in Active Directory for authentication. Can you suggest how to set the accounts so that on-site users cannot log in to the network?
It almost sounds like an SSL VPN would do the trick. An SSL VPN creates a secure tunnel over an HTTP connection. Unlike an IPsec VPN, which is a hardware product configured on a specialized router, an SSL VPN is a Web-based application.

Another key difference between the two VPNs is that an IPsec VPN connects a client, or workstation, to a network. An SSL VPN connects an individual user to an application. The SSL VPN can be finely tuned to only allow outside vendors and consultants access to specific applications, rather than the whole network.

Two well-known vendors of SSL VPNs are Juniper Networks Inc. and Aventail Corp.

Alternatively, you could set the group policy objects (GPO) within Active Directory for outsiders logging in. GPOs can be set to limit specific users' access to network resources, while allowing access to specific files containing the applications they need.

Either approach -- the SSL VPN or setting the GPOs -- can provide you limited access requirements.

More information:

  • Read a book chapter on VPNs and encryption.
  • Learn the costs of maintaining a VPN.
  • This was first published in December 2006

    Dig deeper on IPsec VPN Security

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close