Access your Pro+ Content below.
Tunnel vision: Choosing a VPN -- SSL VPN vs. IPSec VPN
This article is part of the August 2003 issue of Information Security magazine
If your organization is among the many that have struggled with the administrative headaches and costs of IPSec VPNs, going "clientless" sounds compelling. Given the demand for secure, easy, anytime/anywhere remote access for travelers and home office workers, the surge of interest in SSL/TLS-based VPNs isn't surprising. The key is deciding when to use IPSec and when to use SSL. It's not that one is right and one is wrong. IPSec and SSL VPNs both solve the problem, but SSL was a more tailored fit for us. Doug Torre Catholic Health System of Western New York "It's not that one is right and one is wrong," says Doug Torre, who is rolling out Neoteris SSL VPNs to give 500 doctors and clinicians remote access to medical applications and patient information for Catholic Health System of Western New York in Buffalo. "IPSec and SSL VPNs both solve the problem, but SSL was a more tailored fit for us." Torre still uses IPSec VPNs for site-to-site connections, such as connecting remote sites to the core network. In choosing an SSL VPN ...
Features in this issue
Choosing a VPN has become a complex undertaking. Lisa Phifer examines how SSL VPNs match up with their older IPSec cousins.
A global minerals firm seeking secure remote email tested other systems before choosing an SSL VPN.
Today's SSL VPNs address a single problem: secure remote access. Will that be enough to sustain the vendors in this market? History offers some clues.
Lisa Phifer separates the truth from fiction about VPNs.
Today's attacker can be anywhere, meaning network perimeter defense alone is futile. Change your thinking, and your tactics.
Columns in this issue
Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear.