Access your Pro+ Content below.
VPN fast facts: True or false?
This article is part of the August 2003 issue of Information Security magazine
SSL VPNs are inherently less secure than IPSec VPNs. False. While they differ architecturally, both VPNs can be deployed securely -- or poorly. Security builds upon standards and products that implement them, but ultimately depends upon appropriate deployment and sound policy definition. Also see Read Lisa Phifer's cover story: Tunnel vision: Choosing a VPN -- SSL VPNs vs. IPSec VPNs SSL VPNs can be used anywhere that IPSec VPNs can be used. False. IPSec is generally considered a better solution for site-to-site VPNs, where it better satisfies broad application needs and performance demands. SSL is better suited in scenarios where VPN administrators have no control over client software installation, such as extranet collaboratives or nonwork computers (kiosks and homes). SSL VPNs are suitable for enterprise-class deployment. True. Some SSL VPN gateways are designed for large-scale deployment. They support high user volume, encryption via hardware acceleration and redundancy through failover and load balancing. Many argue that...
Features in this issue
Choosing a VPN has become a complex undertaking. Lisa Phifer examines how SSL VPNs match up with their older IPSec cousins.
A global minerals firm seeking secure remote email tested other systems before choosing an SSL VPN.
Today's SSL VPNs address a single problem: secure remote access. Will that be enough to sustain the vendors in this market? History offers some clues.
Lisa Phifer separates the truth from fiction about VPNs.
Today's attacker can be anywhere, meaning network perimeter defense alone is futile. Change your thinking, and your tactics.
Columns in this issue
Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear.