Q&A: SSL VPN Security
by Mirko Zorz - Monday, 28 July 2008.
Max Huang is the founder and Executive Vice President of O2Micro and President for O2Security, a subsidiary company of O2Micro. In this interview he discusses the importance of SSL VPNs in the overall security architecture, the difference between IPSec and SSL VPNs as well as the future of SSL VPNs.

In your opinion, how important are SSL VPN appliances in the overall security architecture?

As remote access facilitators, SSL VPN appliances are an essential ingredient to implementing network security. Today’s businesses with operations (whether in-house or out-sourced) worldwide must enable increased productivity among its employees by providing access to the corporate data and tools for its mobile workforce, including the sales force and field service personnel, and the increasing numbers of employees who telecommute or require after-hours access to communicate with geographically dispersed operations.

SSL VPN appliances are also important to disaster-recovery planning and business continuity. Very often, natural calamities cause increased demands on IT infrastructure by affected and concerned customers – precisely when the companies’ employees are unable to respond. Businesses must quickly relocate critical functions to alternate locations (including employees working from home) and must expand IT capacity while ensuring security.

Secure remote access can be achieved both with IPSec and SSL VPNs. What are the benefits of using SSL VPNs over IPSec?

To connect to an IPsec VPN, an individual user must install corresponding IPsec client software. This places a major burden on the IT department during initial deployment, as well as for upgrades. Furthermore, IPsec technology cannot handle ‘NAT Traversal’; frequently end-users cannot connect easily using IPsec VPN from hotel rooms, or public locations such as airports and cafes. Similar problems exist when providing secure access to business partners (suppliers, resellers, customers, professional services like lawyers and auditors).

Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //