SSL on the other hand is simple and straight forward - Excellent authentication to get the process going, including client side certificates if you want to get ambitious, seamless negotiation of the encryption to be used during the session, and all the necessary bits and bobs to protect against the evil man-in-the middle, and all built into the users PC when they start their browser!
The real benefit of the SSL VPN is that it uses the ubiquitous browser that is found on virtually every machine today. Regardless of how limited one's IT know-how might be you would be hard pressed to find a user who has not used the browser.
So just imagine that you believed what was written on the tin, and then found that it wasn't there when you opened it. Well you may end throwing your tin back at the vendor who sold it to you, but as far as you're users go, the browser is still the browser. Imagine carrying out several IPsec pilots with different vendors. Each time you did so you would be removing and reinstalling client software. The beauty of the SSL approach is you can test as many vendors as you like, and although they all differ in some ways, and some offer less functionality than others, they all have one thing in common - their "VPN client" is the browser!
Oh Yes - the Peripheral Issues
Whatever it is that comes on the market today, and revolves around security, whether it be anti-virus, authentication tokens, personal firewalls, secure desktops, you name it; all these products are designed to work with a particular application called the browser. Is there a more secure foundation on which to build your secure access infrastructure than the browser, and you can tell your management you've already deployed it! Nothing stands still in this industry and SSL VPNs are accelerating remote access in ways that we could not even imagine two or three years ago. Suggest you check it out.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.