What if you are sitting in a hotel room, hundreds of miles away from your office and you need to access the intranet portal of your company? One of the solutions is to publish this portal on the web, so that all employees can access this application from anywhere. But often, there are multiple intranet applications used by different business groups of the company. Publishing all these applications directly on the web can expose the company to multiple security risks as they become accessible to everyone on the Internet. In addition, some of the applications may not be web-based.

The most common practice adopted by enterprises in such a scenario is to use a Virtual Private Network (VPN). The two most used forms of VPNs are IPSEC VPN and SSL VPN.

Key Advantages

While discussing the pros and cons of SSL VPN, we mainly compare it with the other predominant VPN technology, which is IPSEC (IP Security) VPN. IPSEC is an encryption protocol that works at the network layer.

• Unlike IPSEC VPN, SSL VPN doesn’t require installation and configuration of client software at the user end. You just need an internet browser to use SSL VPN. This in turn provides flexibility to use SSL VPN from any platform – Mac OS X, Windows, UNIX or any device like PC, Web-enabled phones, PDAs, etc.
• SSL VPN solutions provide granular access control for the application. One can define which user groups have what level of access on which all applications.
• SSL uses TCP port 443, which is normally already opened on the firewall. It also helps remote users when they are sitting behind other company’s firewall. IPSEC uses specific UDP ports; If not in use, these ports are blocked by the firewall.