SSL Makes Comeback in VPNs | eWeek

SSL Makes Comeback in VPNs

Écrit par
Dennis Fisher
Dennis Fisher
Jun 24, 2002
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Long treated as the poor cousin of the encryption world, SSL is getting new attention as a protocol for simple, cost-effective VPNs.

In response to growing interest from IT managers, OpenReach Inc. and Aventail Corp. this week will announce virtual private network solutions that incorporate traditional IP Security and Secure Sockets Layer encryption.

The introduction of OpenReach AnyWhere represents a marked departure from the Woburn, Mass., companys longtime support of IPSec encryption as the best choice for VPNs. Company officials said customers have been asking for an SSL-based product for some time.

Since all major Web browsers include support for SSL, VPNs based on the protocol need no special client software. In addition, users can access corporate networks and applications from any machine with Web access.

AnyWhere enables administrators to provision users for SSL, IPSec or both. Remote workers using the SSL option have the same services available as IPSec users, including file sharing, access to e-mail and Web-enabled applications, and a single log-in for both SSL and IPSec access.

Server-side authentication is performed using digital certificates issued by either VeriSign Inc. or Entrust Inc. Client-side authentication goes through either a Remote Authentication Dial-In User Service server, an RSA Security Inc. SecurID token or the users local database.

The decision to include support for SSL was driven by customer demand for a more lightweight VPN, OpenReach executives said.

“For most users, SSL is fine. They dont need the client overhead,” said Mark Tuomenoksa, chairman and founder of OpenReach. “SSL is much faster than IPSec.”

AnyWhere, due late next month, will start at $10 per user, per month.

Seattle-based Aventail, one of the first developers to sell SSL-based VPNs, is now refining Aventail.Net Anywhere VPN and Secure Web Access offerings.

Version 5.0 of the VPN tool includes new functions that allow administrators to control how many networks remote users can be signed on to. This not only saves bandwidth costs but also can eliminate the problem of home users bringing viruses or other malicious code onto the corporate network.

Another new feature, dynamic application detection, can locate personal firewalls, anti-virus software and other applications that often interfere with VPNs. The new version of the Aventail.Net VPN can work in tandem with these products, so the administrator can then create a policy preventing users from using the VPN if they dont have firewall or anti-virus software installed.

Both products are available this week. They include updated directory integration supporting LDAP and Active Directory.

For Aventail customer Excelon Corp., of Burlington, Mass., the lure of SSL was anytime access to corporate data.

“The constraint for us was access to intellectual property,” said Rafael Rodriguez, CIO of Excelon, developer of database management software. “[SSL] is easier than IPSec, and it takes less work. And none of our client sites block SSL at the firewall.”

Related stories:

  • SSL Keys Coming Up Short
  • SSL Accelerator Handles Up to 10,000 TPS
  • Managed Security Services Take Hold
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.