Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    SSL VPNs Provide Better Protection

    By
    Dennis Fisher
    -
    November 3, 2003
    Share
    Facebook
    Twitter
    Linkedin

      Instead of developing technologies for buttressing the shaky security in some of the most widely used applications, a small but growing group of companies is turning to a new type of VPN for added security.

      Companies such as Neoteris Inc., Permeo Technologies Inc., Symantec Corp. and Cisco Systems Inc. are eschewing the use of traditional client software and developing new SSL (Secure Sockets Layer) VPN software in an effort to provide better security for their users.

      One of the main reasons for the push, according to officials at these companies, is logistics. Whereas the more widely deployed and better-known IP Security VPNs require companies to install client software on all their employees machines and set up a VPN concentrator on the back end, SSL VPNs have no such requirements.

      Instead, these systems enable users to log in via a standard Web browser, which typically connects to the enterprises back-end systems, giving users access to their corporate applications. The transmissions are encrypted via SSL rather than IPSec.

      Neoteris, based in Sunnyvale, Calif., is one of the leaders of the growing SSL VPN market. The companys Neoteris Access appliances are among the more widely deployed in the industry and have attracted the attention of officials at NetScreen Inc., which last month agreed to acquire Neoteris.

      NetScreen officials said the VPN product would be a good complement to NetScreens existing line of appliances. The boxes currently can include a variety of security functionality, such as firewall, IPSec VPN, denial-of-service protection and intrusion prevention. As part of the acquisition, all of Neoteris 160 employees will join NetScreen, and Krishna Kolluri, CEO of Neoteris, will become general manager of the SSL VPN business at NetScreen.

      “I believe this move can help increase customer adoption of SSL VPNs,” Kolluri said.

      Neoteris also brings its application security gateway technology to the new company. The gateway includes access management features that enable secure, Web-based single sign-on.

      Just days after NetScreen made its move into this arena, Symantec, based in Cupertino, Calif., followed suit. The company, best known for its consumer and enterprise anti-virus products, bought SafeWeb Inc. for $26 million. Like Neoteris, SafeWeb delivers its SSL VPN solution on appliances. Symantec plans to add this functionality to its Symantec Security Gateway product.

      Even router and switch vendor Cisco is poised to get in on the act. Sources say the San Jose, Calif., company is set to introduce its own SSL VPN solution within the next few months in an effort to solidify its growing presence in the security market.

      But some in the security industry say the move toward so-called clientless solutions is not always just about security; cost savings is also a factor.

      “I think total cost of ownership is important, too, and so is ease of use,” said Wei Lu, chief technology officer and co-founder of Permeo, based in Irving, Texas. “If you develop a client right, you can add a lot of value and security checks and sanitization. But most people dont do it right, so you constantly have to update the client software. Clientless is actually dangerous because youre using the worst client you have: the browser. Thats why we dont depend on [Microsoft Corp.] Internet Explorer anymore.”

      Permeos Application Security Gateway employs a novel strategy in which all the traffic between clients and the back end is transmitted over a private circuit that passes through the gateway appliance. The connection does not rely on the Internets IP infrastructure, so the application traffic goes through a preselected firewall port directly to the Application Security Gateway. The Permeo gateway then passes the request on to the application server.

      The traffic between authenticated users and the gateway is encrypted via SSL. The gateway then decrypts the traffic before handing it off to the application server.

      Permeos Lu said the company is developing a pure clientless VPN solution as well.

      Dennis Fisher

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×