Security Basics mailing list archives
Re: Clientless VPN (SSL VPN) vs HTTPS
From: Joe <bitshield () gmail com>
Date: Sat, 12 Aug 2006 09:43:26 +0200
Hello There are various ways to implement SSL-VPNs. The simplest one is accessing HTTP based services using a browser. In such an implementation there is not much difference from accessing an HTTPS website directly. In the SSL-VPN scenario, the browser connects to the SSL-VPN gateway using HTTPS. The SSL-VPN gateway then acts as a reverse proxy to the HTTP based service. So the main difference between normal HTTPS access and a simple SSL-VPN access is basically just that you access the resource over a reverse-proxy that is able to talk SSL. However, there are more sophisticated ways to implement SSL-VPNs. You can for example implement port-forwarding or even tunnel all kind of IP traffic. Those techniques, however, do not have much similarity to HTTPS base access. Regards Joe On 8/11/06, harbinger <bluetooth995 () gmail com> wrote:
Hi These days SSL VPN has been the alternative to the tradition IPsec VPN, particularly for users that require only email access. However, what is the different in implementing SSL VPN - which essentially means allowing only webbased traffic i.e webmail, as compare to just to setup a webmail server running HTTPS. Can anyone point out the differences?? Thanks --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Clientless VPN (SSL VPN) vs HTTPS harbinger (Aug 11)
- Re: Clientless VPN (SSL VPN) vs HTTPS Eoin Miller (Aug 14)
- Re: Clientless VPN (SSL VPN) vs HTTPS PCSC Information Services (Aug 14)
- Re: Clientless VPN (SSL VPN) vs HTTPS Saqib Ali (Aug 14)
- Re: Clientless VPN (SSL VPN) vs HTTPS Joe (Aug 14)
- RE: Clientless VPN (SSL VPN) vs HTTPS Melchior, Raimar (Aug 14)
- Re: Clientless VPN (SSL VPN) vs HTTPS Christopher Stromblad (Aug 15)
- <Possible follow-ups>
- Re: Clientless VPN (SSL VPN) vs HTTPS bhaven . haria (Aug 14)
- RE: Clientless VPN (SSL VPN) vs HTTPS Wesley Ward (Aug 14)