SSL VPN



  • What are the possibilities of an native/packaged SSL VPN solution?

    Behind corporate firewall including layer 7 filtering.  Unable to install VPN client on corporate asset.



  • I agree.

    Having a client-less web-based SSL VPN solution (a la "SSL Explorer") would be a tremendous benefit.  Many corp. environments will not allow users to install software (VPN clients) on their workstations, but pretty much everyone has an SSL-enabled browser these days.

    Just my $0.02

    NTSUX



  • My standard comment to such questions - what would the result of the corporation finding out?  While it's nice to be able to do, getting fired as a result isn't a good thing ;)



  • Right or wrong from a corporate aspect the desire for a SSL VPN solution is still there.

    Being able to walk up to a kiosk and gaining access to ones network is the goal.



  • I don't disagree that the overall goal of a VPN that doesn't require any special client software, but you have to look at the bigger picture.  You need to trust the system you're connecting from, if it isn't secure then you've handed out access to your network to whoever "owns" that system.

    Still, if you're after that as a solution I'd suggest you raise a bounty, if somebody hasn't already started one.  The more money you can provide the more likely it is that somebody with the skills will be interested in working on it.



  • I'm not sure that it was intended to bring across a point that we were looking for a way to circumvent a secure system.  I guess a poor example or rationale was provided.

    How about this: it is far less complicated to roll out a secure remote access solution via VPN when the end-user does not need to install & configure any new software (proprietary VPN client) on their machine.  To me, THIS is the main appeal of web-based VPN solutions.

    I realize that even using SSL that sometimes active x code needs to be installed to the browser - but that's more of a "next, next, next, finished" setup for the end user (easy).



  • It was more Seth's posts that suggested a desire to bypass corporate security/policy.

    My 0.02 <currency>- if you want the VPN to really be secure then you need to manage the clients too.  Convenience is nice, but having your corporate network compromised because your end users can install anything they want isn't a good goal ;)  Oh, and I've seen that happen, so it's not just theory.</currency>


Log in to reply