Re: Clientless VPN (SSL VPN) vs HTTPS

[Eoin Miller <eoin.miller () trojanedbinaries com>]

harbinger wrote:
> Hi
>
> These days SSL VPN has been the alternative to
> the tradition IPsec VPN, particularly for users that
> require only email access.
>
> However, what is the different in implementing SSL VPN -
> which essentially means allowing only webbased traffic i.e webmail,
> as compare to just to setup a webmail server running HTTPS.
>
> Can anyone point out the differences??
>
> Thanks
Some of the more feature packed SSL VPN products are basically a portal 
with some web applications or even fat client software that allow you to 
use the SSL VPN box as a jump off point into your network to connect to 
other services like Citrix. Other products I have seen are really lame 
and only allow you to connect to a single IP/port per the IP/port that 
is listening on the external side. If you just want to give your people 
access to web services on your intranet, I would look into just setting 
up a reverse proxy with cert and password authentication. You then just 
have to set your proxy configuration in your browser to point at it. 
Then you can get around to internal web services no problem. :)

Client ---> SSL ---> Reverse proxy/portal ---> HTTP/RDP/SSH/etc ---> 
Internal network

--Eoin

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------