Security Basics mailing list archives

RE: True Clientless SSLVPN

From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 1 Jun 2006 10:47:46 -0700

  So then how would it work?

  The SSL code on the client is built into the browser.  But in order
to be able to *tunnel* over it, you almost certainly need additional 
code:  a plug-in, a java applet, an ActiveX control, *SOMETHING*.

  As I understand it, when vendors say "clientless", they mean "client
browsers will automatically download the piece they need, your users
do not have to separately install a new component to enable VPN use".

  I think that if you define "TRUE clientless" as "that's not clientless
enough", then you're looking for somebody to sprinkle invisible(!)
pixie dust on your clients when the user isn't looking.

  I was under the impression that the purpose of the Cisco client's
SSL feature was to allow customers who already have IPSEC VPNs to 
start deploying SSL VPNs as well without confusing the end users.
Is it actually *required* in order to use their SSL VPN solutions?
That would seem to defeat the major benefit of SSL for VPNs.

David Gillett

-----Original Message-----
From: Bein, Matthew [mailto:BeinM () ummhc org] 
Sent: Wednesday, May 31, 2006 10:19 AM
To: 'Huzeyfe Onal'
Cc: security-basics () securityfocus com
Subject: RE: True Clientless SSLVPN

Hello,

Most of the solutions like Cisco or Netscreen require a 
client. I'm looking for one that does not require any download...

Thanks,

Matthew

-----Original Message-----
From: Huzeyfe Onal [mailto:huzeyfe.onal () gmail com]

Sent: Wednesday, May 31, 2006 1:15 PM
To: beinm () ummhc org
Cc: security-basics () securityfocus com
Subject: Re: True Clientless SSLVPN

Hi,

what do you mean true clientless? All SSL VPN products are 
clientless(Except OpenVPN).
SSL VPNs allow users to connect securely  only a web 
browser.. You can try SSLExplorer 
(http://sourceforge.net/projects/sslexplorer/) or another SSL 
VPN solutions.

On 31 May 2006 01:22:12 -0000, beinm () ummhc org 
<beinm () ummhc org> wrote:

Has anyone seen a true clientless SSLVPN Solution?


Thanks,


Matthew



--

Huzeyfe ÖNAL
---
Ag Guvenligi Listesine uye oldunuz mu?
http://www.huzeyfe.net/netsec.html

<html><body><i>The information transmitted is intended only 
for the person or entity to which it is addressed and may 
contain confidential and/or privileged material.  Any review, 
transmission, re-transmission, dissemination or other use of, 
or taking of any action in reliance upon this information by 
persons or entities other than the intended recipient is 
prohibited.  If you received this in error, please contact 
the sender and delete the material from any 
computer.</i></body></html>

Current thread:

Re: True Clientless SSLVPN Saqib Ali (Jun 01)
- Re: True Clientless SSLVPN Saqib Ali (Jun 01)
- <Possible follow-ups>
- Re: True Clientless SSLVPN Huzeyfe Onal (Jun 01)
  - Re: True Clientless SSLVPN Joe (Jun 01)
    - RE: True Clientless SSLVPN Pher Ong J.H. (Jun 02)
- RE: True Clientless SSLVPN Bein, Matthew (Jun 01)
  - RE: True Clientless SSLVPN David Gillett (Jun 01)
  - Re: True Clientless SSLVPN ChrisSerafin (Jun 02)
- RE: True Clientless SSLVPN Portz, Jon (Jun 01)
- RE: True Clientless SSLVPN Paul Guibord (Jun 01)
- RE: True Clientless SSLVPN Omar Salvador Alcalá Ruiz (Jun 01)
- RE: True Clientless SSLVPN tom . farrar (Jun 02)
- RE: True Clientless SSLVPN Beauford, Jason (Jun 02)
  - RE: True Clientless SSLVPN Jamie Schmidt (Jun 02)
- RE: True Clientless SSLVPN Beauford, Jason (Jun 05)
- Re: RE: True Clientless SSLVPN h0e (Jun 05)
- RE: True Clientless SSLVPN Dubber, Drew B (Jun 05)

(Thread continues...)