RE: Clientless VPN (SSL VPN) vs HTTPS

["Wesley Ward" <wward () truenorthsolutions net>]

The SSL/VPN will allow you to keep this critical asset on your Internal
network, adding a layer of defense. Less administration. Most SSL/VPN's
these days allow more than web based traffic. They come with fat clients
that can proxy certain applications to your internal resources. IE:
Native Outlook, SLQ connections, RDP, SSH clients, so on so forth. Some
of these clients need admin rights to install and some don't. Juniper's
SSL is very robust and comes with both types of clients, with an
additional license of course. Check out this opensource SSL VPN,
http://sourceforge.net/projects/sslexplorer/  Cheers

-dubs 

-----Original Message-----
From: harbinger [mailto:bluetooth995 () gmail com] 
Sent: Thursday, August 10, 2006 11:56 PM
To: security-basics () securityfocus com
Subject: Clientless VPN (SSL VPN) vs HTTPS

Hi

These days SSL VPN has been the alternative to the tradition IPsec VPN,
particularly for users that require only email access.

However, what is the different in implementing SSL VPN - which
essentially means allowing only webbased traffic i.e webmail, as compare
to just to setup a webmail server running HTTPS.

Can anyone point out the differences??

Thanks

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has
designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---
IMPORTANT: The information contained in this electronic message and/or its
attachments is intended only for the use of the individual(s) named above and
may contain information that is privileged and/or confidential. If you are not
the intended recipient, please notify the sender immediately by reply and
immediately delete this message and all its attachments without making any
copies or distributions thereof. Any review, use, reproduction, disclosure or
dissemination of this message or any attachment by an unintended recipient is
strictly prohibited and may violate copyrights and/or other laws. Neither the 
sender, his or her employer nor any of their respective affiliates makes any 
warranties as to the completeness or accuracy of any of the information 
contained herein or that this message or any of its attachments is free of
viruses.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------