RE: True Clientless SSLVPN

[Jamie Schmidt <jschmidt () buhler com>]

-jamie-

"Beauford, Jason" <jbeauford () EightInOnePet com> wrote on 06/02/2006 
11:06:13 AM:

> ChrisSerafin wrote:
> > Most of the solutions like Cisco or Netscreen require a client. I'm
> > looking for one that does not require any download... 
> >
> > Thanks,
> > Matthew
>
> I think what we're missing is your purpose.
>
> What is the end result, what is it you are looking to do.  As everyone
> has stated already, clientless SSL-VPN's come in the form of Reverse
> Proxies and are not IPSEC VPN's.  They do not provide true network
> connectivity.  By that I mean, you do not get an IP address on the
> remote LAN.  They do however, provide access to remote resources.  If
> all you are trying to accomplish is access to remote resources, all of
> the mentioned SSL-VPN's will do the trick, Juniper, Aventail,
> SSL-Explorer, etc.
>
> I can tell you that Juniper does not require any client to connect to
> remote resources.  Neither does SSL-Explorer.  If you are looking to get
> into something relatively inexpensive, then check out SSL-Explorer.  It
> is an open source solution which provides Active Directory integration
> and easy access to remote resources.  There is no client required to
> access most resources.
>
> Again, this is simply restating what everyone has already said, but to
> give some relative advice I think the forum needs to know what will be
> your end result.  Ultimately, what do you want to provide to your users,
> other than a clientless SSL-VPN.  What resources do you want to access?
> Do your users need an IP on the network?  Outlook connectivity? What is
> the end result?  You may be expecting to provide too much with too
> little and it may not be possible.
>
> JMB.

It appears that he is referring to a laptop or PC that is running as a 
restricted user remotely that has no capability of approving any type of 
applet or activeX control.  That is still somewhat a type of 'client' 
install.

-jamie-