[VPN] IPSEC and Clientless VPN
Richard Ginski
rginski at co.pinellas.fl.us
Fri Jan 10 08:34:25 EST 2003
I am being asked to consider accepting clientless VPNs (via SSL) as a replacement to our IPSEC implementation.
Currently, we have an IPSEC solution that provides, among other security
implementations, ip tunneling (hiding internally assigned ip addresses
while communicating to a VPN gateway.) The IP tunnelling provides an extra
layer of protection in that once packets are decrypted at the gate, the
firewall can then control the internal ip addresses (non public) that have
been tunnelled. I am concerned about losing this layer of protection.
Granted, clientless VPN's provide an easy way to have remote users access protected IT resources..because you don't have to mess with a client installation.
I am not looking for a conceptual answer here. However, I would like to
know if anyone else has wrestled with IPSEC vs Clientless VPN (ssl) and
what they concluded.
TIA
More information about the VPN
mailing list