SSL

SSL VPN – An Emerging Technology

July 31, 2017 | By Kimberly Reynolds

We’ve all heard of VPN (Virtual Private Network) which is widely used for providing secure site-to-site connectivity and remote access. They offer several advantages. Data encryption being the most important of them all. Apart from increased user time savings, productivity enhancements, user satisfaction etc., But technology keeps evolving every day. And now we have SSL VPN.

Secure Sockets Layer (SSL) VPN is an emerging technology which provides remote-access VPN capability using the built-in SSL technology available in the modern web browser. SSL VPN allows any internet enabled computer residing in any location to launch a web browser and establish remote-access VPN connections, and is expected to provide productivity enhancements and improved availability.

SSL VPN – An Emerging Technology

One of the biggest advantages of using SSL VPN is that they make use of the ubiquitous SSL/TLS technology available in modern web browsers and therefore there’s no need for the installation of a specific client software like it is done with remote computers in the case of VPN technology. Another advantage with SSL VPN is the ease of deployment. All that the users need to make use of this technology is a ‘modern web browser’.

Security Risks Associated With SSL VPN

SSL VPN, although advantageous, brings along with it several security risks. Some of them are listed below.

1. Public Machines: The objective of SSL VPN is to make it easy for anyone from anywhere on the internet to connect to an internal corporate network. Therefore “public machines” will be used to access this technology. And public machines pose huge security threats as they may not contain the required anti virus for pc or firewall needed to safeguard themselves.

2. User Sessions Not Terminated Properly: If users connect to an internal network using a public computer and leave without properly terminating the session, such unattended live sessions can easily be used (or misused) by those who will end up accessing the same machine. Another disadvantage of SSL VPN.

3. Subject to Keystroke Logging: Publicly accessible computers (at kiosks, for example) are more vulnerable to keystroke logging. They may also not meet your organization’s security policies and standards. Therefore another way of sneaking into your organization.

Handling SSL VPN Security Related Risks:

As you can see, SSL VPN has many disadvantages, and therefore you need to deploy various security measures while implementing SSL VPN, some of which are listed below.

1. Strong User Authentication: Strong user authentication is a must. There are many ways to achieve this. One is two-factor authentication. Examples: hardware tokens, digital certificates, smart cards etc., This should improve your network’s security.

2. Host Identity Verification: Trusting the user and trusting the computer he or she is using are two different things. Because if a properly vetted and therefore legitimate user bring in a trojan-laden computer, then it defeats the purpose of the security measures you are taking. So to counter this, you need to verify the host, that is, the computer which the user is using to access your network, as well.

3. Host Security Posture Validation: The overall security posture of the host computer should also be surveilled before it is provided with the access to your organization’s network. This usually means examining the version of antivirus software, personal firewall, service updates, security patch levels etc., This validation is necessary to ensure users comply with your security policy.

Conclusion:

SSL VPN which can be deployed by organizations having SSL Certificates is expected to provide more productivity enhancements, improved availability and further IT cost savings. But as mentioned already, the security risks they pose too are too many to be avoided. But if you evaluate the security risks and employ the appropriate risk mitigation mechanisms like suggested in this blog, you will be able to deploy SSL VPN in your organization and reap the benefits of it.

Buy SSL Certificate

Posted in SSL,Technology

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory