May Feature of the Month: SSL VPN Technology, Part One

by VPNHaus | 05/02/2013

For our May Feature of the Month, we decided to devote a series to NCP’s SSL VPN technology, which safely and reliably connects remote employees to Web applications, client/server applications as well as internal network connections. Why a series? Because NCP has significantly increased its SSL VPN functionality over the years.

The first SSL feature we’d like to call attention to is NCP’s browser-based SSL VPN (Web proxy). This method puts the fundamental idea behind SSL VPNs into practice - it eliminates the need to install additional software at the end device. SSL VPN was originally introduced to address various shortcomings of its IPsec counterpart, such as usability, interoperability and scalability. In particular, the IPsec client-based approach was regarded as a difficult-to-manage process from both the administrator and user perspectives.

When SSL was initially introduced, it was thought of as a client-less technology in order to differentiate from the IPsec client-centric approach. However, SSL is actually involved on the client side, typically in the form of a Web browser. Since SSL comes pre-installed on all OSs, whereas with IPsec, a separate software install is often required, many companies opt for the SSL approach.

NCP created its “first generation” SSL VPN offering to be a simple yet effective technology: it isolates the internal web server from direct access from the Internet, and after successful authentication at the SSL VPN gateway, the user is granted access to the gateway.

Following the success of the Web proxy functionality, customers started demanding more. But, how can simple, browser-based SSL VPNs directly connect users to certain applications on specific ports, or provide transparent remote access to the central network?

For the answers to these questions and more, stay tuned. We will reveal how the NCP Secure Enterprise VPN Server has evolved to offer a thin client and a thick, portable LAN client for the most comprehensive connectivity, security and individual access control.