Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



SSL Provides VPN Security the Web Way

If you're looking for a way to set up secure remote access with less complexity and cost than a traditional a VPN, an SSL VPN may be the way to go.

By Joe Moran

When businesses need to provide employees with remote access to a corporate network, they usually turn to a Virtual Private Network, or VPN. In a nutshell, VPNs allow private communication over a public network like the Internet, and using one is a quantum leap over the old days when companies had to set up banks of sluggish dial-up modems to allow workers to log in from home or the road.

Most current VPN products employ some version of IPSec, a collection of network protocols used to set up an encrypted connection between two points. When properly set up, an IPSec VPN is very secure, but unfortunately getting one up and running is far from trivial. Most IPSec VPN products use specialized hardware and/or client software that must be configured precisely in order to work properly.

IPSec VPNs, which operate at the OSI model's Network Layer (Layer 3), tend to have problems interacting with firewalls and networks that use NAT (Network Address Translation), which can make configuring and troubleshooting IPSec connections difficult. Moreover, the client software that most IPSec VPNs require is typically licensed on a per-user basis — you have to purchase licenses for every user you want to give access to, and that can get expensive.

What's That Term?
Not sure what a particular term means? Check out the searchable PracticallyNetworked Glossary.

The challenges associated with having an VPN based on IPSec are hardly insurmountable for companies with ample technical expertise and/or a healthy IT budget, but they often put a VPN beyond the reach of home offices and small businesses. For them, it might be worth considering a alternative type of VPN — one that encrypts data using SSL, or the Secure Sockets Layer protocol.

When you think of SSL, you probably think of online banking or shopping at e-commerce sites such as Amazon.com, but SSL-based VPNs are becoming increasingly popular these days because they address some of the issues that can make IPSec VPNs so daunting. SSL VPNs are generally far easier and less expensive to set up and maintain.

A big reason for this is that unlike IPSec VPNs, SSL VPN don't require a software client. Rather, you can access a SSL VPN using only a Web browser. The lack of a special VPN client is a big advantage, because when users aren't tied to a client running on particular machine, they have more flexibility and can access the corporate network from almost any available computer — not just the company-issued laptop. This means you don't have to spend time installing and configuring a client on multiple systems, and it also makes it easier to provide network access to outside vendors or partners without prior preparation (e.g. sending out the software and then trying to properly configure it from a distance).

Eliminating the dedicated VPN client usually has a significant cost benefit, too, since you don't have to pay a license fee for each user you set up. Another nice thing about SSL VPNs is that they operate at the OSI's Application Layer (Layer 7) and thus can permit a more granular level of access than many IPSec VPNa. This lets you grant users access to specific resources or applications rather than an entire network.

A browser-based VPN client is obviously enormously convenient, but convenience and security often occupy opposite ends of a continuum. Browsers, by their very nature, cache data, which is a big no-no when it comes to security. After all, you don't want any potentially sensitive residual information left behind on a computer (especially a public one) used to access a VPN. Most SSL VPNs address this issue with a feature — usually in the form of an ActiveX or Java plug-in — that will clean up the browser cache and delete any cookies or temporary files that may have been created during the VPN session.

SSL-based VPN products are available from a variety of vendors at prices ranging from several hundred to several thousand dollars. Most are hardware appliances, and examples range from entry- and mid-level offerings from Linksys, Netgear and SonicWall to higher-end devices from Cisco and Juniper, both companies known for their IPSec VPN products. Most SSL VPNs offer the same basic features, but differ in the number of users supported as well as additional capabilities like logging and reporting, failover and load balancing.

An SSL VPN may not be the best choice for all situations. For example, they're generally more appropriate for remote user access than for creating secure links between offices. But if you're looking for a way to set up secure access with less complexity and cost than a traditional IPSec VPN, an SSL VPN may be the way to go.


For more help, don't forget to try one of our PracticallyNetworked Forums.

Add to del.icio.us | DiggThis



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums