Re: Deploying SSL-based VPNs

["Saqib Ali" <docbook.xml () gmail com>]

> For things like Remote Desktop or IPSEC clients via SSL-VPN, then you're
> correct as you'll need to install an active-x or java client of some
> sorts.

VPN based SSL is merely a Reverse proxy with the capability to tunnel
mutiple protocol / ports. Apache + mod_proxy will allow you to
implement a simple SSL VPN, which will make intranet content available
on to the internet in a secure fashion. And you are correct, in its
simplest form this should NOT require any client installation on the
desktop.

However most enterprises want the ability to tunnel any kinds of
traffic / port and a kitchen sink, through the SSL VPN. Thus the need
for a Active X control / Java applet  or some plugin.

--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------