SSL VPNS ROUNDUP.

This article focuses on the continuous growth of Secure Sockets Layer virtual private networks (SSL VPN) in the U.S. industry as of February 2005. Traditionally, providing road warriors and business partners with access to back-end servers and resources has meant deploying an Internet protocol security (IPSec) VPN. For site-to-site communication, IPSec remains the only game in town, but for client-to-enterprise links, it is falling out of favor precipitously. The administrative overhead associated with deploying IPSec client software has become overwhelming given the ever increasing number of clients to support. There is also the potential that IPSec tunneling will allow an untrusted device to punch a hole through the firewall--and directly into the heart of the network. These kinds of basic problems with IPSec are why SSL VPNs are showing up on more and more IT radar screens. With an SSL VPN, there is no client software to install, let alone maintain. Not only does this cut down on IT labor, but it also means remote users aren't limited to specified locations. Public Internet kiosks, partner sites, a borrowed laptop--they all work. More importantly, with an SSL VPN there is no open tunnel to the enterprise. SSL VPNs enforce security policies on each connection, allowing access only to specific resources based on user, location, and/or device. INSETS: Locking Down the End Point;Standardizing Trust at the Edge.