For the longest time, VPN merely meant access for site-to-site connectivity over a provider's backbone that was shared with other customers (e.g., the traditional ATM/Frame WAN backbones). Yes, those old legacy WAN networks were VPNs. The latest and greatest today is the
As I mentioned above, however, mobility is the key -- and today's VPN focus is on end-user access through remote-access VPNs. A great deal of Tunneling" is just a phrase to indicate that there is a virtual connection between the end user's device and the customer premises where the applications reside.
With IPsec, end users had to have a company laptop or PDA in order to access the corporate network. The requirement for clientless access is pushing remote-access services built on Secure Sockets Layer (SSL) technologies that utilize Web interfaces such as Internet Explorer to provide the same capabilities (secure, remote access) as an IPsec VPN without the hassles of an agent -- or a laptop, for that matter. This allows remote users to gain access to corporate applications (with email being a major application) from any device that supports a Web browser. This allows folks to communicate even when they do not have their VPN-enabled laptops. Email, order status, order entry and many other functions can be accomplished from almost anywhere.
IPsec and SSL VPN primarily provide the same function: secure, remote access. The capabilities of each differ primarily in how the access is facilitated.
About the author:
Robbie Harrell (CCIE#3873) is the National Practice Lead for Advanced Infrastructure Solutions for SBC Communications. He has more than 10 years of experience providing strategic, business and technical consulting services. Robbie lives in Atlanta and is a graduate of Clemson University. His background includes positions as a principal architect at International Network Services, Lucent, Frontway and Callisma.
This was first published in July 2006