Problem solve Get help with specific problems with your technologies, process and projects.


I can't seem to find any great sources on SSL VPNs. That is, a good book or URL that explains the technical aspects of SSL VPNs? can you help?

SSL, and its IETF standard sibling, TLS, are well-documented in RFCs and books:

  • Rescorla, Eric, SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2000, ISBN 0201615983
  • Thomas, Stephen, SSL & TLS Essentials: Securing the Web, Wiley & Sons, 2000, ISBN 0471383546
  • Dierks and Allen, TLS Protocol v1.0, 1999, RFC 2246

    SSL VPNs -- products that use SSL or TLS to enable browser-based remote access through a VPN gateway -- have been around for years, but it's only since 2002 that this market has really taken off. I haven't seen any definitive books published about SSL VPNs yet, but I'm sure that will change soon. Most vendors in this market have published technical white papers that describe the capabilities of SSL VPNs and compare them to other approaches like IPsec. Here are some examples:

  • Aventail: Comparing secure remote access options: IPSec VPNs vs. SSL VPNs
  • Checkpoint: IPsec Versus "Clientless" VPNs
  • Cisco: Top 100 Questions and Answers on SSL VPN
  • F5: Enterprise Remote Access
  • Netilla: A Comparison of VPN Solutions: SSL Vs. IPSec
  • Netscreen: VPN Decision Guide: IPSec or SSL VPN Decision Criteria
  • Whale: Understanding SSL VPNs

    You might also be interested in reading an article I wrote on this topic for Information Security Magazine.

This was last published in April 2004

Dig Deeper on Network Access Control

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.