Get started Bring yourself up to speed with our introductory content.

Clientless VPN: Artful misnomer, useful technology

They may not be completely clientless, but clientless VPNs can provide secure, user-friendly and largely affordable solutions to enable remote access over the Internet.

Since 2003 -- the year that companies like Aventail, Cisco and Symantec all introduced VPN solutions they described as "clientless" -- the term has come into pretty broad currency to describe a form of managed, Web-based VPN for secure network access.

While indeed there may be no software to download, install, or configure on clients to make such solutions work, they can't really be called clientless in the truest sense of that term. That's because there's still a client that accesses the network. It's just that the work involved in downloading, installing, configuring, testing and maintaining the client end of a VPN connection is shifted to someone other than the person using whatever solution may be involved in this so-called "clientless VPN."

More on this topic

White paper: 3-in-1 SSL VPN Decision Toolkit

Lisa Phifer explains the differences between site-to-site VPNs and remote-access VPNs

Despite boom, IP VPN cost still a hurdle

Browse more VPN tips

All this said, clientless VPNs continue to attract lots of interest and a growing share of the market for secure remote networking solutions from the enterprise level down to individual users. Though Cisco, Symantec and Aventail all continue to play active roles and have established their shares of this market, other options in this product space also abound. Cisco offers its Series 3000 VPN Concentrators and its PIX firewalls, with a WebVPN client; Symantec has various VPN Gateway product offerings and Aventail carries various VPN appliance products. For everything from various types of gateways and appliances to end-to-end managed solutions such as GoToMyPC that are handled completely by a third-party vendor, interested buyers can find clientless VPN solutions from about $30 a month per PC (for those who like a pay-as-you-go/service model) to hardware-based solutions that cost between $30 to $60 a seat (plus annual maintenance charges).

What end users get in return is a simple, straightforward VPN solution that they access through a Web interface. The solution offers anywhere from reasonable (128-bit AES encryption, SSL, decent authentication services) to pretty strong (easy-to-access and use one-time keys, 256-bit encryption and up) security. LAN and security administrators tend to like these solutions as well, since they're designed to be easy to set up and configure, if not managed according to security policy requirements by the vendor.

Some of these solutions involve Web browser add-ons or plug-ins, so again, they're not really clientless in the most literal of meanings. But because they take the onus off the end-user for setting up, using and maintaining VPN security -- and make it easy to effortless for administrators to do likewise, it's easy to understand how and why this terminology originated.

Those interested in secure, user-friendly and largely affordable solutions to enable remote access over the Internet to their networks could do a lot worse than to research their clientless options.

Ed Tittel is a regular contributor to multiple TechTarget Web sites, who has been covering networking topics and technologies and a resident expert for since 2001. Ed also writes on XML and VS.NET topics for, and on Windows and Web technologies for other TechTarget sites as well. Contact Ed at [email protected] with comments, questions, or suggestions for future articles and tips.
This was last published in April 2006

Dig Deeper on Network Security