When choosing between IPSec and SSL,
you might find you need both kinds of VPNs.
Mobile workers are a fact of life for most
small businesses and that is often a good thing—for both the company and the
employee or contractor. Users who have remote access to your small business
network from their home offices or while traveling tend to be more productive
and can helps save your company money. The trick, of course, is making
sure that the mobile connections to your network are secure. For that, you need
an encrypted virtual private network (VPN), which lets remote users safely
connect to your network from any location with Internet access.
There are two different types of VPNs:
Internet Protocol Security (IPSec) and Secure Sockets Layer (SSL). Both VPNs
allow you to remotely access network resources—providing a secure and private
link to your network via the public Internet—but in different ways. Choosing
the one that’s right for your small business depends on your existing (or
planned) network hardware and the type of users who need remote access to the
applications and data on your network.
IPSec vs. SSL VPNs
An IPSec VPN provides secure access to your
entire small business network by encrypting data traveling between an IPSec
gateway, which is installed on a router or security appliance, and an IPSec
remote access client installed on an employee’s laptop or smartphone. An IPSec
VPN gives users a network experience similar to sitting in the office with
native access to all your applications.
An SSL VPN allows users to securely access
only specific applications and services on the network via a web browser and is
ideal for those small businesses that want to offer secure access to partners,
contractors, consultants and suppliers by providing access to only specific
applications and services inside their business network. An SSL VPN uses a web
browser’s security capabilities to secure private network traffic. No special
client application is necessary, so users can log into an SSL VPN from any
device with a browser and an Internet connection. Because SSL VPNs use an
Internet protocol, the applications users’ access through this type of VPN must
be web-enabled.
In general, an IPSec VPN is more secure
than an SSL VPN because it requires a special client and can’t be accessed by
non-sanctioned Internet devices, like a public PC at the local library. It also
gives employees access to more applications that don’t need a web version to
function over the VPN. On the other hand, an SSL VPN makes it easier to give
users access to web-based services such as email.
Should you choose one VPN over another,
or both?
When deciding which type of VPN to install,
the question isn’t so much “Which one is better?” but “Which one is better for
my business?”. Both VPNs have their advantages, and you might even decide you
need a “hybrid VPN”—an IPSec VPN for a certain group of users such as employees
who need to access all the applications and data within the network and an SSL
VPN for providing controlled access to specific applications and services that
are pertinent to contractors, consultants, suppliers and partners etc.
In fact, depending on which hardware you
choose to provide VPN functionality for your business, you don’t necessarily
have to choose between the two VPN types. For instance, theCisco Small Business
RV Series Routers has built-in IPSec VPN functionality, and some models,
including the RV220W Wireless Network Security Firewall offer both
IPSec and SSL VPNs.
read more: cisco distributors, used cisco equipment, cisco used equipment, used network hardware
