NIST logo

Publication Citation: Guidelines on Implementing a Secure Sockets Layer (SSL)Virtual Private Network (VPN)

NIST Authors in Bold

Author(s): Sheila E. Frankel;
Title: Guidelines on Implementing a Secure Sockets Layer (SSL)Virtual Private Network (VPN)
Published: July 23, 2008
Abstract: Secure Sockets Layer (SSL) Virtual Private Networks (VPNs) provide users with secure remote access to an organization's resources. An SSL VPN consists of one or more VPN devices to which users connect using their Web browsers. The traffic between the Web browser and SSL VPN device is encrypted with the SSL protocol. SSL VPNs can provide remote users with access to Web applications and client/server applications, as well as connectivity to internal networks. They offer versatility and ease of use because they use the SSL protocol, which is included with all standard Web browsers, so special client configuration or installation is often not required. In planning a VPN deployment, many organizations are faced with a choice between an IPsec-based VPN and an SSL-based VPN. This bulletin describes SP 800-113: Guide to SSL VPNs. The document seeks to assist organizations in understanding SSL VPN technologies. The publication also makes recommendations for designing, implementing, configuring, securing, monitoring, and maintaining SSL VPN solutions. SP 800-113 provides a phased approach to SSL VPN planning and implementation that can help in achieving successful SSL VPN deployments. It also includes a comparison with other similar technologies such as Internet Protocol Security (IPsec) VPNs and other VPN solutions.
Citation: ITLB -
Keywords: secure sockets layer; secure remote access; ssl; tls; transport layer security; virtual private network; vpn
Research Areas: Networking
PDF version: PDF Document Click here to retrieve PDF version of paper (34KB)