U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Guidelines on Implementing a Secure Sockets Layer (SSL)Virtual Private Network (VPN)

Published

Author(s)

Sheila E. Frankel

Abstract

Secure Sockets Layer (SSL) Virtual Private Networks (VPNs) provide users with secure remote access to an organization's resources. An SSL VPN consists of one or more VPN devices to which users connect using their Web browsers. The traffic between the Web browser and SSL VPN device is encrypted with the SSL protocol. SSL VPNs can provide remote users with access to Web applications and client/server applications, as well as connectivity to internal networks. They offer versatility and ease of use because they use the SSL protocol, which is included with all standard Web browsers, so special client configuration or installation is often not required. In planning a VPN deployment, many organizations are faced with a choice between an IPsec-based VPN and an SSL-based VPN. This bulletin describes SP 800-113: Guide to SSL VPNs. The document seeks to assist organizations in understanding SSL VPN technologies. The publication also makes recommendations for designing, implementing, configuring, securing, monitoring, and maintaining SSL VPN solutions. SP 800-113 provides a phased approach to SSL VPN planning and implementation that can help in achieving successful SSL VPN deployments. It also includes a comparison with other similar technologies such as Internet Protocol Security (IPsec) VPNs and other VPN solutions.
Citation
ITL Bulletin -
NIST Pub Series
ITL Bulletin
Pub Type
NIST Pubs

Download Paper

Local Download

Keywords

secure sockets layer, secure remote access, ssl, tls, transport layer security, virtual private network, vpn
Networking

Citation

Frankel, S. (2008), Guidelines on Implementing a Secure Sockets Layer (SSL)Virtual Private Network (VPN), ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=890029 (Accessed April 19, 2024)

Created July 23, 2008, Updated February 19, 2017