The ubiquitous Internet fuels network access reachability and availability to users whenever and wherever needed.
Today's VPN solutions offer state-of-the-art secure technologies that extend the reach of networks to anyone, anyplace, anytime.
Remote Access VPN technology is the logical solution for remote connectivity providing secure communications with access rights tailored to individual users.
SSL-based Remote Access VPN technology provides remote-access connectivity from any Internet-enabled computer through a standard web browser and its native SSL encryption.
SSL VPN solutions offer network access at any time and any place, thereby providing the possibility of increasing productivity. SSL VPN solutions also offer greater flexibility for the remote workforce.
This chapter provides a complete overview of the SSL-based Remote Access VPN technology, describing solution architecture, deployment, and implementation guidelines. The chapter also introduces the newly released Cisco AnyConnect VPN client solution.
SSL is an application layer (Layer 7) cryptographic protocol that provides secure communications over the Internet for web browsing, e-mail, instant messaging, and other data traffic.
SSL, which was originally developed by Netscape and released in 1996, later served as the foundation for the IETF standard—Transport Layer Security (TLS) protocol.
Although SSL and TLS vary in some respects and are not interoperable, the protocol architecture largely remains the same. The primary objective of both protocols is to provide data privacy and data integrity, thereby providing secure communications between applications. By default, SSL uses TCP port 443.
Note
TLS was originally documented in IETF RFC 2246—"The TLS Protocol Version 1.0," and was made obsolete by IETF RFC 4346—"The Transport Layer Security (TLS) Protocol Version 1.1," which, as of this writing, is the current approved TLS version.