VPN Technologies
WebVPN

WebVPN lets users establish a secure, remote-access VPN tunnel to a head-end device using a web browser. Users are no longer restricted to a particular PC or workstation, improving mobility and flexibility of access . WebVPN is not a replacement for IPSec, but widens application availability.

There is no need for either a software or hardware client. WebVPN provides easy access to a broad range of enterprise applications, including web resources, web enabled applications, NT/Active Directory (AD) file shares that are web enabled, e-mail, and other TCP-based applications from any computer connected to the Internet that can reach HTTP(S) Internet sites.

WebVPN uses the SSL protocol and its successor, TLS to provide a secure connection between remote users and specific, supported internal resources at a central site.

WebVPN is currently available for VPN 3000 Series Concentrators, IOS Routers running IOS version 12.3(14)T or later, and the Adaptive Security Appliance 5500 Series.

WebVPN Features
WebVPN features include the following :

  • Secure access to internal web sites via HTTPS
  • Windows File Access provides access to files on pre-configured file servers, or file browsing on the network.
  • Port Forwarding, or Application Access, for legacy application support.
  • E-mail Proxies enable e-mail via Post Office Protocol, Revision 3 (POP3S) over SSL, Internet Messages Access Protocol, Revision 4 (IMAP4S) over SSL, and Simple Mail Transfer Protocol Secure (SMTPS) over SSL proxies.

WebVPN is ideal for the following deployments:

  • Unmanaged desktops
    • Extranets
    • Employee-owned computers
    • Employees who only need occasional access
    • Employees who need access to few applications
  • Simple or locked-down access
    • Restricted server and application access by population

WebVPN and IPSec comparison
Each type of remote access has its own unique set of benefits. WebVPN allows clientless access, but there are possible tradeoffs in ease of use and security. Many of these trade-offs can be mitigated by properly implementing WebVPN. Note the following additional characteristics of each solution shown in Figure .


Web Links