With the technological progress of the PC came the birth of the high speed internet at work but more especially for the home and wirelessly in public spaces. With this came a revived appetite for remote working. Individuals and online traders (retailers and bank predominantly) started to trade online securing the packets of date between PC and web servers using SSL browser technology.
This meant that the data passing between the two computers was encrypted. It was the perceived trust and security that encouraged both traders and customers to adopt this method so readily.
Still though commercial organisations were struggling with VPN type activity, until manufactures discovered that they could re-use the SSL technology as a pseudo on demand VPN tunnel, through a standard, brand neutral browser.
Various manufacturers had slightly different approaches to this type of connectivity but in essence all adhered to the premise that access to internal resources such as file shares and re-written web based applications could be provided through a browser.
And because the connection between the client and the server was a proxied one, this meant that no known vulnerabilities could exploit the connection and access rules could determine easily where users could get to.
One manufacturer, Neoteris, (now part of Juniper Networks) adopted the phrase “Instant Virtual Extranet” to describe their philosophy behind the functionality. Indeed it was true as Extranet style access to internal resources could be determined without making any changes to the network or servers.
In practice this meant that SSL VPN solutions (normally hardened appliances running a flavour of Unix with an SSL application on top) opened up the possibility of providing remote access to anyone that needed it.
Initially IT managers were cautious and merely replaced their cumbersome IPSec systems with SSL VPN, but once the ease of use, stability and business case had been established the flood gates opened and organisations of all sizes embraced the technology.
Now every conceivable type of user is being permitted access to proxied internal resources. In recent years to further the scope of access manufacturers can now provide a virtual IpSec tunnel through SSL so that fat client applications such as Outlook, Citrix, Terminal Services, SAP or any IP or UDP programme can be run subject to bandwidth restrictions.
We live in a volatile society and an increasingly turbulent climate. Organisations are now taking very seriously the possibility that their premises may not necessarily be targeted but that they may not be accessible due to flood, transport disruption or terrorist activity. SSL VPN technology has meant that organisations can provide Secure Remote Access to core employees using their home computers, all at a moment’s notice.
SSL VPN is now widely deployed by commerce, education, charities, the media, government, the military, in fact every sector, providing a secure, easily managed, cost effective and easy to use infrastructure, enabling interaction between individuals and organisations that less than ten years ago would have been considered impossible.