Date: Fri, 07 Feb 2003 09:57:30 -0500
From: Richard Ginski <>
To: "" <>
Subject: Re: [VPN] SSL "VPNs"

Here's a link to a case where an SSL VPN was deployed. When we spoke to Novell we learned that, not only can you access standard Intranet based applications using web servers (similar to what's been discussed here), but they also have capabilities to access user folders and have a form of "terminal services" for interactive access such as Telnet sessions via an SSL-based system. This goes well beyond the initial impression of what SSL VPNs can do.

I guess I'm to blame regarding this thread (subject aka IPsec and Clientless VPN). However, I just can't get comfortable with this level of access being provided without multiple OSI layers of security (such as application layer, system layer, and especially the network layer). I get nervous thinking about giving "carte blanche access" through a firewall to a protected network for this type of solution.