Eliminating the trade-off between accessibility and security
Organizations first addressed the need for secure access with IP Security (IPSec) virtual private network (VPN) products to provide network-level access to servers in the data center, but as users demanded access from more locations, the limits of this technology became obvious. The IPSec protocol was often blocked by firewalls and Internet Service Providers (ISPs), and IPSec client software proved difficult to install and manage. This approach failed to deliver on its promises and left users unable to access information in all situations.
To address these shortcomings and improve user productivity, a new class of VPNs was developed utilizing the Secure Sockets Layer (SSL) open standard and more recently, Transport Layer Security (TLS) protocols, to encrypt VPN traffic. This approach allowed remote users to utilize the same protocols used to secure access to websites, providing simpler installation and management and better connectivity, and reducing help desk calls. These products are known as SSL VPNs.
Once VPN technology had evolved to allow ubiquitous access, a new set of challenges emerged. Organizations had no easy way to deliver the wide range of business applications required to utilize information, or to protect sensitive intellectual property from being left behind on shared devices, such as Internet cafes or home machines.
Properly addressing this challenge requires a comprehensive architecture that extends beyond traditional point solutions to control not only what a user can access, but also to enforce policies determining how access occurs. With an integrated application delivery infrastructure, an SSL VPN works in conjunction with client/server, Web and desktop application delivery components in the datacenter to ensure applications and information are available via the most secure and optimal method. Such a solution removes the need to access and store critical information on untrusted clients, eliminating the trade-off between accessibility and security.