SSL VPN risks?

344655 pts.
Tags:
Data Loss Prevention
Networking
SSL
SSL error
SSL VPN licenses
VPN
VPN security
What are the real-life security risks of implementing SSL VPN? Data loss, exploit from unprotected system, SSL botnets, etc.

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Labnuke99
    In my opinion there are a few issues to consider (most of these also apply to any VPN connection scenario): 1. Integrity of system connecting to VPN. Is it trusted? Is it managed according to company policies? Can that be confirmed at time of connection? 2. If the user is connecting from a system which is not trusted, what are they permitted to access? Can it be managed and monitored? 3. Certificate management. Users will ignore many certificate error messages if they are intent on making a connection. Make sure remote SSL VPN users understand what types of certificate errors they may encounter and what their responses should be. 4. Is split tunnelling permitted or denied? What is the impact on the user? 5. What activity/event monitoring/reporting/analysis tools are in place to track/report/analyze activities when using VPN? Really the biggest issue is #1 raised above. The integrity/trustworthiness of the connecting system. But that issue remains even with other VPN technologies. SSL VPN is really just another means of delivering the same experience to remote/mobile users.
    32,960 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following