In my opinion there are a few issues to consider (most of these also apply to any VPN connection scenario):

1. Integrity of system connecting to VPN. Is it trusted? Is it managed according to company policies? Can that be confirmed at time of connection?

2. If the user is connecting from a system which is not trusted, what are they permitted to access? Can it be managed and monitored?

3. Certificate management. Users will ignore many certificate error messages if they are intent on making a connection. Make sure remote SSL VPN users understand what types of certificate errors they may encounter and what their responses should be.

4. Is split tunnelling permitted or denied? What is the impact on the user?

5. What activity/event monitoring/reporting/analysis tools are in place to track/report/analyze activities when using VPN?

Really the biggest issue is #1 raised above. The integrity/trustworthiness of the connecting system. But that issue remains even with other VPN technologies. SSL VPN is really just another means of delivering the same experience to remote/mobile users.