Advantages of ssl vpn, Support for various application protocols, Simple deployment – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 894: Support for multiple authentication methods, Granular access control of network resources
873
5.
The SSL VPN gateway resolves the request, interacts with the corresponding server, and then
forwards the server's reply to the user.
Advantages of SSL VPN
Support for various application protocols
SSL VPN can secure any application without knowing the details. SSL VPN classifies the service resources
provided by applications into three categories:
•
Web proxy server resources—Web-based access enables users to establish HTTPS connections to
the SSL VPN gateway through a browser. Thus, users can access the Web proxy server resources of
the servers.
•
TCP application resources—TCP-based access allows users to use their applications to access the
open service ports of the server securely. Such resources include remote access services, desktop
sharing services, email services, Notes mail services, and common application service resources.
•
IP network resources—IP-based access allows user hosts to communicate with servers at Layer 3
securely. It supports all IP-based applications to communicate with the servers.
Simple deployment
SSL is integrated into most browsers, such as IE. Almost every PC installed with a browser supports SSL.
To access Web-based resources, a user only needs to launch a browser that supports SSL. When a user
tries to access TCP-based or IP-based resources, the SSL VPN client software runs automatically, without
requiring any manual intervention.
Support for multiple authentication methods
In addition to the certificate authentication method provided by SSL, SSL VPN also supports the following
authentication methods and any combination of two of the following methods:
•
Local authentication
•
RADIUS authentication
•
LDAP authentication
•
AD authentication
Granular access control of network resources
On the SSL VPN gateway, you can configure multiple resources and users, add resources to resource
groups, add users to user groups, and assign resource groups to user groups. After a user logs in, the SSL
VPN gateway finds the user groups to which the user belongs, and checks the resource groups assigned
to the user groups to determine which resources to provide for the user.