Introduction

Products concerned: SNS 3.x, SNS 4.x, SSL VPN Client 2.9.x

Last update: May 2021

SSL VPN allows remote users to safely access a company’s internal resources: network sharing, databases, applications, intranet, etc. All communications between the remote user and central site will then be encapsulated and protected in a tunnel encrypted in SSL.

This tunnel is set up once server and client certificates signed by a certificate authority (CA) are presented. This solution therefore guarantees authentication, confidentiality, integrity and non-repudiation.

Communications between the user and the central site are managed by an SSL VPN client installed on the user’s workstation. The way this client operates is similar to how an IPSec VPN client works, but has the advantage of a simplified configuration. Furthermore, it only uses TCP port 443, and therefore offers easy access from networks with internet access filters (hotels, public WiFi, 3G connections, etc). This open operating mode can be accessed on any type of terminal (Windows, IOS, Android, etc.), something that has become a necessity in BYOD (Bring Your Own Device) environments.

Network traffic going through an SSL VPN tunnel also benefit from advanced features on Stormshield Network Firewalls such as Level 7 traffic filtering and intrusion prevention.