The pros and cons of SSL

Steve Taylor and Joanie Wexler (Network World)
04 January, 2005 08:00
Comments

Previously, we examined IPSec, which has become the de facto protocol for providing security on Internet-based VPNs. We pointed out that while it works great for transparently connecting two networks across the Internet, there are some rather significant issues that arise for widespread remote worker access.

Enter the SSL alternative. SSL, in its traditional form, is designed to encrypt browser-based traffic without making any requirements on the network infrastructure. With authentication and encryption options that are essentially equivalent to IPSec, there is little difference in the inherent strength of the security in the two protocols.

Further, since SSL looks like any other browser traffic, it allows access to SSL-enabled applications for secure access from virtually any location - including partner or customer sites (which is problematic with IPSec) and public Internet access locations. And as far as the client side is concerned, most browsers support SSL, so implementation from the client side is quite simple.

The problem with SSL is that, by its very nature, it's designed for Web-based applications. Consequently, in order to use SSL in a corporate environment, the application must be "Webified." Sometimes this means rewriting a homegrown application. Or it might mean buying an additional module from the vendor of your major corporate application.

But perhaps the most significant drawback to SSL from a technical perspective is the fact that it assumes that the traffic will be TCP traffic. SSL was not designed with real-time applications in mind, such as VoIP, which depends on UDP for performance. Consequently, if you are supporting a Web-based application that has a VoIP interface, you could be faced with running both SSL and IPSec for that single application.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email Computerworld
Follow Computerworld on twitter

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Pathways Business Brochure 2012

Tailored learning and development program for organisations looking to build business acumen within their Key ICT executive. The course curriculum is designed in conjunction with the specific requirements the enrolling organisation.

Featured Download

Gadwin GeForms

GeForms allows you to create your own forms or fill in existing forms electronically. Using GeForms you are provided with sophisticated form design tools which ...

Zones

Most Popular Whitepapers

Process-Driven Master Data Management for Dummies

We wrote this book to introduce you to the subject of processdriven MDM. It’s a big topic, one that far outstrips the ability of a brief book to cover. However, our hope is that by reading this book you will gain a fundamental understanding of processdriven MDM, how it works, and what it takes to make it a success in your organisation.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management

Latest Jobs

FTQM Trainer and ConsultantNSW
FTChange Management ProfessionalsNSW
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
FTSenior Citrix EngineerNSW
CCAvaya Engineer - ERS 8600 4.1NSW
CCSAP FICO ConsultantNT
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
FTSAP Basis ConsultantNSW
CCSystem Engineer - Lync and Exchange - CONTRACTSWA
CCSystem Engineer - Exchange - CONTRACTSWA
FTSenior Citrix EngineerNSW
FTIT Account Manager - System Integrator - Career Progression - Start ImmediatelyNSW
FTSAP Basis ConsultantACT
FTSenior Network Engineer - Cisco / Nexus / UCS / - Routing / Switching / WirelessNSW
CCSAP PM ConsultantNSW
FTProduct Manager Strategist - Enterprise ApplicationsNSW
CCOBIEE ConsultantWA
FTTechnical Services Engineer - ShoreTel/MitelVIC
FTiPhone App DeveloperNSW
FTiPhone App DeveloperNSW
FTIT Service Desk EngineerNSW
CCPC Relocation Technicians - Multiple Roles availableSA
FTiPhone App DeveloperNSW
FTIT Service Desk EngineerNSW
FTiPhone Developer DeveloperNSW

Market Place

The pros and cons of SSL

Comments

Post new comment

Lawmakers call on DOJ to reopen investigation into Google Wi-Fi spying

Coalition NBN better or worse?

Bredolab botnet author sentenced to 4 years in prison in Armenia

Alternatives to Raspberry Pi you can get right now

Which tablet should I buy? iPad 2 vs Sony Tablet S

NBN ISS could pose capacity constraints

NBN service plans won't cost consumers more: Conroy

Microsoft at a loss over Event Viewer scam

Stallman: If you want freedom don't follow Linus Torvalds

Conroy turns the attack to Hockey

CeBIT 2012: Will NBN speed up freight delivery times?

Pathways Business Brochure 2012

Top 5 Threat Protection Best Practices

Essar Group - Essar Group executives enjoy printing on the move

Agile: Transforming small-team thinking into big business results

Gadwin GeForms

Avaya Air Cover Zone

Application Lifecycle Management

HP Converged Storage Zone

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Process-Driven Master Data Management for Dummies

Business Intelligence Best Practices for Dashboard Design

Learning To Compete: IT’s Next Transformation

Seven Steps to Effective Data Governance

Guidance for Calculation of Efficiency (PUE) in Data Centers

Computerworld newsletter

Don't have an account?

The pros and cons of SSL

Comments

Post new comment

Computerworld newsletter