Cisco IOS SSL VPN is the industry’s first router-based SSL VPN solution. It offers “anywhere” connectivity not only from company-managed resource, but also from employee-owned PCs, contractor or business partner desktops, and Internet kiosks.
The SSL protocol supports various cryptographic algorithms for operations, such as authenticating the server and client to each other, transmitting certificates, and establishing session keys. Cisco SSL VPN solutions can be customized for businesses of any size. These solutions deliver many remote-access connectivity features and benefits, including:
- Web-based, clientless access and complete network access without preinstalled desktop software. This facilitates customized remote access based on user and security requirements, and it minimizes desktop support costs.
- Protection against viruses, worms, spyware, and hackers on a VPN connection by integrating network and endpoint security in the Cisco SSL VPN platform. This reduces cost and management complexity by eliminating the need for additional security equipment and management infrastructure.
- Use of a single device for both SSL VPN and IPsec VPN. This reduces cost and management complexity by facilitating robust remote access and site-to-site VPN services from a single platform with unified management.
Cisco IOS SSL VPN is a technology that provides remote access by using a web browser and the web browser’s native SSL encryption. Alternatively, it can provide remote access using the Cisco AnyConnect Secure Mobility Client software.
The Cisco ASA provides two main deployment modes that are found in Cisco SSL VPN solutions, as shown in the figure:
- Cisco AnyConnect Secure Mobility Client with SSL - Requires the Cisco AnyConnect Client
- Cisco Secure Mobility Clientless SSL VPN - Requires an internet browser
The Cisco ASA must be configured to support the SSL VPN connection.