VPN

SSL/TLS VPN:

– Layer: Transport Layer (Layer 4) and Application Layer (Layer 7)

– Purpose: Encrypts specific application traffic, typically used for remote access to web-based applications.

– Connection: Remote users connect via a browser or SSL client.

– Primary Use: Best suited for remote access to web-based applications, email, and internal portals. Ideal for environments where users connect via browsers without requiring additional VPN client software.

– Encryption Algorithms: Employs both block and stream encryption algorithms, commonly used for web browsing.

– Common Scenarios: Securely accessing internal business web apps (e.g., CRM, ERP) over the internet, and remote workers needing quick, secure browser-based access to specific resources.

IPsec VPN:

– Layer: Network Layer (Layer 3)

– Purpose: Encrypts and authenticates all IP traffic, commonly used for site-to-site connectivity and full-network access.

– Connection: Remote users with an IPsec client or remote sites connect to a router.

– Primary Use: Designed for site-to-site connections or remote access to an entire corporate network. Suitable for users who need full network access and advanced security.

– Permitted: Common scenarios include connecting branch offices securely to a corporate headquarters, and remote employees accessing internal systems, databases, or file servers as if they were on-site.

– Encryption Algorithms: Utilises block encryption algorithms, such as Triple DES, to secure data.