SSL VPN Book Announced
Written by Joseph Steinberg and Tim Speed, two respected experts on computer networking and security, “Understanding SSL VPN” cuts through hype and confusion to give a thorough and practical overview of clientless virtual private networking.
Virtual Private Networks (VPNs) provide remote workers with secure access to enterprise resources via the Internet by encrypting all communications between company networks and remote users’ machines (client computers). Before SSL VPN, such remote access typically required that administrators install, configure, and maintain special software on users’ computers. As such, VPNs were expensive and complicated to operate. Remote access was usually only offered to a small subset of corporate employees.
SSL VPN technology eliminates these drawbacks by avoiding the need for special technology on client machines. Essentially any computer with a Web browser can be used for remote access. SSL VPNs, therefore, offer several significant benefits:
Access is available at a much lower cost than previously possible – there is no client-side maintenance)
Access is available for a greater number of people than was practically possible using earlier technologies – there is only a minimal cost to “scale up” an implementation to a large number of users
Access is available from many more locations – home computers, public kiosks, borrowed workstations, even handhelds and mobile phones
ISP restrictions on IPSEC VPN-type traffic are avoided – as standard encrypted-web sessions are used for communications
SSL VPN access is often provided by a hardware appliance located in a corporate data center. These appliances act as gateways, providing external access to internal services such as file shares, email servers, and applications in a web based format encrypted using SSL. Existing players and new entrants, such as Nokia, AEP Networks, F5, Whale Communications, Juniper Networks, Nortel, and Aventail are rushing out SSL VPN products to meet growing demand.
“Understanding SSL VPN” provides a detailed technical and business introduction to SSL VPN. It explains how SSL VPN devices work along with their benefits and pitfalls. It explains how to prepare for an SSL VPN deployment – as well as how to ensure an implementation is secure.
As well as covering SSL VPN technologies, the book also looks at how to address key human-factors issues (including education) which often are vital elements in ensuring the success of remote access projects. The book also looks at strategies for making legacy applications accessible via SSL VPN.
Understanding SSL VPN is published by Packt and will be available in March 2005. For more information please visit: http://www.packtpub.com/book/ssl_vpn.
What you will learn from this book
How SSL VPN technology works, and how it fits into existing network architectures
Evaluating SSL VPN for your organization
Understand what to look out for when talking to vendors
How to plan an SSL VPN implementation for your business
Educate staff to maintain SSL VPN security
Strategies for providing access to internal legacy applications via SSL VPN
A heads-up on likely trends and possibilities for the future of SSL VPN
Approach
The book blends technically rigorous descriptions with a friendly approach based on practical examples and scenarios. The authors write in clear, informal language and make extensive use of diagrams and images. The book begins with an overview of SSL VPN’s purpose, and the technical and business trends that are making it popular today. It then looks at how SSL VPNs work and how they fit into existing network plans. The effect of SSL VPN on the wider business environment is then considered, before looking at how SSL VPN technology is likely to develop in the future.
Who this book is written for
This book aimed at IT network professionals and managers who are currently evaluating SSL VPN technologies. It requires a broad understanding of networking concepts, but does not require specific and detailed technical knowledge of protocols or vendor implementations.
Authors
Tim Speed
Timothy Speed is an IBM Certified IT Architect working for the IBM Lotus Brand (ISSL). Tim has been involved in Internet and messaging security since 1992. He also participated with the Domino infrastructure team at the Nagano Olympics and with the Lotus Notes systems for the Sydney Olympics. His certifications include CISSP, MCSE, A+ Plus Security from CompTIA, Lotus Domino CLP Principal Administrator, and Lotus Domino CLP Principal Developer. (Notes/Domino certifications in R3, R4, R5, and ND6)
Joseph Steinberg
Joseph Steinberg has been involved with computer networking and security since 1989. After working in technical positions at Citibank and AT&T, he served in senior-management capacities at several product vendors and consulting firms. Recently, he has spent more than four years with Whale Communications, one of the pioneers of SSL VPN technology.
Mr. Steinberg’s May 2003 article “SSL VPN Security” introduced an awareness of critical security issues created by SSL VPN technology; since its publication, nearly every SSL VPN vendor has acted upon the concerns and recommendations made in the article.
Mr. Steinberg earned an M.S. in Computer Science from NYU, and holds a CISSP (Certified Information Systems Security Professional) credential as well as advanced certifications in IT security management (ISSMP) and architecture (ISSAP). He has lectured on topics related to IT Security and Management and is the author of numerous articles in various journals, magazines, and other publications. A recognized expert on IT security, he is also interviewed on a regular basis by media personalities and sits on panels discussing IT-security related matters.
Additional Resources
For more information about the book, visit Packt’s website: www.packtpub.com/book/ssl_vpn
For a cover graphic: http://www.packtpub.com/images/100×123/1904811078.png
SSL VPN : Understanding, evaluating and planning secure, web-based remote access ISBN: 190481078, Pages: 220, $49.99, £29.99, €44.89 – 30% discount on PacktPub.com before the book is released.
About Packt Publishing
Packt publish books that aim to help you get things done with software. The company’s books are different in two ways:
Focused
They have developed a business model that allows them to publish books on areas that might otherwise be left without quality independent documentation. They do this by focusing on selling direct and online. This reduces wasted expense and means it’s profitable for authors and for Packt to publish the focused books that you need.
Fresh
Many of the topics Packt cover are rapidly evolving, often with multiple releases each year. Because every book they sell is printed individually, they can keep their material fresh and up to date. This is not possible in the old book publishing model.