Server-Side Security Issues
Now that we have explored the various issues pertinent to client-side security, let us examine the significant server-side security risks that must be addressed when implementing an SSL VPN. Server-side security includes issues related to both protecting the internal network from compromises made possible by the presence of the SSL VPN and the access it offers, and protection of the SSL VPN server itself.
The Problem: Firewalls and Other Security Technologies may be Undermined
For Internet-based users to communicate with the SSL VPN, and for the SSL VPN to be able to relay requests to internal systems, communications must transpire utilizing TCP/IP (and perhaps UDP/IP and ICMP as well). Firewalls, which block communications ports, must be configured to allow the communications required by the SSL VPN, but doing so poses serious risks. Let us examine the two most common scenarios to gain a better understanding of the problems that arise.
In a security-conscious organization...
