SSL VPN
What is SSL VPN?
SSL VPNA VPN that tunnels traffic over TLS (historically SSL), allowing remote access through standard web ports without a dedicated VPN protocol.
An SSL VPN uses TLS as the transport for the tunnel, so traffic looks like ordinary HTTPS and traverses NAT and firewalls easily. Two common flavors exist: clientless web portals, which proxy specific web apps through the browser, and full tunnel clients that ship a custom agent. Authentication typically combines passwords, certificates, and MFA, and inner traffic is encapsulated in TLS records that protect confidentiality and integrity. While operationally convenient, SSL VPN appliances have a long history of critical CVEs (e.g., in Pulse Secure, Fortinet, Citrix products), so timely patching, MFA, and migration toward zero-trust application access are essential.
● Examples
- 01
A clientless SSL VPN portal that proxies the corporate intranet and SaaS apps via the browser.
- 02
A full-tunnel SSL VPN client used by remote staff that authenticates with certificate + TOTP.
● Frequently asked questions
What is SSL VPN?
A VPN that tunnels traffic over TLS (historically SSL), allowing remote access through standard web ports without a dedicated VPN protocol. It belongs to the Network Security category of cybersecurity.
What does SSL VPN mean?
A VPN that tunnels traffic over TLS (historically SSL), allowing remote access through standard web ports without a dedicated VPN protocol.
How do you defend against SSL VPN?
Defences for SSL VPN typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for SSL VPN?
Common alternative names include: TLS VPN, Web VPN.