SSL-based virtual private networks explained with illustrations: I've been hearing quite a bit about using SSL (Secure Sockets Layer) or TLS (Transport Layer Security, the newer name for the same thing) for remote VPN access, but didn't fully understand how it worked until reading this article.
The traditional VPN requires a special client installed on each computer, or can use a built-in VPN client in many operating systems, such as Windows XP Professional (a couple standards) or Mac OS X 10.2 (PPTP). A VPN server/firewall terminates the connection on the enterprise side and allows access across the VPN encrypted tunnel to internal resources.
The SSL/TLS VPN uses a browser, any SSL/TLS capable one, as the front end, and delivers applications inside the browser terminating the connection behind a firewall at an SSL/TLS server which relays application data to appropriate internal resources.
Probably worth mentioning that there are two distinct flavours of SSL VPN, neither of which are reallly anything new.
the first (apparently the one discussed in this article) is the same old Application Service Provider model that MS were pushing some years ago, but reframed to be a service offered by the company itself for its own employees; the structure is the same - user https connects, authenticates, is given a java app which acts as a front end for whatever services are offered, and then works partially clientside (in java) and partially server side (using back-end scripting)
the second (which is very platform and browser specific) is basically stunnel in a browser-plugin - a poor approach and one less efficient than any of the alternatives.