SSL VPN
Virtual Private Network (VPN) technology lets remote users connect to private computer networks to gain access to their resources in a secure way. For example, an employee traveling or working at home can use a VPN to securely access the office network through the internet.
Instead of remotely logging into a private network using an unencrypted and unsecured internet connection, using a VPN ensures that unauthorized parties cannot access the office network and cannot intercept information going between the employee and the office. Another common use of a VPN is to connect the private networks of multiple offices.
SSL VPN uses the Secure Socket Layer (SSL) protocol to create a secure tunnel from the host’s web browser to a particular application (web mode) or to provide an SSL-secured tunnel between the client and the corporate network (tunnel mode). SSL VPN operates at the application layer of the OSI model and protects specific services or applications.
SSL VPN security restricts and validates the HTTP messages sent from clients to FortiGate using web mode and/or tunnel mode. With advanced checks and binary code verification, FortiGate now automatically detects and blocks certain HTTP methods that could be used for malicious access attempts. By implementing this proactive defense, FortiGate enhances the safety of its SSL VPN feature, ensuring a more secure environment for users.
The SSL VPN web and tunnel mode feature will not be available from the GUI or the CLI on the FortiGate 90G and 91G models. Settings will not be upgraded from previous versions. Consider migrating to using IPsec Dialup VPN for remote access. |
The following topics provide information about SSL VPN in FortiOS 7.0.16.