A SSL VPN, on the other hand, requires Java or ActiveX downloads to facilitate access to non-web enabled applications which can become a problem if a firewall is configured to block these controls (Kilpatrick, 2007). Having direct access only to web-enabled SSL applications prevents users from accessing network resources such as printers or centralized storage and from using the VPN for file sharing or file backups (Bradley).
IPSec is still the preferred method for site-to-site VPNs because either IPSec or SSL requires a gateway and because many SSL vendors dont currently offer site-to-site connections (Greene, 2007).
There are a number of factors to consider when choosing between an IPSec and a SSL VPN. A SSL VPN is likely to meeting the needs of a small number of users connecting to a small number of applications. Security, scalability, interoperability and site-to-site connectivity requirements, however, require a closer examination of the pros and cons of each approach with the realization that SSL VPNs will be easer to manage and administer provided that its shortcomings are acceptable or can be overcome with additional technologies.
However, SSL VPN technology is rapidly advancing, and progress should be closely monitored.
Advantages and disadvantages of IPSec. http://nislab.bu.edu/sc546/sc441Spring2003/ip_sec/a&D.htm
All about SSL VPN. http://www.vpntools.com/vpntools_articles/about-sslvpn.htm
Bradley, T. VPNs: IPSec vs. SSL. About.com: Internet/Network Security: http://netsecurity.about.com/cs/generalsecurity/a/aa111703.htm
Greene, T. (2007, October 26). IPSec vs. SSL VPNs. Network World. http://www.networkworld.com/news/2007/102607-arguments-ipsec-ssl.html?fsrc=rss-security
Kilpatrick, I. (2007, April 9). The rise of SSL VPNs. NetWorkNewz. http://www.networknewz.com/networknewz-10-20070409TheRiseofSSLVPNS.html.