Manualshelf

Specifications

ManualsBrandsBarracuda Networks ManualsComputer equipmentSSL VPN
71727374757677787980
74
The Barracuda SSL VPN Agent
Many commonly used applications typically operate using unsecured protocols to facilitate the
exchange of data. To the casual home user this is usually not a worry, though to the corporate user this
is a critical vulnerability and one that leaves a business open to all manner of threats from password
sniffing to industrial espionage.
With modern encryption protocols like SSL, data from these applications can be “tunneled” inside SSL
packets. In the Barracuda SSL VPN appliance this is achieved through the use of the SSL VPN Agent
– a small program that can intercept data transmitted by the insecure application, encrypting said data
and transmitting the secure form over the wire. At the receiving end the appliance decrypts this data
and forwards it to the appropriate destination within the trusted network.
What is the Barracuda SSL VPN Agent?
With the Barracuda SSL VPN appliance comes a small SSL VPN Agent. This is a Java application that
works in conjunction with your user session to provide SSL tunneling and application launching
facilities provided by the appliance.
The Barracuda SSL VPN Agent is launched by a small Java applet placed on all pages that require
access to the SSL VPN client. You only need to launch the client once per user session.
The Barracuda SSL VPN Agent is an essential tool for providing a secure tunnel for some of the
resources detailed later in this chapter. When required the resources automatically starts the Agent.
However the Agent can also be started manually in which case any resource requiring the use of the
tunnel will not need to start the Agent.
Communication with Browser
The Barracuda SSL VPN Agent listens on a number of ports in the 65500+ range. This is normal
behavior. The Agent is actually also a HTTP server and uses these ports to communicate with your
Web browser. All outbound network communications are sent through the HTTPS port 443.
Precautions
It is important to remember that the SSL VPN Agent will provide a secure tunnel into your network
until it is closed or times out due to inactivity. Your users must make sure that they log-off from their
SSL VPN sessions. It is not wise to allow such a session to remain open and unattended even for a
short period of time. The SSL VPN Agent will time out any tunnel that is inactive for a configurable
period of time.