Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I would love to hear SonicWall explaining why their SSL is superior to IPSec. They've advertised and forced many clients (including ours) to choose SSL VPN with expensive licensing. Now I read this as a bad choice. Very annoyed.


SSL/TLS based ones will just be more interoperable and have fewer connectivity issues through intermediary network devices and access points.

But TLS has traditionally been a nightmare, crypto-wise, to say secure. POODLE, CRIME, BEAST et al.

At least WireGuard is either secure or off.


Vendors have to balance usability and security. That's always been the trade-off between IPSec and TLS. I don't envy people who have to provide support for IPSec solutions.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: