SSL, VPN, and Compliance: Frequently Asked Questions

SSL stands for Secure Socket Layer (SSL) It is a security standard used to create an encrypted connection between a source and a destination. SSL is a cryptographic protocol commonly used on a web server that creates an encrypted channel between the web server and the client, usually a web browser.

The first use of SSL 1.0 was way back in 1995 by Netscape, and SSL 2.0 and SSL 3.0 quickly followed. SSL is a name that has stuck to the security standard over the last 30 years, but SSL was deprecated around 2015. The security standard has been replaced by TLS (Transport Layer Security).

SSL/TLS is used to transmit encrypted data such as credit card numbers, bank account details, healthcare data, or social security numbers. Cipher Suites are used to authenticate with the client, and an SSL certificate enables the handshake to allow this to happen.

TLS is the successor to SSL, but the latest versions of TLS, versions TLS1.2 and TLS1.3, are significantly more secure than SSL. At the end of the day, both SSL and TLS do the same job; they encrypt traffic between a source and a destination.

To get technical for a moment, in SSL, the message digest is used to create a master secret, providing the basic security services which are authentication and confidentiality. However, with TLS, a pseudo-random function is used to create a master secret. Essentially, they both do the same job, but they go about it a different way.

A virtual private network (VPN) is a secure, private and encrypted network connection between two endpoints. A secured VPN tunnel is created peer-to-peer to encapsulate all network traffic, even if used over the public internet.

The technology is widely used by home workers to create a private network connection between you and a workplace computer network over a home internet connection. It enables the user to access workplace resources and use your computer as if you were sitting at your office desk.

There is no predefined way to connect to a VPN. Customers often ask the proper way to connect to a VPN. The answer will vary depending on your situation. There are two common VPN solutions used by our clients; these are site-to-site VPN (sometimes called peer-to-peer or point-to-point) and remote access (or user-based) VPNs.

If you have worked from home during the Covid-19 pandemic, you are likely connected to your work network through a remote access VPN. A secured tunnel is created between your home and the endpoint, probably a server in your office building or on one of their cloud nodes. These VPNs can be software-based or hardware-based.

Alternatively, site-to-site VPNs are used to connect geographically disparate networks; for example, they might be used to connect Office A in Florida to Office B in New York. Sometimes both VPN technologies are used, you may use remote access VPN to connect to a gateway server, perhaps an OpenVPN Cloud server hosted in Atlantic.Net. Another site-to-site VPN connects Atlantic.Net to your Head Office.

First, do not worry, this is perfectly normal if your VPN provider has denied access to the public internet. When you are connected to a VPN, your computer registers with the VPN network and authentication of network addresses takes place inside the VPN network.

There are three ways to fix this issue:

1. Try connecting to your website’s Private IP Address, or ensure DNS is configured correctly to point at the Internal, Private IP
2. Disconnect from the VPN to access the website
3. Enable split VPN tunneling; this will allow your local machine to look to the public internet for websites and also look inside the VPN network for corporate resources

WHM and cPanel are part of the same product. WHM is the reseller’s control panel, which is the owner of the server. cPanel is the control panel used by customers/end users.

The real benefit of having a VPN user for your SEO office is to create a private connection between you and your SEO provider. This is something that you may want to consider if you use an overseas SEO provider, or if the SEO team needs to research the local market. It may also be a requirement for compliance. If your website is behind a firewall and you have security concerns, you don’t want, for example, /wp-admin/ exposed to the world.

So you need a new SSL? No problem, Atlantic.Net can get this sorted for you. Here is the process to request a new SSL:

• The customer must notify Atlantic.Net that they need a new SSL. A request can be made to our Sales team who will provide a brochure on what SSLs are available, including the benefits, perks, and the cost of each.
• Once a selection has been made, the new order is set to billing to complete the purchase of the SSL. The customer can decide if they would like Atlantic.Net to perform the install for a small fee or if they would like to install the SSL themselves.
• The SSL is then ordered from our SSL providers.
• The Atlantic.Net support team generates a Certificate Signing Request (CSR) with identification info relating to the customer. If the certificate is a renewal, a CSR is not necessary.
• The CSR is submitted to the Registrar with an admin contact email (typically [email protected] or [email protected]).
• Depending on the level of SSL purchased, validation can take from a few hours to a few days.
• Once approved, the Registrar will send the approval letter to the supplied email with links of how to download their SSL or provide the Certificate code in their email.
• The customer can then provide this to Atlantic.Net if they have opted for Atlantic.Net to install the SSL for them.

Get in touch with Atlantic.Net today! If you’re an existing client, reach out to [email protected] and we can assist you. If you need help setting up a new VPN or SSL certificate and are interested in dedicated hosting or VPS hosting, contact [email protected] for more information about how Atlantic.Net can help.