SSL/TLS vs SSL/TLS-VPN

Solution 1:

SSL and its successor TLS is just a generic security layer for other protocols; you could say "the pure technology". But it is not a VPN by itself – HTTP and VPN are two distinct applications of TLS.

• HTTPS is HTTP secured using TLS.
• SMTPS is SMTP – a mail transfer protocol – secured using TLS.
• FTPS is FTP secured using TLS.
• OpenConnect and SSTP are VPN protocols secured using TLS.

And so on.

Solution 2:

The two uses are very similar but the very large difference is what traffic is actually sent securely. TLS is a point-to-point communication encryption mechanism, and can be used in a variety of applications for securing traffic (HTTPS, SMTPS, POP3S, and so on).

A TLS-based VPN is another such usage that allows for otherwise non-encrypted traffic to travel down an encrypted path. The main application is to secure traffic between a remote site and a local resource, such as a company intranet.

The VPN can be configured to only route (secure) traffic destined for the remote site down the VPN, or the remote site can act as a gateway for the local workstation and thus encrypting all traffic between that workstation and the VPN router.

Like other VPN technologies, a TLS-based VPN will encapsulate the underlying data into TLS-encrypted packets. This means that for instance you can have TLS-encrypted VPN packets which are in turn TLS-encrypted HTTP packets-- this is because the VPN acts a lower level in the OSI model stack.

If you are still unclear on the difference, do some further reading on the purpose and implementation of a VPN (generic, doesn't matter if it's TLS or PPTP or L2TP): VPN.