I read about it , but then I also read about webvpn , can you just explain that what is difference between both : webvpn and openvpn. Is openvpn is safe enough for it, as internal networks resources are very important in this case and Security is a big concern. – abhijeet – 2014-06-10T17:44:08.060

In VPN-land there is a lot of confusing terminology and you usually have to get to the docs to find out what it's really about. 95% of the cases WebVPN refers to doing something through your browser, either directly interacting with resources on your internal network through a portal or using a 'java applet'-like lightweight client, often with restrictions on usability. The OpenVPN product is about connecting computers to remote networks on the IP level. This allows your computer to act like it is on the network it's connected to. If you want your companies' employees to connect, use OpenVPN. – mtak – 2014-06-10T17:48:22.640

We have created a java based webportal which is accessible to our internal network only, by which user can access cluster resources easily , but we want to give access of portal to some specific friend organisation , so they can also access portal and user those resources as they are in our internal network. – abhijeet – 2014-06-10T17:52:15.977

If you only want to expose the portal it might be better to use a reverse proxy with authentication or mutual SSL. This will allow internet users with the right credentials to be 'forwarded' to your application. – mtak – 2014-06-10T17:55:51.890

Sorry , I don't know about reverse proxy or authentication , can you provide some link or explain in brief, and one thing that will it be secure enough , as cluster's security can't be compromised at any cost. – abhijeet – 2014-06-10T17:58:51.103

First hit on Google for 'reverse proxy' gives you a good outline of what a reverse proxy does. If the cluster can't be compromised at any cost you should disconnect your network from the internet and let the 'friendly company' physically come in. If you are talking about 'acceptable risks', please update your original question with a request for a reverse proxy and state if you have a Linux or Windows server available. – mtak – 2014-06-10T18:06:50.400

I got your point, yeah i am talking about 'acceptable risks'. – abhijeet – 2014-06-10T18:38:31.727

i just want to know that in my scenario which option will be more secure to get required functionality 1- open vpn 2- web vpn 3- Reverse proxy. I am new to networking, don't have deep understanding of security and networking . – abhijeet – 2014-06-10T18:47:08.643

All options will be secured using SSL/TLS, which has some pretty good ciphers depending on client implementation. If you start looking at side-channel attacks I think it's best to go for a reverse proxyas WebVPN products aren't as mature as webservers. OpenVPN seems to steer clear of major security issues as well. If you want to give them access to only this application, go reverse proxy. – mtak – 2014-06-10T18:50:03.840

Let us continue this discussion in chat.

Explaining scenario on brief : We have created a webportal which is accessible to our internal network only, by which user can access cluster resources easily , but we want to give access of portal to some specific friend organisation , so they can also access portal and user those resources as they are in our internal network. – abhijeet – 2014-06-10T17:47:24.347