How come Microsoft doesn't have a SSL-based VPN solution? Well... we do!
This was a surprise to me, so I have to imagine that it is new news to a lot of you as well. With Windows Server 2008 and Windows Vista SP1, you now have the ability to set up a VPN using RRAS (Routing and Remote Access) to use port 443 (HTTPS - or SSL) as the transport. It's a "firewall friendly" kind of VPN.
I found a good screencast all about how to set it up.
Here also is the Step-By-Step guide for doing it yourself:
Deploying SSTP Remote Access Step by Step Guide.doc (document download)
Step-by-Step Guide: Deploying SSTP Remote Access (Windows Server Technical Library)