Tunneling, or port forwarding, is a way to forward otherwise insecure TCP traffic through encrypted SSH Secure Shell tunnel. You can secure for example DATABASE, POP3, SMTP and HTTP connections that would otherwise be insecure.
The tunneling capability of SSH Secure Shell is a feature that allows, for example, company employees to access their email, company intraweb pages and shared files securely by even when working from home or on the road.
Tunneling makes it possible to access email from any type of Internet service (whether accessed via modem, a DSL line or a cable connection, or a hotel Internet service). As long as the user has an IP connection to the Internet she can get her mail and access other resources from anywhere in the world securely.
This often is not the case with more traditional IPSec based VPN technologies because of issues with traversing networks that are implementing Network Address Translation (NAT) - this is especially the case in hotels. NAT breaks an IPSec connection unless special protocols such as NAT-Traversal are implemented on the client and gateway. The client-server applications using the tunnel will carry out their own authentication procedures, if any, the same way they would without the encrypted tunnel.