Cisco has long history with VPNs

In 1999, Network World tested a dozen VPNs, with a product from Altiga Networks coming in tied for second place. Our main complaint was the lack of split-tunneling capability, a feature that was quickly added.

In 2000: Cisco acquired Compatible Systems and Altiga Networks. The Compatible product, which became the Cisco VPN 5000 Series concentrator, was killed off in 2002.

Cisco tackles mobile security

But the VPN 3000 Series from Altiga, was an unqualified success. It was easy for end-users to work with, supported Windows and Macintosh platforms, and was powerful enough to serve most enterprise remote access needs. With a range of products from low to high-end, the VPN 3000 series became the standard for enterprise remote access.

Of the 12 remote-access products we tested in 1999, only two remain on the market: Check Point and Cisco. When we re-tested VPN client software in 2003, Cisco again came out on-top of a field of 10 players.

Cisco's domination of the VPN market was so complete that competitors were forced to create a whole new category, SSL VPN, to even think about going up against the VPN 3000 series. The SSL VPN attack has broadened the market for enterprise network managers slightly, with Juniper, F5, and SonicWall as credible alternatives.

But Cisco hit a serious snag in 2005 when it released the ASA 5500 series security appliance, an attempt to merge their successful PIX firewall product line, (cancelled in 2008) with an even more successful VPN 3000 series (cancelled in 2007).

At the same time, Cisco started to merge its many end-point VPN and security tools. The idea was to fold features from its Host Intrusion Prevention, Desktop Security, 802.1X supplicant, SSL VPN and NAC product lines into a single unified client, the AnyConnect VPN Client (also called AnyConnect Secure Mobility Client).

The hitch for longtime Cisco customers was that Cisco ended support for its PIX and VPN 3000 series products, as the new client doesn't support the older hardware.

The chaos surrounding the ASA 5500 increased when 64-bit Vista hit the streets, an operating system that Cisco wouldn't be able to fully support until 2010. So, customers who wanted to simply keep doing basic VPN remote access were forced to replace old — but working — VPN 3000 concentrators with newer ASAs in order to handle end-user operating system upgrades.

While this was necessary from Cisco's point of view to integrate a half-dozen overlapping acquisitions, it remains to be seen whether Cisco customers will forgive them and keep the Cisco VPN solution at the very top of enterprise short lists.

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies