Making way for the new VPN
Secure Sockets Layer's arrival on the VPN scene has IP Security-based VPN vendors rethinking their product portfolios.
By Bob Violino
,
Network World
, 12/23/2002
- Share/Email
- Tweet This
- Print
VPNs based on the IP Security protocol have held a grip on the market, but an alternative using Secure Sockets Layer is steadily gaining ground.
Few people familiar with network security consider SSL a wholesale replacement for IPSec as a VPN protocol. But SSL proponents say that protocol is less-expensive and easier to
deploy when workers need remote access to Web applications such as e-mail and corporate intranets. And now, traditional IPSec
VPN vendors are scrambling to add SSL to their product mixes to meet demand.
Browser-based SSL VPN products differ from IPSec VPN wares in that they do not require companies to install VPN client software
on remote devices. Users who can authenticate to a company's network can make a secure connection from any laptop or desktop
PC with a browser. That's because SSL firewall ports generally are kept open, so firewalls need not be reconfigured to provide
access.
With IPSec VPNs, each remote device must run client software, which must be updated as necessary. Also, firewalls and the
IPSec devices must be configured in tandem to allow network access.
SSL in the market
Market researchers predict that worldwide sales of SSL-based VPN gear will increase during the next several years. Infonetics
Research expects market growth from about $56 million this year to an estimated $840 million by 2005. However, the firm says,
IPSec products will continue to make up a huge share of the VPN market. Infonetics pegs sales of IPSec VPN and firewall hardware
at $1.5 billion this year and $2.5 billion in 2005.
"SSL will address all those [remote workers] who don't really need access to many applications. It's a simple way to give
them access to things like e-mail and benefits and payroll information. Those users who need access to a broad range of applications
that are not all Web-based will require IPSec clients," says Jeff Wilson, executive director of Infonetics.

But the proliferation of Web-based applications - and the growing need for remote access - has turned SSL into a hot topic
- a necessary development for traditional IPSec VPN vendors.
Check Point Software, which unveiled an SSL-based or "clientless" VPN in July, says SSL is ideal for companies that need to
exchange data with business partners via extranets but don't want to install VPN clients. IPSec VPN vendors such as Nortel
and SonicWall agree. Nortel introduced the Alteon SSL appliance in September; SonicWall began offering SSL products when it
acquired Phobos two years ago. In the meantime, NetScreen Technologies says it's evaluating an SSL offering through possible
partnerships.
Other IPSec VPN proponents, such as Symantec, still are evaluating how to fit SSL into their product lines. The holdup in
part stems from these vendors having more or less viewed SSL as a competing technology. But as demand grows for clientless
VPN connections, logic dictates that vendors add SSL-based products to their lineups.
Comments (1)
HananeBy Anonymous on June 26, 2009, 9:44 pmhttp://download.cnet.com/Freegate/3000-2085_4-10415391.html
Reply | Read entire comment
View all comments