- Insider threat looms large in San Francisco
- Woman fired over death threat
- IT admin pleads not guilty
- Tape storage gets more dense
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
VoIP is often written off as an application that will not work well over an SSL VPN link. To test that argument, we examined 10 SSL VPN products in four network scenarios to see how well VoIP calls were handled by the products' network extension clients.
The news is generally good. In high-bandwidth, low-latency environments, there is virtually no difference in quality between an unencrypted VoIP call and the same call made over an SSL VPN (see chart). Even better news is our discovery that a VoIP call made over SSL VPN on a typical broadband Internet connection is of higher quality than an unencrypted call. The only bad news comes with truly awful network connections: ones with high loss and limited bandwidth. In this environment, neither unencrypted VoIP calls nor SSL VPN-protected calls will be considered acceptable (for example, below a mean opinion score [MOS] of 3).
Except for Fortinet's Fortigate appliance, the vendors included in this test are the same as those that were tested for our blow-out SSL VPN test conducted last December. AEP Networks' Netilla Security Platform, Array Networks, SPX-5000, Aventail's Smart SSL VPN, Caymas Systems' Caymas 525, Check Point's Connectra, F5's FirePass 4100, Juniper Networks' Secure Access 6000, Nokia's Secure Access System 500, Nortel's VPN Gateway 3070 and SonicWall's SSL-VPN 2000.
While our results do show some differences between products, small variations in the MOS should not be considered significant. What is more important, our testing demonstrates that SSL VPN and VoIP work together well over broadband networks, even in the face of some network loss and congestion. We also found that datagram-based SSL VPN techniques, such as those used by Nortel and Juniper (both optionally), do not appear to offer any real advantage for VoIP traffic and may give poorer results than TCP-based SSL VPN from the same vendors.
To test VoIP over SSL VPN, we used a product from GL Communications that measured the quality of voice calls using standardized testing procedures. To see how VoIP would behave in the real world of broadband ISPs, we used a Shunra Virtual Enterprise to inject latency, loss and other impairments, based on our measurements of broadband IP service at wireless hot spots, hotels and other temporary locations around the world. (see "How we did it" ). We used common "soft-phone" Session Initiation Protocol software on the SSL VPN client side, with a SIP "hard phone" inside the SSL VPN server.
Intel...I guarantee you will never ever see a customer using Wimax the way it was laid out by Intel 6...- Anonymous
Partner Content
The Foundry Enterprise Advantage
Foundry Networks, Inc. (NASDAQ: FDRY) is a leading provider of high-performance enterprise and service provider switching, routing, security and Web traffic management solutions. Foundry's customers include the world's premier ISPs, metro service providers, and enterprises.
For further information on Foundry Networks please click here.
Leveraging the Advantages
of a Multi-vendor Network Strategy
Today's enterprise network provides more than simply a technology infrastructure. It's an enabler for the enterprise, supporting mission critical applications, creating operational efficiencies and increasing productivity gains. Foundry Networks provides the ideal foundation for a multi-vendor network.
Click here to view whitepaper!
Comments (3)
Commercial SSL based VPN service for VOIP appliactionsBy Anonymous on May 18, 2008, 3:59 amhttp://www.vpn4voip.com - VPN for VOIP is a low cost SSL based VPN service specially designed for VOIP applications. It helps to bypass ISP blocking on VOIP calls...
Reply | Read entire comment
I too found a differenceBy Anonymous on December 29, 2007, 2:59 pmThank you for the great article. I too found that when I got my VPN account (http://www.strongvpn.com) I was able to get a better VOIP connection!
Reply | Read entire comment
Test shows VoIP call quality can improve with SSL VPN linksBy Anonymous on February 16, 2007, 11:49 amGreat report on a very popular VPN issue. thanks!
Reply | Read entire comment
View all comments