• United States
Executive Editor

Choose your SSL vendor wisely, says Meta

Sep 28, 20042 mins

* Meta Group says your SSL vendor may not be around in a year or two

A study by Meta Group of remote access Secure Sockets Layer gateways raises the point that this entire technology area is still in the shake-down phase and that customers should consider that the vendor they choose might not be around in a year or two.

The report “SSL Virtual Private Networks” notes that as time goes by the differences among the top vendors will become less and less to the point that customers may opt for buying from the same vendor they buy other gear from rather than shop around among SSL specialists.

The report says that Meta sees some customers “opting to hold off on their investment until their favorite/incumbent networking or security behemoth can provide a more capable SSL VPN solution.”

This indicates that SSL is not critical to these organizations, since they apparently can afford to wait. And depending on how many potential users are willing to wait for their current vendors, that can be bad news for the new vendors dealing solely in SSL remote access.

Consolidation comes in all technology areas, as was shown by IPSec VPNs. At one point, more than 50 vendors sold VPN gear. Some were bought by networking companies, some folded and a few survived on their own. The same thing will happen with SSL remote access gear. There have already been acquisitions and failures. Part of the evaluation process should be how well is the vendor doing and whether they can support their equipment long-term.

The study evaluated a dozen SSL remote access vendors and named four as leaders: Aventail, F5, Juniper and Whale. Aventail and Whale focus on SSL remote access. Juniper and F5 have broader product ranges, but both bought SSL specialists: Juniper acquired NetScreen (which had previously bought Neoteris) and F5 purchased uRoam. Meta cites the four as leaders because their gear allow access to broad ranges of applications and are also noteworthy for at least one of the following: security, manageability and performance.