Issue dated - 26th January 2004

-

Previous Issues
CURRENT ISSUE
INDIA NEWS
OPINION
COLUMNS
TECH FORUM

THE C# COLUMN
BETWEEN THE BYTES
TECHNOLOGY
SPECIALS <NEW>
Symantec Report
Security Headquarters
JobsDB
MINDPRINTS
HMA BANKBIZ
EC SERVICES
ARCHIVES/SEARCH
IT APPOINTMENTS
Openings At Jobstreet.com
WRITE TO US
SUBSCRIBE/RENEW
CUSTOMER SERVICE
ADVERTISE
ABOUT US
 Network Sites
  IT People
  Network Magazine
  Business Traveller
  Exp. Hotelier & Caterer
  Exp. Travel & Tourism
  Exp. Pharma Pulse
  Exp. Healthcare Mgmt.
  Express Textile
 Group Sites
  ExpressIndia
  Indian Express
  Financial Express

 
Front Page > SecureSpace > Story Print this Page|  Email this page

SSL-VPNs will dominate

Danny Lim

The SSL-VPN market looks set to shift into overdrive mode this year. Infonetics Research estimated that the market for SSL-VPNs will climb from $88 million in 2003 to over $200 million in 2004, and cross the $600 million mark by 2006.

Frost & Sullivan also foresees the Asia-Pacific SSL-VPN market ballooning from $5.4 million in 2003 to $18.8 million in 2004. And the Meta Group has said that 80 percent of all remote access will use SSL-VPNs by 2006.

Gary Lau, RSA Security’s technical consultant for North Asia, attributed SSL-VPN’s rising popularity to modern users’ need to move around freely on different desktops and networks.

“Unlike an IPSec-VPN, there is no need to configure clients differently depending on the environment and networks used. One also does not need multiple-configurations for users who access corporate networks from different places,” he said.

Jeff Laubhan, Rainbow Technologies’ senior product marketing manager for the Instant Private Web Solutions group, forecasts that SSL-VPNs will be especially popular for applications where companies have limited control of the desktop. For instance, employees using home computers to access corporate information, consultants needing to access information from client sites and partners, and distributors accessing vendor extranets, said Laubhan.

Michael Ang, Aventail’s vice president for the Asia-Pacific, expects that countries in which broadband and wireless technologies are being deployed extensively—such as Australia, Korea, Japan and Singapore—will be the first to adopt SSL-VPN systems.

Role of IPSec-VPN

However, the market will still need IPSec-VPN technologies, which are widely seen as a complementary solution to the former.

“Enterprises will deploy both IPSec and SSL-VPNs depending on the required access and security levels. They will use IPSec-VPNs for secure access and SSL-VPNs for universal access (with low security),” said Sam Tew, technical manager, Check Point Software Technologies.

IPSec-VPNs are also superior to SSL-VPNs for some purposes. One key implementation is in site-to-site connections.

“Once a user has been authenticated, the [IPSec-VPN] system offers better and more flexible ways (including centralised policies) of authorising what data, files and functions the user is able to use. It also includes multiple levels of groupings and inheritance,” said Leigh Costin, Symantec’s group product manager for the Asia-Pacific .

Christian Hentschel, Cisco’s director of Advanced Technologies, Asia-Pacific, expects companies to favour IPSec-VPNs for employees who access the network via corporate laptops. SSL-VPNs will be used more often to connect users of non-corporate owned PCs, he said.

VPN requirements

Jeff Ratzlaff, Asia-Pacific marketing director, Nokia Enterprise Solutions, believes that both SSL-based VPNs and IPSec-based VPNs will need to support an increasing number of enterprise applications and access terminals.

It will also be critical that both VPNs are able to support large-scale global deployments of cost-effective solutions for different industries and regions, he said.

Rainbow’s Laubhan expects the biggest challenge for remote access to be the authentication of users.

“Although both technologies are moving to combat rogue machines, the need for authentication is even larger than before. PDAs, public kiosks and shared computers are becoming more prevalent. Providing user identities and managing their access is critical,” he said.

Growing capabilities

Aventail’s Ang highlighted three main capabilities in SSL-VPNs to watch out for in 2004:

* Broader application and platform support. SSL-VPNs will begin to support a new class of applications—voice, video, real-time collaboration, and conferencing. They will also provide broader platform support for PDAs such as Windows Mobile and Palm, as well as for mobile phones running on the Symbian, Java, and Microsoft platforms.

* End-point security. SSL-VPN vendors will develop or establish technology partnerships to integrate key management capabilities for personal firewalls in their policy management consoles. Access will be based not only on a user’s identity but also on the environment.

* Scalability and manageability. SSL-VPNs will include accelerated crypto and payload throughput as well as deeper integration with enterprise and service provider management frameworks. An object-based policy management solution to manage a wide variety of users and applications in increasing numbers and complexity is critical to ensure that the investment in SSL-VPNs lasts longer with lesser administration costs.

Ang predicts that in the next two to four years, an SSL-VPN secure access gateway will sit at the edge of every organisational network. “These high performance, scalable SSL-VPN gateways will deliver broad support for any application, device, and network. In addition, they will provide end-point security combined with a highly sophisticated policy engine,” he said.

With the wider geographical penetration of SSL-VPNs, Nokia’s Ratzlaff expects appliances to be able to support multiple languages.

On the IPSec-VPN front, Ratzlaff said there will be more applications and services for IPSec-VPNs to take advantage of secure VPN tunnels, to increase productivity and simplify the deployment of new services.

Convergence ahead

Ultimately, the future of VPNs will be shaped by the merging of platforms for these two technologies, said Symantec’s Costin. This means the two solutions will be offered with very similar capabilities, which is particularly important where user authentication is concerned.

“A network-connected user will be able to use whichever technology suits his needs, almost by choice. Network administrators will also be able to dictate resources across the entire corporate network, which is accessible to any user, customer, partner, or external user easily and securely,” Costin said.

Many organisations will also look to boxes that support all of their remote access connectivity needs without the need to maintain parallel infrastructure, said Cisco’s Hentschel.

“Down the road, expect to see additional security supported by more Web browsers (based on the Advanced Encryption Standard), and as wireless WAN connectivity becomes faster and more readily available, increased use of additional devices to connect to the network,” he said.

This article first appeared in Asia Computer Weekly
<Back to top>


© Copyright 2003: Indian Express Group (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in
Mumbai by The Business Publications Division of the Indian Express Group of Newspapers.
Please contact our Webmaster for any queries on this site.