History of IPSec, SSL VPN products: How will the market change?

Today's SSL VPNs address a single problem: secure remote access. Will that be enough to sustain the vendors in this market? History offers some clues.

This article can also be found in the Premium Editorial Download: Information Security magazine: IPSec vs. SSL VPNs: Which cures your remote access ills?:

Today's SSL VPN products address a single problem: secure remote access. Is that going to be enough to sustain the vendors in this market?

Also see

Read Lisa Phifer's cover story: Tunnel vision: Choosing a VPN -- SSL VPN vs. IPSec VPN

History suggests that IT departments have love-hate relationships with "point" products. They love the convenience of self-contained operating systems and applications. Moreover, they don't have to be bothered hardening appliances. However, a complex layered security architecture that incorporates many point products is difficult to administer. Each product has its own policy model, user interface, log records and audit data. So, IT staffs want to consolidate functions into fewer devices that can be supervised from (ideally) one global management system.

The marriage of IPSec VPNs and firewalls is an example of such consolidation. Will SSL VPNs follow suit?

 

The history of IPSec VPN gateways illustrates how functional consolidation can take many forms. Joel Snyder of Opus One, an IT consulting and Internet services firm, classifies IPSec-capable devices as "Big VPN, Little Firewall" or "Big Firewall, Little VPN." NetScreen Technologies entered the market as an IPSec product (Big VPN), then evolved into a VPN firewall. Big firewall companies like Check Point Software Technologies complemented existing firewall products by adding IPSec. Cisco Systems added both features to its routers and switches.

Big customers can drive this trend. Fortune 1000 IT staff often influence vendors to incorporate point products into "entrenched" network and security products--firewalls, routers and switches. If there is one axiom in network technology, it's that incumbents will enhance, build or acquire technology demanded by large accounts to maintain market position. Fledging IPSec vendors that couldn't morph products into more than point products were acquired or expired, and all the major network and security vendors either enhanced existing products or acquired an IPSec company.

Today's green field SSL VPN market will likely contract in a similar fashion. Consider factors like market capitalization, history, strategic partnerships and complementary product offerings. Is your SSL VPN vendor a one-act play, or do they partner with your favorite firewall vendor (one possible sign of eventual integration)? Will firewall vendors such as Check Point and Nokia offer truly integrated IPSec/SSL/firewall products, or will they just cover all the bases by selling independent SSL and IPSec VPN products? 

Lisa Phifer is vice president with Core Competence, a consulting firm specializing in network security and management technology.
 

This was first published in August 2003

Dig deeper on SSL and TLS VPN Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close