Docstoc

State of the SSL VPN Market

Document Sample
State of the SSL VPN Market Powered By Docstoc
					      GARTNER TELECONFERENCE




      State of the SSL VPN Market


                                                                                   John Girard
                                                                             February 28, 2007



These materials can be reproduced only with Gartner's official approval.
Such approvals may be requested via e-mail — vendor.relations@gartner.com.
Finding the “P” in VPN
                                                 Private
  SLAs
                             Logical            Anywhere
                                         SSL
  QOS
            MPLS                         SSH
                                        IPsec
     Frame Relay X.25
         ATM

Exclusive                    Internet     Encrypted
                PSTN



  Private
   Line         Very
               Private       Physical
            Very Expensive
SSL VPN Market Definition & Benefits

 Encrypted access to applications and/or networks
 Encryption stays on continuously and supports high
 throughput
 Client software is optional, enrollment is fast
 Security and NAC can be performed ad hoc and on
 demand
 Menu-driven proxy is included in all products
 Access can be filtered by rules and roles
 Instabilities of other VPNs are resolved
                          2
 Market trends – reasons for purchase (not
 market share)

VPN Investment                           Importance in VPN inquiries
SSL Disaster/Biz Continuity Access       HIGH
SSL/Portal Contractor Access             Low-Medium, increasing
SSL Alternative VPN                      Medium

SSL Complete IPSec replacement           Low-Medium

SSL Site to Site                         Niche specialization

IPSec Long Term Remote Access            Low-Medium

IPSec Site to Site                       Medium
Specialized Mobile VPNs                  Niche specialization

                                     3
Barriers to Implementations

  Potential data           SSL encourages more
  Leakage                  users than ever before
                           to demand access

  Authentication           Users continue to resist
  Challenges               proof of identity tools

  End Point Security       Java/ActiveX portability
  Complications            problems slow use of
                           on-demand security

  Cost                     The price per session is
                           higher than IPSec

                       4
 How Should SSL VPNs Be Implemented?
                       LAN                          Secure
 External            resource           Alternate FTP/Telnet
mandate for           access              VPN
   AES                                               Shell      Critical WAN
               Frequent or   Occasional           commands      optimization
               continuous    or frequent


          AES          IPsec          SSL        SSH      Proprietary
         remote       remote        remote      remote      mobile
         access       access        access      access


              Online and       Always                     Vendor lock-in
                offline        online      Disaster       considered OK
                                           access
                                                             High-
                                   Non-company           performance
                   Workstyle         systems             vertical apps
Decision Criteria for Selecting Vendors

 Existing contracts with vendor (leverage)?
 Prior experience with vendor?
 Can or will the VPN be outsourced?
 Integration with your other systems?
 Case study references?
 User enrollment process?
 On demand security plan?
 Administration life cycle?
 Emergency and backup access?
 Performance and compatibility test plan?
Magic Quadrant for SSL VPN




                             As of November 2007
Recommendations –
What You Need to Know

 One type of VPN may not fit all needs.
 If your legacy VPN is not broken, don’t break it. But don’t
 force it into wireless/mobile settings where it is not the best
 solution.
 Don’t provide more VPN access than the user requires.
 Advantages of SSL portability, client stability, resource
 access control and administration control can outweigh
 simple comparisons of IPSec costs per port.
 Specialized mobile applications may require specialized
 mobile VPNs – at least for the next investment cycle.

				
DOCUMENT INFO
Shared By:
Tags:
Stats:
views:35
posted:4/29/2011
language:English
pages:9
Description: SSL VPN is to solve remote user access to sensitive corporate data to solve the simplest and most secure technology. Compared with the complex IPSec VPN, SSL-to-use way to implement a simple remote connectivity information. Any browser installed, the machine can use SSL VPN, this is because SSL embedded in the browser, it does not require the same as traditional IPSec VPN client must be installed to each client.