Citrix buys into better SSL VPN support

Looking to provide customers with more secure remote access to corporate resources and possibly catapult it to the top echelon of SSL VPN vendors, Citrix Systems Inc. recently announced it would buy SSL VPN vendor Net6 Inc.

The US$50 million purchase should help the company attract new customers who are interested in remote access in general and in supporting IP voice and conferencing over the same infrastructure.

The deal ought to put the vendor among first-tier SSL VPN vendors such as Aventail Corp., Juniper Networks Inc., Nortel Networks Corp. and Cisco Systems Inc., says Robert Whiteley, an analyst with Forrester Research Inc. “Net6 is a small start-up with a capable product. With Citrix’s (well-known) name, it can be the big brother that gets Net6 into big accounts.”

Citrix is best known for its MetaFrame software environment but has recast itself as a company that can connect voice or data traffic from any type of device — PC, handheld or wireless phone. Net6 products can help it along that road.

The Net6 Hybrid-VPN HVPN Gateway is an appliance that sits between corporate networks and the Internet, terminating SSL sessions with remote machines and proxying to servers behind corporate firewalls. In this it is like other SSL VPN gear. Unlike other SSL VPN gear, it intercepts traffic at Layer 2 and tunnels it over SSL, giving the remote user full access to client-server applications. This means that as applications and protocols are updated and changed, HVPN can handle them without requiring upgrades to HVPN itself, Net6 says.

The box also can perform remote control, letting remote users take control of their desktop PC back at corporate headquarters from a laptop in a hotel room, for example. It supports collaboration by letting users invite other users logged on to the same HVPN machine to work simultaneously on the same document. The company also plans to link IP voice sessions, letting HVPN act as a voice-conferencing platform or a form of PBX to switch phone calls among corporate users. Citrix says it will sell the Net6 products separately at first and work on integration over time.

Citrix already has an SSL VPN product, MetaFrame Secure Access Manager (MSAM), but it was designed for large corporations that are heavy MetaFrame users, says John Girard, vice president of Gartner. By adding an SSL VPN appliance that midsize and small companies can afford and manage, Citrix can more readily attract users outside its current customer set, Girard says.

Another drawback of MSAM is that it is software that runs only on Windows platforms, putting it at odds with businesses that have security policies forbidding placement of Windows servers between corporate firewalls in so-called DMZs and exposed to the Internet traffic, says Brian Madden, an independent technology analyst who follows Citrix.

Integration with Citrix products will bring new features to HVPN, says Tony Marzulli, senior vice-president of product and demand marketing for Citrix. The company is developing software that can check the configuration of a remote device trying to access the network and based on what it finds, grant more or less access, he says. It also will support a virtual desktop that prevents the content of remote sessions from being stored on the hard drive of the remote machine.

But Citrix has some work to do. Both configuration checking and virtual desktops are features already offered by other SSL VPN vendors including Aventail, Juniper and Netilla.

Citrix expects to close the deal for Net6 by year-end.

Related Download
CanadianCIO Census 2016 Mapping Out the Innovation Agenda Sponsor: Cogeco Peer 1
CanadianCIO Census 2016 Mapping Out the Innovation Agenda
The CanadianCIO 2016 census will help you answer those questions and more. Based on detailed survey results from more than 100 senior technology leaders, the new report offers insights on issues ranging from stature and spend to challenges and the opportunities ahead.
Register Now