SSL ousting IPSec for remote access

Remote access IPSec VPNs are no longer on the radar screen of companies that seek the advice of consultants at Gartner, according to a new report.

“Gartner clients no longer ask about new IPSec remote-access installations or expanding legacy IPSec remote access,” according to the report, Magic Quadrant for SSL VPN, North America, 3Q05.

Some Gartner clients have ceased to provision new IPSec remote-access accounts, and others have replaced IPSec with SSL (secure sockets layer), citing the benefits of easier administrative provisioning of user accounts and a simpler user experience with VPN (virtual private network) sessions, the report said.

Businesses are interested in SSL VPNs, which can be accessed via browsers, making them more flexible than IPSec, which requires separate client software on remote machines.

“SSL VPNs have superseded IPSec as the easiest choice for casual and ad hoc employee VPN access requests and also for business partners, external maintenance providers and retired associates,” according to the report.

The study predicts that by 2008, SSL VPNs will be the primary remote access method for most businesses. Sales of SSL VPN gear were up 26 per cent in the first three quarters of 2006.

SSL VPNs are also attractive because with the download of SSL VPN agents, they can duplicate the network-layer access afforded by IPSec VPNs if that is what customers want. Using just a browser on remote machines, SSL VPNs can establish only application-layer connections.

The Gartner report separates a dozen SSL VPN vendors into four categories: Niche players, visionaries, challengers and leaders, which is its highest ranking. Aventail , Citrix Systems , F5 Networks and Juniper all rank as leaders. Synergy Research Group recently cited this same group as selling the most SSL VPN equipment through the first three quarters of 2006.

In ranking vendors, Gartner plots their names on a graph; the X axis indicates ability to execute on plans, and the Y axis designates completeness of vision. If a company ranks low in both areas, it is designated a niche player. If it is strong on execution but weak on vision, it is a challenger. If it is weak on execution but strong on vision, it is a visionary. If it is strong on both execution and vision, it is a leader.

Citrix and F5 are new to the leader category, apparently having convinced Gartner they are better able to execute than they were when Gartner wrote its SSL report a year ago, in which the companies were ranked as visionaries.

Cisco and Microsoft both landed in the visionary category, as did Check Point, PortWise and Caymas Systems.


Related Download
Virtualization: For Victory Over IT Complexity Sponsor: HPE
Virtualization: For Victory Over IT Complexity
Download this white paper to learn how to effectively deploy virtualization and create your own high-performance infrastructures
Register Now