The nascent market for secure sockets layer-based
vendors, according to a new report from research firm Meta Group.
The growth Meta Group’s report said a shift toward “We expect the larger incumbents from the networking and security markets to The promise of SSL-based VPN includes lower costs and easy Web IP security But according to Meta Group’s Bouchard, IPsec deployments will be impacted by the growth of SSL VPN systems, though it won’t cause them to disappear. “SSL VPN will certainly put a significant dent in the IPSec market, in Bouchard said he expects to see SSL VPNs evolve toward improving accessibility to applications without the need to implement a full network connection. SSL VPN companies positioned for the trend are Juniper and F5 from the public company side and privately held Aventail and Whale Communications, Bouchard said. “However, other major networking and security vendors are coming on strong and will be significant forces as well within the next 12-18 months (including Check Point, Nokia, and Nortel).” Juniper Networks Stats from Infonetics Research released late last month forecast Beyond the hardware vendors, the growth of SSL VPN’s may also be a boon to “SSL VPNs are taking off for all the reasons Meta mentions,” said John Adams, executive vice president of engineering and operations at SSL certification vendor GeoTrust. “It is Current SSL certification market leader VeriSign “The market for SSL-based VPNs, overall, is still small but it is a fast
of the SSL VPN
SSL certification industry as well.
presence-oriented criteria will make it tough for smaller vendors to maintain differentiation with their offerings over the next 18 months.
continue making significant headway, which will come at the expense of many
of the smaller, independent players,” said Mark Bouchard, senior program
director at META Group. “To some extent, we are already
seeing signs of this transition occurring, with some organizations opting to
hold off on investments until their favorite or incumbent
networking/security vendor can provide a more capable SSL VPN solution.”
based browser access to a corporate network. SSL is already widely used as a security standard for a broad array of Internet applications, notably financial transactions such as e-commerce and online banking.
variety of reasons, such as its perceived greater degree of security and manageability.
particular for remote access implementations. Where IPSec is used for
connecting branch offices and such, it should not be significantly
impacted,” Bouchard told internetnews.com. “Thus, while the availability and maturation of SSL VPN will severely limit use for IPSec in one case, it will
not cause its complete demise.”
“With the onset of widespread adoption and large-scale deployments during
the next two years, the critical requirements will become scalable
management functions and greater system performance/capacity,” Bouchard
said. “As with most other security solutions, vendors that best balance
security effectiveness, performance, and manageability — and in this case,
accessibility to applications as well — will be positioned to dominate the
market.” and Cisco Systems
have started to position themselves in the SSL VPN space. Juniper recently unveiled its new SMB focused NetScreen Remote Access 500 SSL VPN offering and backed it up a few weeks later with a new intiative to improve the security of its SSL VPN
offering. Cisco acquired SSL VPN technology vendor Twingo in March.
worldwide SSL VPN revenue to grow by 92 percent by the second quarter of 2005, with an exponential 467 percent increase in annual revenue. According to Infonetics, SSL VPNs only represent 4 percent of the worldwide
revenue for the VPN and firewall market, though that number is expected to
grow to 13 percent by 2007.
the SSL certification industry.
pretty clear to me at this point that SSL is a general purpose protocol that is being used for much more than credit card transactions.” also sees potential in the emerging SSL VPN marketplace.
growing area for remote access,” Brendan Lewis, VeriSign spokesman, told internetnews.com. “Clearly, any SSL VPN gateway needs a certificate. So we expect this to fuel
the demand and growth of our certificate business as well.”