Continuing a stream of activity surrounding newer, simpler security for remote access to corporate networks, Cisco announced it would support Secure Socket Layer (SSL) Virtual Private Network (VPN) technology in its widely used VPN 3000 Series concentrators.
Cisco’s announcement that it will include the clientless VPN capabilities in addition to the traditional IP Security (IPSec) already used in its network components comes on the heels of a similar combined-approach announcement from Nortel.
While the biggest players in networking and IPSec-VPN remote access security might be late in coming to the SSL market, they bring network clout to an emerging technology that has been the realm of startups, most of which either have been bought by larger companies or have folded.
“With Cisco’s dominance in the network space, I think most companies will give them a look,” Yankee Group vice president Zeus Kerravala told TechNewsWorld. “They certainly didn’t miss the market. They just have to have a product when the market is ready.”
Obscurity to Mainstream
The market not only is ready, but the SSL remote access technology has already become mainstream, according to Gartner vice president Richard Stiennon, who told TechNewsWorld that SSL-VPN, a combination of encryption and network management, has risen from flash-in-the-pan technology to an accepted improvement in remote-access security.
SSL-VPN, which Kerravala said is “here to stay,” allows remote access to networks and applications from client devices such as desktops, notebooks and handhelds without the need to install special software or manage each device individually.
Cisco’s SSL-VPN system, dubbed WebVPN, will be integrated with the Cisco VPN 3000 Series Concentrator in version 4.1 and will allow the networking software to support SSL and IPSec concurrently.
While larger security vendors have acquired smaller SSL-VPN providers en masse recently — Symantec bought SafeWeb, NetScreen acquired NeoTerris, F5 purchased uRoam — Nortel and now Cisco have folded their SSL systems into existing offerings.
Kerravala, who called the combined solution “the right approach,” indicated that most corporate clients will use the technology in concert with existing IPSec-VPN technology to bolster security for remote users.
“More people are going to use it to augment their remote access security,” he said, referring to significant legacy investment. “For many companies, it’s important to have both.”
Kerravala added that “the life expectancy of most [SSL-VPN] startups is short.”
Remote Access Extended
IPSec-VPN might continue to serve its role of securing specialized and higher-level employees, but SSL-VPN extends the ability to access corporate networks to a much broader spectrum of workers, Kerravala said.
The analyst added that the key advantage of SSL-VPN is its simplicity, which allows for secure remote access without the need for specialized software.
“IT generally had to touch every machine; this doesn’t require that,” Kerravala said. “You’ve got a way to extend remote access to all of the people in the company.”
Cisco, which will offer the additional capability at no cost to VPN 3000 Series customers beginning in January, said its WebVPN technology will further the San Jose, California-based company’s strategy of “integrating security services and threat defense capabilities throughout Internet Protocol networks.”
Kerravala said the company is trying to make the SSL-VPN technology a standard part of overall remote-access security. “I think you’ll eventually see this technology make it into routers, too,” he predicted.
In addition to the WebVPN technology, Cisco announced the availability ot its new 1711 and 1712 security access routers, an integrated security and routing system that includes VPN, firewall, intrusion detection and dial backup capabilities for broadband Internet access and on-site communication.