Secure Socket Layer (SSL) virtual private networks (VPN) solutions have matured past some of their initial shortcomings, but face consistent restraints such as budget priorities and acceptance in corporate enterprises. With increased regulatory standards for remote access and future real-world scenarios, SSL VPN solutions are set to become a business critical component for remote access.
New analysis from global growth consulting company Frost & Sullivan finds that the worldwide SSL VPN market earned revenues of $370,7-million in 2006 and estimates this to reach beyond $1-billion in 2013.
“SSL VPN enables a corporation to deliver granular controls to applications that are deployed within and outside of the enterprise, such as access for corporate partners and remote access for traveling and remote workers,” notes Frost & Sullivan research analyst Terrence Brewton. “The primary benefit of SSL VPN technology is its capability to secure IP-based communication without the use of a VPN client. This gives SSL technology an added advantage over other VPN technologies such as multi-protocol layer switching (MPLS) and IPSEC.”
Compliance with vertical-specific security legislation such as Sarbanes-Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPPA) continues to be one of the fundamental drivers for the SSL VPN products market. The HIPAA and the SOX Acts are both having an especially positive effect on the application level and remote access gateway market.
However, among the enterprises that have already demonstrated a tangible willingness to invest in IT security, there are segments and individuals in IT departments that still lobby to expend resources on IPSec VPNs.
Enterprises are not rushing to switch from IPSEC VPN to SSL VPN. Instead, enterprises are realising complementary positive tradeoffs between the two technologies and using them to provide traditional VPN connectivity for remote users and using enhance SSL VPN features to address back-end security issues.
“While it is understandable that these enterprises would not wish to resign these investments to obsolescence within a short period of time and that SSL and IPSec VPN offer both exclusive and complementary trade-offs, the marketplace has already started to address some of the confusion that has accompanied enterprises picking and choosing amongst VPNs,” says Brewton.
Notwithstanding these challenges, the SSL VPN market will continue to see steady growth and acceptance as corporations are forced to deal with regulatory and security challenges in providing remote access. Vendors will do well to adopt more agile solutions that offset the chief restraints of the technology such as performance, price and acceptance.