No man is an island. The rise of virtual private networks (VPNs) means this statement has never been truer. In a nutshell, the technology dishes out secure remote access to the ever increasing mobile workforce and to branch offices.
What's the deal? VPNs simplify the process of linking remote offices and workers. The proliferation of broadband Internet access technologies, along with the emergence of standards-based VPN solutions is ushering in a new distributed workplace.
And the VPN market is on an upswing, according to industry commentators.
The extension of VPNs to mobile devices along with the growing SME uptake is driving the market along with the growing number of home workers and the push for anytime/anywhere mobile access for workers in the enterprise.
According to analysts, many organisations are deploying VPNs. The majority of momentum is behind IP VPNs, which use technologies such as IP security (IPSec), secure socket layer (SSL) as well as MPLS to provide site-to-site and remote access connectivity.
Number crunchers, IDC, said the Australian IP VPN market was pegged to reach $855 million by 2007.
Remote access IP VPN would grow at a fast pace, IDC suggested, as companies were connecting more and more branch offices as well as remote workers, enabling them to access IP enterprise applications.
"There's a steep curve for VPN growth," SonicWall country manager, Tim Dickinson, said. "A lot of the drive for VPNs is companies wanting greater control over business applications."
The retail and financial sectors are sizzling markets at the moment for this type of technology, he said.
It's all about knowing where and what your assets are doing, Dickinson said.
In fact, pushing intelligence into the network was this year's top trend. There were more network products with intelligent features, allowing IT managers to take advantage of the network, analysts said.
Top benefits of installing a VPN include improved security, simplified network topology, extended geographic coverage, streamlined access to information and centralisation of mission-critical data and content.
Market research firm, Infonetics, claims VPNs provide 20 to 40 per cent savings in LAN-to-LAN connections compared with domestic leased line networks, while remote access becomes 60 to 80 per cent cheaper using VPNs.
But there's a gloomier side, analysts have warned. Despite the positive outlook, there is a decline in growth due to several factors: saturation among large companies following the current rapid growth phase; spending shifting from standard IP VPN connectivity to applications such as VoIP and hosted business applications; price competition; and alternative Layer 2 services such as Ethernet beginning to cause some migration from Layer 3 IP services.
But locally, there was plenty of action, particularly in the SMB space, 3Com's A/NZ distribution and volume manager, Dean Vaughan said. The company had launched a VPN Firewall that targets the SMB space.
Traditional remote access services require companies to lease expensive, dedicated data lines or maintain modem banks and telephone lines, and pay telecommunication usage charges to support dial-up users, according to SonicWall's Dickinson.
The high cost of dedicated data lines forced many SMBs to use slow, dial-up connections for remote access, he said.
"But with the advent of affordable broadband and standards-based VPN, small and medium organisations can bypass these expensive and complex remote access solutions," Dickinson said.
With today's technology, he said companies of any size could use the Internet to securely extend the reach of their network resources. Indeed, the technology has improved in leaps and bounds and is now making its way down the food chain.
3Com's Vaughan said SMBs could now get cost-effective security and multiple VPN support.
"The IPSec technology offers three levels of security, taking into consideration authenticity, integrity and encryption," he said. "The SSL does not offer the same level of security."
With the rollout of the OfficeConnect VPN Firewall, the technology was designed for the novice user, but also flexible enough for more complicated configurations, Vaughan said.
Another new feature on OfficeConnect boxes this year was traffic prioritisation, he said. Essentially, quality of service was improving at the low end. Meanwhile, at the top end of town, many telcos were enabling VoIP functionality through a VPN, he said.
Indeed, the technology had improved and was now entering the SMB arena, SonicWall's Dickinson said. Enterprise-class features were reaching the SMB space as well as the home arena.
"We're starting to see an extension of the corporate network to the home," he said.
Enterprise class features including anti-spyware and content filtering, as well as unified threat management are making an appearance at the lower end.
The VPN wars
And while the SMB space is reaping the benefits of improved functionality, the big debate these days is whether to choose IPSec or SSL technology, with vendors pitching the pros and cons of each. Both have merits, analysts claim, and make sense in different scenarios in the enterprise, SMB and carrier space.
Dickinson said IPsec ensured data was encrypted from point A to point B.
"SSL is still new and requires customisation," he said. "You need to customise it to enable the applications to run."
Meanwhile, Juniper said SSL was proving its weight in gold. Juniper's channel manager Brian Allsopp, said the SSL market was coming into its own.
Citing data from Frost and Sullivan, he said while the IPSec segment captures the majority market share, the SSL segment was growing at a fast clip - about 17.4 per cent annual growth (with the IPSec market growing at 5.4 per cent).
"This technology is becoming the preferred option for companies wanting to improve their remote access," Allsopp said". The ROI is good and the ongoing management costs are significantly lower."
According to Frost and Sullivan, the average cost per user drops to between $US60 and $US220 when using an SSL remote access VPN versus $US150 to $US300 per user when using an IPSec VPN.
Meanwhile, Aventail has been pitching the SSL story since 1997, regional director A/NZ, Andrew Draper, said.
"Whether it's IPSec or SSL VPNs, the fact of the matter is there's an explosion of access technologies, wireless technology and Pocket PCs, and therefore there's a new level of secure remote access," he said.
Calling it an IPSec replacement VPN, Aventail's latest SSL product aims to address the ongoing issues that plague remote access technology including productivity, control and manageability.
For example, 20 to 30 per cent of the time, users could not connect or get access to applications they need, he said.
Other exciting advancements in the world of VPNs is the addition of end point control, which grants a level of access to a user based on a level of trust.
Policy management and access options to the broadest range of applications were other top features, Draper said.
Watchguard Technologies' A/NZ sales director, Sven Radavics, said SSL technology was locked into 128-bit encryption, while IPSec typically offered 168-bit encryption and could go well beyond 1024-bit.
"SSL offers weaker encryption, but there are benefits in total cost of ownership and ease of use," he said.
And while SSL was picking up steam, he said the movement was happening slowly, albeit surely.
"The office-to-office crowd are sticking with IPSec technology because it offers the high level of encryption," he said. "There's more a drive for SSL with the road warriors and where there's a need for online applications [like online banking]."
And while vendors were pitching IPSec or SSL, national partner manager for reseller Kanbay, Martin Bicknell, said there's plenty of room for both technologies, and downplays the ongoing battle cries.
"There's still a place for both," he said. "I don't see one taking over the other. SSL is trying to take over the IPSec market, but there's still a place for IPSec."
What's spicing up the SSL market at the moment and making it seem more attractive, Bicknell said, was the fact that prices were coming down.
Looking past the VPN wars, SonicWall's Dickinson said resellers eyeing the VPN space could consider offering the technology as a managed service.
"Resellers can manage the firewall and the VPN tunnels," he said. "They can look at bandwidth, speed, prioritise the applications, report on the traffic and customise reports to send out."
Implementing a VPN for remote access allowed for centrally enforced security and remote access policies, Dickinson said. Using a VPN without security measures leaves the door open to hackers.
Therefore, resellers could help organisations implement effective VPN solution that includ a firewall, virus protection, content filtering and global management, Dickinson said.
3Com's Vaughan said resellers could offer a host of managed services - with the main one being administering security policies.
"This falls under the area of general security and consulting services," he said. "They can make money in the installation, ensuring the right engineers and technology are at the multiple sites, staging the equipment and setting up the security policies."
Essentially, Juniper's Allsopp said resellers could help customers take the complexity out of the mix as VPNs could be difficult to install even if you had experience.
Networking skills (TCP/IP), general security knowledge, firewalls and VPN specifications are needed to do the job.
"A lot of customers are running complex IPSec client and concentrator setups, and are now realising there are ongoing administrative and support costs, and want flexibility in terms of deployment," he said.
As such, resellers could help customers consider their options, Allsopp said.
VPNs could support a variety of different types of connections (including client-to-LAN; LAN-to-LAN, intranets, and extranets), and this was where the reseller expertise came in handy, Dickinson said.
And while the technology may not seem super sexy, expect the market to see lots of action this year.