Feeds

SSL to be one of 2004’s bright spots

Mobile workers fuel demand

  • alert
  • submit to reddit

SANS - Survey on application security programs

Adoption of virtual private networks (VPNs) based on the browser-based SSL technology is shaping up to be one of the key trends of 2004, especially as enterprises mobilize their workforces.

SSL allows for secure access to corporate networks from virtually any browser and so provides flexibility for roaming workers with laptops or smartphones, as well as simple mechanisms that reduce support costs.

This week, two security companies, NetScreen and F5, said that their first quarter revenues had been boosted by their acquisitions last year of SSL specialists, whose products have been added to their
more traditional IPsec VPNs and firewalls. The main demand is coming from companies with large mobile workforces, said F5.

The company bought the FirePass VPN with uRoam last year, and the product contributed $1.5m or 5% of revenue in the first quarter. This was 50% above the targets F5 had set, and in the second quarter SSL sales of over $2m are expected. Total revenue grew 33% to $36.1m and the company plans to incorporate FirePass into its core product, Big-IP.

NetScreen said that it sold $2.2m in SSL VPNs, about $1m more than anticipated, between acquiring Neoteris on December 14 and the end of its first quarter on 31 December. Neoteris now forms a separate unit called Secure Access Products. NetScreen’s total revenue grew 59% year-on-year to $81m.

According to a survey sponsored by AT&T, simpler remote access to corporate networks is the number one factor driving uptake of remote and mobile workforces. The mobile phone and networking giants – such as Nokia, Cisco and Nortel - are increasingly introducing SSL VPNs into their ranges and most have seen an upsurge in interest and sales in the past three or four months. Frost & Sullivan believes sales of SSL will pass the $500m mark by 2006, from just $20m in 2002.

Lower costs are another attraction to large companies.
F&S estimates that the cost per use is $60- $220, compared to $150-$300 per user for the more cumbersome IPsec, which is optimized for site-to-site communications rather than mobile access. The savings are mainly down to lower support requirements and the fact that there is not need to preconfigure every PC.

IPsec still dwarfs SSL in terms of revenue – in 2003, revenues were about $2.4bn for IPsec, compared to $100m for SSL. The two products are complementary and some companies, including Cisco and Nortel, plan to integrate them into a single VPN.

The main challenge now is to improve the security features of SSL itself, particularly to improve authentication, which is far weaker than using IPsec.

Nokia has developed the Secure Access System, which exchanges digital certificates with the machine in use and performs client integrity scans to check for any weaknesses and adjust user privileges accordingly. Many SSL specialists will look for security partners and companies such as NetScreen are aiming to provide an integrated suite of security products.

© Copyright 2004 News IS

News IS is a weekly newsletter published by Rethink Research, a London-based publishing and consulting firm. News IS covers the news announcements, business transactions and financial statements of the top 150 or so IT vendors, along with other news of interest to the modern senior IT manager working within data centre technologies. Subscription details here.

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.