Advertisement

Our Library

When you register for our library you can access the additional content listed below. We will also notify you by email of new content on Secure Access Central. >>> Register for our library and email notification! We welcome your ideas and feedback on these reports. You can recommend topics for our analysis and submit alternative points of view on published ones.

#15 - Network Admission & Access Control Product Selection Guide

The current version of this 160-page Product Selection Guide ("PSG") covers NAC products from 20 vendors. This publication is distributed in a digital format and is updated about every 4 to 6 weeks to reflect changes in our analysis, participating vendors and their products. We will notify you by email when new versions become available so please ensure the email address you provide at registration is correct.

#14 - Analysis of Gartner SSL VPN Magic Quadrant Trends.

We highlight the major changes in Gartner's assessments of the North American SSL VPN market and vendor competitiveness from YE2005 to YE 2007.

#13 - Key Trend In SSL VPNs

This recorded presentation by Dana Hendrickson was originally broadcasted on February 2, 2006 in a webinar sponsored by Whale Communications. Dana is a leading industry analyst, founder and director of the Breakaway Security Group and the publisher of Secure Access Central, the only portal dedicated to secure network access.

Dana shares his perspectives on

•  Why the controversy over SSL vs IPSec-based, remote access VPNs is largely over
•  How current generation SSL VPN gateways have evolved into sophisticated multi-layer security systems
•  Why distinct new product categories of SSL VPN gateways have emerged
•  How vendors are taking advantage of numerous opportunities for competitive differentiation
•  How advanced web application gateway logic improves security and the user online experience

#12 - Endpoint Security Compliance: A Closer Look

We have witnessed a steady stream of new “desktop” security and endpoint security compliance products designed to erase doubts about the saneness of extending networks to more remote devices, especially unmanaged ones. In this solution brief. Breakaway examines the capabilities of leading EPS compliance products, highlighting key areas you should consider when evaluating available products.

#11 - SSL VPN Performance: What You Need to Know Before You Buy

Ask vendors how well their gateways perform in demanding remote accesss environments and you will hear many different types of responses. So how do you figure out whether specific ones can really handle your particular workload? In this solution brief, Breakaway examines the primary factors that shape solution-level performance.

#10 - SSL Remote Access: How Much Should You Expect To Pay?

It is generally difficult to estimate the price of a complex IT system like SSL remote access but most organizations wish to do so before they either define a complete set of requirements or evaluate competitive proposals.

In this solution brief, Breakaway identifies the basic components that shape SSL remote access pricing. We also illustrate how you can develop budgetary estimates that will not leave you surprised nor disappointed when you begin detailed negotiations. Unsurprisingly, the actual acquisition price will often exceed - by a wide margin - those referenced in gateway vendor literature and intial sales presentations

#9 - SSL VPN Gateway Product Selector

With more than 20 vendors now offering one or more models of SSL VPN gateways, it is easy to be overwhelmed by the number of options available to business, government and non-profit organizations. In our new Product Selector, we provide a way to easily view how leading products map to small, medium, large and service provider environments. In 2005 we will add entries and maintain existing ones. Once you have identified products that are aimed at your particular environment, review our "Thumbnail Appraisals" and study our comprehensive evaluation guides. Then you will be well-prepared for more productive discussions with individual IT service providers and gateway vendors.

#8 - Do Different Access Methods Matter?

Most SSL VPN gateways not only enable access to web, client-server, and terminal-server applications they also enable organizations to extend full network access to specific user communities. Therefore, it might seem logical to assume all products offer similar "connectivity". This is not in fact the case. Different vendors use different combinations of access methods and each access method has important implications on security, device support, and user convenience. In this solution brief, Breakaway examines the different access methods used in SSL gateways.

#7 - Hybrid VPNs: Where Do They Fit In?

Just when the controversy about which technology - SSL VPN or IPSec VPN - is best for most secure remote access networks appears to have subsided, a new one is possibly emerging as newcomers tout their Hybrid VPNs. While the number of vendors offering Hybrid VPNs remains small (Net6 and Mykenae) and their presence in the market so far barely felt, their central claim sounds very appealing.

“The Net6 Hybrid-VPN Gateway provides the combined advantages of both IPSec and SSL VPNs with none of the shortcomings – replacing the need for both IPSec and SSL VPNs.” (Goutham Rao, Chief Architect, Net6, Inc.)

In this solution brief Breakaway examines the specific arguments that underly this assertion and offers you the opportunity to reach your own conclusion. Are the arguments credible? Are there other unstated concerns that must be considered.

Are we actually on the verge of a new battle between SSL VPNs and Hybrid VPNs? We will likely know before long.

#6 - How to Select the Right Solution - Endpoint Security

The substantial productivity gains promised by extended networks is simply too compelling to ignore and that means a rapidly expanding number of authorized users will be encouraged to remotely access applications and files from home computers, personal portable devices, guest computers, supplier/customer/partner computers, and public kiosk computers. That every remote access computer must have a personal firewall and anti-virus software is now universally accepted. Unfortunately, rarely is this security sufficient. There are simply too many types of attacks that will never be adequately handled by these security products so more protection is required. In this Solution Brief we examine the common requirements for endpoint security and highlight a few available solutions.

#5 - How To Select the Right SSL VPN Gateway

Part 1 - Perspectives On Getting Started

This is a great time to purchase SSL VPN gateway products. Rapid innovation by vendors over the past two years has produced high-value offerings. The range of capabilities found in SSL VPN gateways has grown dramatically. Essential and complementary security products have emerged. And now more than 20 vendors are competing for your business. Over the course of the next year, the Breakaway Security Group (Breakaway) will publish a series of Solution Briefs under the common heading “How to Select the Right SSL VPN Gateway”. In each one we will examine closely a single gateway evaluation criteria, review current vendor offerings, and project where we expect product road maps to lead over the next 12 months. This set of Solution Briefs is designed to help you refine your remote access requirements, plan your deployments, project your future workloads, estimate your ownership costs, and evaluate available products. In this solution brief we provide a handful of perspectives to get you started on the road to the right solution.

#4 - The Future of SSL VPN Gateways: 2005

While many industry analysts and observers predict SSL VPN Gateways will become less differentiated over the coming year, Breakaway believes the opposite will be true. As enterprises gain experience with large-scale remote access networks they will beome more sophisticated buyers with more demanding requirements. Vendors will anticipate and respond to this new environment with a greater selection of solutions. In this solution brief we identify the key areas of change as the market moves from SSL VPN Gateways to integrated, policy-based access management solutions. True next generation systems will likely first appear around the start of 2005.

#3 - An Inside Look at SSL VPN Gateways

The confusion surrounding SSL VPN Gateway ("Gateway") capabilities is understandable. At the start of 2004 there were19 vendors selling these security systems, they often make different claims and use different terminology to describe their products, and they collectively have delivered a steady stream of new products and enhancements. In this document, Breakaway introduces a reference model for Gateways. It serves as a framework for describing both (1) current Gateway capabilities and (2) how we expect these products to evolve during the next 12 to 18 months. Here we focus on current capabilities and typical operation. We will focus on the future of Gateways in our next report.

#2 - Why Would Anyone Choose IPsec over SSL for Secure Remote Access?

Even if your organization is already using an IPSec VPN for remote access, you might seriously consider replacing it with an SSL-based solution. And if you are building your first remote access VPN, the choice is obvious. SSL VPNs can match IPSec VPNs in terms of options for accessing applications and file servers. Plus, the security capabilities and ownership costs of SSL VPNs are clearly superior. In this Solution Brief Breakaway takes a close look at the F5 FirePass Controller in order to illustrate how SSL VPN solutions can now provide access options that match IPSec VPNs in versatility. We expect many SSL-based security gateways will soon evolve into more general-purpose, universal access systems that extend secure access capabilities to internal network users, as well.

# 1 - Are SSL VPN Solutions Ready To Support Mobile Wireless Access?

On September 9, 2003, Neoteris, Inc., a leading supplier of SSL VPN appliances, surprised industry observers by making the following claim in a product announcement:

“Unlike IPSec and other SSL VPN solutions with announced wireless device support, the Neoteris solution is the only one that does not require a client download or need a Java agent to set up a secure remote connection.”

In this report, Breakaway examines the primary issues surrounding the deployment of SSL VPNs with portable wireless devices and reviews some of the relevant key capabilities offered by a half dozen vendors. As you will learn, other vendors do offer the same capability claimed by Neoteris, and a whole lot more. Whether you wish to roll-out a new mobile application or simply extend the reach of existing resources like email, SSL VPN products are ready to handle the special requirements of wireless remote access.

This report includes the following exhibits:

Table 1: Portable Device Support by SSL VPN Vendor
Table 2: Common Application Usage by Device Type
Table 3: Mobile Application Access Features By SSL VPN Vendor