In the last year, the Secure Sockets Layer VPN market has exploded, going from a niche in the larger VPN sector to a pervasive technology now deployed in many of the worlds largest networks. Aventail Corp., of Seattle, one of SSL VPNs pioneers, has been at the forefront of this push into the enterprise and recently began offering managed services as well as its appliances. Senior Editor Dennis Fisher caught up with Aventail CEO Evan Kaplan recently to talk about the consolidation among SSL VPN providers, the future of the technology and what the changes mean for customers.
SSL VPNs were a novelty until fairly recently. Now they seem to be moving into the mainstream and handling more applications. What made the difference?
I think the SSL VPN stuff is the key to a lot of trends in the industry, like voice over IP. I think in the near future, everyone will be considered a remote worker to some extent. Well all be on lightweight VPNs both inside and outside the network. We already do this for things such as online banking. Network security is really an oxymoron. Networks are designed to be as accessible as possible and move data from one place to another, not to be secure. SSL assumes that the network is insecure and goes from there. I also think were going to see the continued replacement of IP Security VPNs with SSL and the utilization of SSL inside the firewall for wireless LANs.
How do new applications such as VOIP affect the way your products handle traffic?
To us, VOIP is just another application. We treat it the same. We have to pay more attention to quality of service, but we treat it like any other application we have to secure.
There has been ample consolidation in the security market in general and in your portion of it specifically. How has that affected the competitive landscape? Has it changed the way that you go about selling?
We saw Neoteris get bought, then uRoam, NetScreen. Weve really seen everyone else fall off the map. Weve seen good competition from Juniper [Networks Inc.] and Cisco [Systems Inc.]. Its been healthy and good. Citrix [Systems Inc.] has had four or five failed attempts at joining this market. So now theres only Juniper and us at the top, with F5 [Networks Inc.] slightly behind. Nokia [Corp.] and Cisco are building but have no market share right now. We just have to continue to do what weve been doing, and well be in good shape. The competition is tough but fun.
Do you think that competitive picture will change much this year?
I think the change in 05 will be Cisco being a strong player and then competing with Juniper. I believe very strongly that were the product leader. We have to be because were not the biggest. This is all we think about. I also think well see more consolidation. There are a lot of smaller companies out there.
What about for you? Are you looking for a buyer for Aventail at this point?
For us, the best strategy is to stay independent. We feel like the market has 10 to 12 years of really solid growth ahead of it. I think were at the very beginning of a big opportunity. You see such a broad breadth of companies that are using this technology or have a use for it, so I have to believe that theres still plenty of growth coming.
There also seems to be plenty of room to add functionality to SSL VPNs. What should we look for specifically from Aventail in the coming months?
VPNs have been increasing their capabilities around endpoint control, single sign-on, application security. You should look for us to increase our capabilities in those areas.
How much of a threat do you feel technologies such as Ciscos NAC (Network Admission Control) and Microsoft Corp.s NAP (Network Access Protection) programs are to your products?
I think things like NAC are more of a complement to our technology. But I believe the primary role for Cisco is to make sure the network stays up, not that it stays secure. Its more important for them to ensure that routers and switches are up and running. And Im not sure that the quarantining model scales that well.
Plus, Cisco would have you retrofit your infrastructure to put in their stuff. Were saying use the existing infrastructure to improve security. Many employees spend less than 50 percent of their time on the corporate networks, and the prime advantage of coming into the office now is more speed, not more security.