SSL VPN market to triple

Johannesburg, 19 Mar 2008

The global market for Secure Socket Layer (SSL) virtual private networks (VPN) earned $370.7 million in 2006, and will triple to over $1.4 billion between 2007 and 2013, says market analyst firm Frost and Sullivan.

This is despite the fact that the SSL market faces consistent restraints such as budget priorities and acceptance in corporate enterprises, a Frost and Sullivan report says.

The report provides an in-depth look at SSL VPN function, market drivers and restraints, as well as market trends and forecasts.

It says the SSL VPN market will continue to see steady growth, with a compound annual interest of 24%.

The growth is driven primarily by the need for corporations to comply with regulatory and security challenges in providing remote access, it says.

Compliance with vertical-specific security legislation, such as Sarbanes-Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPPA), continues to be one of the fundamental drivers for the SSL VPN products market, the report says.

The HIPAA and the SOX Acts are having an especially positive effect on the application level and remote access gateway market, it says.

"The primary benefit of SSL VPN technology is its capability to secure IP-based communication without the use of a VPN client," says Frost & Sullivan research analyst Terrence Brewton.

This gives SSL technology an added advantage over other VPN technologies, such as multi-protocol layer switching and IPSEC, he explains.

SSL VPN enables a corporation to deliver granular controls to applications that are deployed within and outside of the enterprise, such as access for corporate partners and remote access for travelling and remote workers, he notes.

Growing up

Brewton says, while SSL VPN solutions have matured past some of their initial shortcomings, they face consistent restraints, such as budget priorities and acceptance in corporate enterprises.

Among the enterprises that have already demonstrated a tangible willingness to invest in IT security, there are segments and individuals in IT departments that still lobby to expend resources on IPSec VPNs, he says.

He adds that those who are interested in moving from IPSEC to SSL VPN are not rushing to do so. Instead, enterprises are realising complementary positive trade-offs between the two technologies and using them to provide traditional VPN connectivity for remote users and using enhanced SSL VPN features to address back-end security issues.

It is understandable that these enterprises would not wish to resign these investments to obsolescence within a short period of time, notes Brewton.

Additionally, SSL and IPSec VPN both offer exclusive and complementary trade-offs, he says. However, the marketplace has already started to address some of the confusion that accompanied enterprises picking and choosing among VPNs, he says.