VPN choice not clear-cut

Related Links

Remote access

Luis Toledo, a computer scientist at the Securities and Exchange Commission, thinks the IPSec VPN with its client-side software is on its way out.

SSL VPNs, which leverage security features already present in Web browsers, eliminate much of the work of administering a VPN. This makes them less expensive and labor intensive.

'I don't need a client-side anymore,' Toledo said.

Timothy M. Clark, director of federal programs for SSL VPN vendor F5 Networks Inc. of Seattle, agrees.

'We have yet to find something that IPSec can accommodate that we can't,' he said.
But he acknowledged that 'there are some agencies like intel who don't think SSL is secure enough.'

Although SSL is the commonly used security for most Web-based commercial transactions, IPSec provides security services at the IP layer. SSL secures sessions, and IPSec secures IP connections.

Bill Jensen, marketing manager for Check Point Software Technologies Ltd. of Redwood City, Calif., is more reserved in his claims for his company's SSL VPN.

'Like any other product in the government market, it is going to depend on what the protection profile is,' he said.

For 80 percent of users, SSL will be adequate, he said. The remaining 20 percent will be better served with IPSec.

'It's not a question of either-or, it's a question of what do I use here, what do I use there,' he said.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above