Nokia Sweetens SSL
SSL offers an alternative to IPSec that avoids the headaches of deploying and managing client software. Unlike IPSec, which requires client software on each device in the VPN, SSL does not usually require a special client piece because it’s already embedded in standard Web browsers and Internet software.
The SSL market remains a niche, trailing the more dominant IPSec market, but some analysts see it picking up momentum.
“IPSec remains the dominant tunneling and encryption technology for VPLS,” said Jeff Wilson, executive director at Infonetics Research Inc. in a report published last week. “But MPLS and SSL are gaining steam.”
In its latest report, Infonetics says that VPN products, particularly SSL products, are growing in popularity. According to last week’s report, spending on VPN products and services will grow 42 percent from $25.3 billion to $35.8 billion between 2003 and 2007. By 2005, 74 percent of mobile workers are expected to use VPNs, up from 59 percent in 2003.
To beef up security for corporate users, Nokia has developed the Nokia Secure Access System. This software, which is loaded on a Nokia appliance, not only authenticates users to make sure that only authorized employees have access to the network, but it also exchanges digital certificates with the machine being used and performs a client integrity scan. This scan checks for vulnerabilities on the device. Based on this scan and the user’s profile, it automatically adjusts the user’s privileges. In the end, the worker at the Internet café may be restricted to email only, keeping other sensitive files and applications out of harms way.
Nokia, which has deployed 150,000 systems in the market over the past four years, has partnered with other security companies. For example, its firewall appliance uses software from Check Point Software Technologies Ltd. (Nasdaq: CHKP). But this latest product was built entirely by Nokia from the ground up, says Dan MacDonald, the firm's vice president of product marketing.
While Nokia claims to be the first company to introduce this integrity-scanning feature on an SSL appliance, it will likely face competition from the two entrenched companies in this market, Aventail Corp. and Neoteris. Nokia officials believe their product has an edge, because these small security companies specialize only in SSL appliances.
Nokia is offering the SSL software on its low-end IP platform for about $3,495. It will be generally available in the third quarter of this year.
— Marguerite Reardon, Senior Editor, Light Reading