SSL can also give more-detailed control of the resources remote users have access to. Whereas IPSec gives full network access, SSL can restrict access based on applications more readily.
If access to Web applications or Webbified applications is all users need, then the only client software required is a compatible browser. This means users can connect from home machines, borrowed machines or those found in business-center kiosks.
"SSL VPNs have superseded IPSec as the easiest choice for casual and ad hoc employee VPN access requests and for business partners, external maintenance providers and retired associates," says Gartner analyst John Girard. While the sales of SSL VPN gear grew 43 per cent between mid-2006 and mid-2007 to hit US$340 million, the annual growth rate is expected to slow down, resulting in a projected average annual growth rate of 13.8 per cent through 2011.
A separate study by IDC finds that IPSec VPNs accounted for more than half the US$1.27 billion taken in with VPN appliance sales in 2007, but IPSec's share of that revenue actually dropped as a percentage by 9.8 per cent, IDC says. Sales of SSL VPNs went up 18.2 per cent in the same time period.
Still, customers are finding use for IPSec remote access in conjunction with SSL. Sales of Hybrid SSL/IPSec gear are lower , but growing faster, than SSL or IPSec gear alone, IDC says.
The top-selling VPN appliance vendors in order are Cisco, Juniper, Nokia, Safenet and Alcatel-Lucent, IDC says.
5. Are VPNs good for VoIP?
MPLS VPNs can provide quality of service that guarantees delivery of VoIP packets on time for better voice quality.
MPLS also scales to accommodate very large numbers of sites fully meshed, so phoning among corporate sites via VoIP shouldn't be a problem.
Using an SSL VPN to carry VoIP over TCP actually improves voice quality, testing by Network World has found. Because TCP reorders packets and rebroadcasts packets that get lost, it can actually boost quality of the received call. If bandwidth is sufficient to accommodate the VoIP channel plus the rebroadcasts, it can improve quality.
VPNs can also provide security for VoIP calls running over Wi-Fi networks or wired networks, blocking eavesdropping.
VPNs are also used to protect data from smartphones and other handheld devices, including iPhones, although management for that is still rudimentary.