1. Info-Tech Research Group1 Vendor Landscape: Secure Socket Layer Virtual Private Network (SSL VPN) Your workers are going remote, is your security?

2. Info-Tech Research Group2 SSL VPN is critical for organizations that employ remote or mobile workers, or aim to increase productivity by providing 24x7 corporate network access. Introduction Enterprises of all sizes where a portion of the workforce is remote or mobile, and those interested in maintaining the integrity of their corporate infrastructure and data. Enterprises of all sizes that have an interest in maximizing employee productivity and morale by providing the ability to work from any location, any time, with minimal disruptions. Enterprises of all sizes that are looking to institute disaster preparedness mechanisms to allow for the continuity of worker activities even if primary worker locations are unavailable. This Research is Designed For:This Research Will Help You: Identify and rank vendor offerings in the SSL VPN space. Understand the nuanced differences in the product offerings between different vendors. Aid in the selection process of an SSL VPN solution.

3. Info-Tech Research Group3 Executive Summary The SSL VPN market is mature and stable at this point and is ostensibly split into two groups – those offering truly enhanced functionality (Array, Citrix, F5), and those offering core capabilities at attractive price points (Barracuda, SonicWALL, WatchGuard). Most buyers will focus on the latter decision points and so preference in this overview is given to those criteria. Info-Tech Research Group has classified Barracuda Networks, SonicWALL, and WatchGuard as Champions within the market space based on their combination of broad feature sets, attractive pricing, and stable on-going commitment to the market space. Once value for money is taken into consideration, WatchGuard and SonicWALL become the most compelling options, by virtue of their rock-bottom pricing. Barracuda Networks trails on the Value Index only slightly, but offers less functionality. Remote connectivity must be a core component of every enterprise’s disaster recovery, and any device access is becoming increasingly important as the breadth of device types that access enterprise resources grows; carefully review your SSL VPN use cases and select the solution that offers the best match.

4. Info-Tech Research Group4 Market Overview VPN technologies were originally developed in the early 1990’s as a low cost alternative to leased lines to allow for WAN connectivity over distance. The earliest form of VPN, IPSec (IP Security), required cumbersome software clients and lengthy configuration; and while this worked fine for site to site connections, it was less ideal for user-to-site connections. SSL (Secure Sockets Layer) VPN introduced the concept of clientless connections, allowing for much simpler user-to-site connections. SSL VPN has allowed for the rapid growth in remote work opportunities and is becoming a de facto requirement of every enterprise. As SSL VPN becomes increasingly ubiquitous, it is being bundled as a capability into other network edge solutions at an ever greater pace; the days of the dedicated appliance are numbered. Powerful clients are now becoming optional components of the SSL VPN solution. These allow enhanced functionality, but do increase operational and administrative complexity and blur the lines between SSL and IPSec VPN. How it got hereWhere it’s going SSL VPN capabilities are provided via a number of different channels, including software solutions, dedicated single purpose hardware appliances and consolidated multi-purpose hardware appliances. This review focuses exclusively on dedicated single purpose hardware appliances.

5. Info-Tech Research Group5 SSL VPN Vendor Landscape This section contains: Info-Tech’s analysis of vendor offerings and rankings across Features, Affordability, Usability, Architecture, Viability, Strategy, Reach, and Channel categories. An overview of each vendor evaluated and a discussion of their strengths and weaknesses. Info-Tech’s recommended use cases for each vendor’s offerings.

6. Info-Tech Research Group6 The Table StakesWhat Does This Mean? The following features are available in every vendor’s offering – do not use them to shortlist during the selection process If Table Stakes are all you need from your SSL VPN solution, the only true differentiator for the organization is price. Otherwise, dig deeper to find the best price to value for your needs. User actions are logged on the system and made available for administrators to audit. Comprehensive Activity Logging Administrators are capable of blocking access to specific areas of the network using user profiles and groups. Granular Access Control The solution supports LDAP and is able to query and be queried by Active Directory. Directory Support The solution is capable of connecting to the corporate network via a Web portal, not an installed client. Clientless Connectivity The solution is managed from a single administrative and reporting engine. Single Management Console The products assessed in this Vendor Landscape TM meet, at the very least, the requirements outlined as Table Stakes. Many of the vendors go above and beyond the outlined Table Stakes, some even do so in multiple categories. This section aims to highlight the products’ capabilities in excess of the criteria listed here. Vendors that did not offer a single, dedicated VPN appliance, or lacked an appliance-based solution were not considered in this evaluation.

7. Info-Tech Research Group7 Table Stakes aside, vendors were evaluated on their individual advanced feature offering Personalized Web Portals The solution provides users with personalized Web portals displaying access rights. Emergency Licensing For a fee, the vendor allows for a spike in concurrent users during disasters. Mobile Device Support The ability to segregate and encrypt sensitive data on mobile devices. Host Integrity Checking The solution ensures the user has sufficient security tools in place before allowing access. Adaptive Access Control The solution uses endpoint analysis to determine what clearance a user has. Integrated Intrusion Prevention System The appliance has an onboard IPS. Hardware/Application Acceleration The appliance is capable of performing WAN optimization to deliver the best performance. What We Looked For Tokenless Enhanced Authentication The appliance generates a unique password, sent via e-mail or SMS, to combine with the user’s password, circumventing keyloggers. Features Info-Tech scored each vendor’s features offering a summation of their individual scores across the listed advanced features. Vendors were given 1 point for each feature the product inherently provided. Some categories, such as Hardware/Application Acceleration, were scored on a more granular scale with vendors receiving a half mark if the functionality required a licensing upgrade. Advanced features scoring methodology:

8. Info-Tech Research Group8 SSL VPN Criteria & Weighting Factors Features Usability Affordability Architecture Product Vendor Vendor Evaluation Vendor is committed to the space and has a future product and portfolio roadmap. Strategy Vendor offers global coverage and is able to sell and provide post-sales support. Reach Vendor is profitable, knowledgeable, and will be around for the long-term. Viability Vendor channel strategy is appropriate and the channels themselves are strong. Channel Product Evaluation The solution’s dashboard and reporting tools are intuitive and easy to use. Usability The delivery method of the solution aligns with what is expected within the space. Architecture The five year TCO of the solution is economical. Affordability The solution provides basic and advanced feature/functionality. Features ViabilityChannel StrategyReach

9. Info-Tech Research Group9 Every vendor has its strengths & weaknesses; pick the one that works best for you ProductVendor FeaturesUsabilityAffordabilityViabilityStrategyChannel Juniper Networks Check Point Security Barracuda Networks Citrix F5 Networks SonicWALL Array Networks ReachArchitecture WatchGuard

10. Info-Tech Research Group10 Info-Tech Research Group Helps IT Professionals To: Sign up for free trial membership to get practical solutions for your IT challenges www.infotech.com Quickly get up to speed with new technologies Make the right technology purchasing decisions – fast Deliver critical IT projects, on time and within budget Manage business expectations Justify IT spending and prove the value of IT Train IT staff and effectively manage an IT department “Info-Tech helps me to be proactive instead of reactive – a cardinal rule in a stable and leading edge IT environment. - ARCS Commercial Mortgage Co., LP Toll Free: 1-888-670-8889