Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IPSec Vs. SSL: Picking The Right VPN: Page 3 of 6

However, an IPsec VPN may cost you more in the long run. Let's consider license costs: An IPsec VPN typically costs between $10 and $25, while an SSL VPN ranges from $50 to $120 per seat for a 500-user license. At first glance, IPsec VPN seems appealing costwise. But once you factor in the costs for deploying and managing an IPsec client, the additional testing required prior to patching an OS client (remember the Windows XP Service Pack 2 broke many client applications including IPsec) and the lost productivity from users who can't connect to the gateway over IPsec, it may not look like such a bargain. Additionally, many IT managers have found IPsec VPNs to be time-consuming for their staffs to maintain, because end users often need help when downloading software or maintaining their connections.

Going SSL

Most users make the jump to SSL VPNs when building extranets because of the attractive price and reduced security risks. SSL can restrict remote access to only those resources a user needs.

In fact, one out of every three major companies was using an SSL VPN this year, according to Meta Group. By 2006, 80 percent of companies will use SSL VPNs as one means of connectivity, the researcher says. There's no doubt SSL VPNs are selling like gelato in the summer and perhaps the biggest drivers are universality over Port 443 and reduced management overhead.

Take your laptop anywhere--home, a customer site, the coffee shop--and Internet access over TCP 443 (the default HTTPS port) should be available, unless you're on a network with a strict egress policy. With SSL VPN's ubiquitous access, any computer with a browser and Internet access can be a client. We're not convinced most organizations want to open their critical business applications to users at public kiosks, but being able to let remote or traveling users access their Web mail and other applications is compelling.