Adding yet another piece to its portfolio of computer network security solutions, Cupertino, California-based security giant Symantec announced the purchase of SafeWeb for US$26 million in cash.
On the heels of NetScreen’s $265 million acquisition of Neoteris earlier this month and F5’s $25 million purchase of uRoam in July, Symantec’s purchase marks the third recent deal in which a major security player has added SSL-VPN technology to its repertoire through acquisition.
Gartner research vice president Richard Stiennon told TechNewsWorld that the Secure Sockets Layer (SSL) protocol coupled with Virtual Private Network (VPN) technology — an encryption technology designed to secure access for remote network users — has emerged from “flash-in-the-pan technology” beginnings to become a reliable joint solution.
“All of a sudden, it became obvious that access with SSL-VPN was more secure, and it became mainstream,” Stiennon said.
Evolved for the Gateway
Symantec senior director of product management Barry Cioe told TechNewsWorld that the company has been watching SSL-VPN’s development and now feels it is advanced enough to deal with “real-world problems, not just niche problems.”
Cioe said that while SSL-VPN previously was limited to Web-enabled applications and “didn’t solve enough problems,” the technology now has evolved to a point at which it serves the needs of a broad range of customers.
Calling SafeWeb “the perfect fit for a security technology acquisition” as opposed to a Symantec development effort, Cioe said Symantec does not see SSL-VPN making sense as a stand-alone offering any longer, which is why the company will quickly integrate the secured access technology into its security appliances.
Thanks to more than two years of improvement and refinement, SSL-VPN technology lets users remotely access almost any application — Web, terminal, Lotus Notes, legacy server, e-mail, file servers and printers — without additional client software.
The SafeWeb SEA Tsunami — the SSL-VPN appliance technology that Symantec acquired — lets companies selectively grant secure remote access economically because it eliminates the need for proprietary VPN client software, which can add to administrative costs and complexity, Symantec said.
Comparing SSL-VPN’s development and deployment to that of the widely used IPSec VPN technology, Symantec’s Cioe said the company expects SSL-VPN’s lack of complexity and transparency to foster broader adoption than other types of VPN technology.
Stiennon said Symantec’s acquisition of SafeWeb and its technology — which initially will be offered as stand-alone hardware for Symantec appliances and later will be integrated directly into Symantec’s gateway appliance — is an acknowledgment that SSL-VPN technology is a critical component of the company’s future offerings.
“Right now, it’s a small piece, but it will be an important piece for access checkpoints in the future,” Stiennon said.
The analyst pointed out that while Symantec has yet to add an intrusion-detection hardware component — technology currently provided by smaller security outfits, such as Okeena and Entercept — the SSL-VPN strategy is still lacking for Cisco and Check Point.
Single Security Source
The SafeWeb acquisition fits into Symantec’s strategy to become “the ultimate supplier of security’s many parts,” according to Stiennon.
He said that although the large security vendors are looking to offer a single source for security, companies are choosing multivendor solutions as they cope with the state of “innovation and turmoil” brought on by increasing vulnerabilities and threats.
“Enterprise isn’t looking for a single source,” Stiennon said. “They’re looking for best of breed still.”
As Network Associates and Check Point announced collaboration on an all-in-one security appliance as well on Tuesday, Stiennon said a flurry of such deals is expected, making it difficult to distinguish who is doing what and possibly signaling an upcoming price war among security vendors.