Making the right connection
Which VPN: SSL, IPsec or both?
What does the future hold for secure virtual private networks? Illena Armstrong gazes into her crystal ball to look for the answer.

Choosing the ideal virtual private network is difficult enough for enterprise buyers, without the decision being complicated by rumblings that up-and-coming secure socket layer (SSL) VPNs will quickly overtake, and maybe replace, traditional internet protocal security virtual private networks (IPsec VPNs). Nonetheless, insistence that the IPsec VPN will soon become the ugly stepsister to the Cinderella-like SSL VPN is fueling the latest industry buzz.

“Rumors of IPsec’s death are premature, but there is definitely a very aggressive movement away from IPsec in the remote access space, and that [stems] from some very practical reasons,” says Jude O’Reilley, senior product marketing manager of Aventail.

Making headway

Infonetics Research, an international market research and consulting firm, and a leading expert in the VPN space, has reported that SSL VPNs are making so much headway that 2003 will continue to see many IPsec VPN vendors announcing plans for SSL-based products. This is already happening, with the likes of Nokia, Cisco and other large players launching solutions that will place them right in the middle of the SSL fracas.

Despite this, SSL will not replace IPsec, says Jeff Wilson, executive director at Infonetics. “There is no good SSL solution for site-to-site connectivity, and when it comes to remote access, many companies will look at and likely deploy both SSL and IPsec for different remote access,” he says. “But, I don’t think this will be a dominant trend in the near future.”

What he does believe is that IPsec still remains the prevailing tunneling and encryption technology for VPNs, according to his recently published study User Plans for VPN Products and Services, North America 2003. At the same time, though, SSL will continue to gain some traction. Noting that by 2005, 74 percent of mobile workers will rely on VPNs (an increase of 15 percent from 2003), Wilson says projected growth rates can largely be attributed to SSL offering an alternative to IPsec that skirts the complexities and labor demands of deploying and managing the necessary client software.

Rumors of IPsec’s death are premature, but there is ... movement away from IPsec in the remote access space, Jude O’Reilley
senior product marketing manager
Aventail

The trouble now, he explains, is that at this early stage in the market many vendors seem to be waffling on how to position their SSL-based products. Whether to push SSL VPNs, also referred to as application-layer VPN gateway products, as competitive with IPsec or complementary to it is proving a marketing conundrum.

“Ultimately, we believe that they are best positioned as complementary, and most IPsec vendors will develop or purchase application-layer VPN technology to add to their arsenal. This complementary positioning is key to the success of the market (and our forecasts), and if the market-leading vendors in this space over the next 12 months choose to start a war between SSL and IPsec, the entire market … will suffer,” maintains Wilson.

What’s the difference, really?

By design, an IPsec VPN is an infrastructure security technology, says Wei Lu, CTO of Permeo Technologies, a company specializing in enterprise application security. The real value of these VPNs is that they strive to make the IP environment as secure as possible. The problem is that to deploy IPsec requires quite a large infrastructure change to allow remote access. The value is there, but management costs are high. As such, IPsec is still the option for site-to-site connections, but interest in SSL VPNs has arisen for other remote access activities.

Yet, when IPsec VPNs, also called IP VPNs, first hit the scene, they were viewed as a huge advantage over other remote access solutions, says Grahame Smee, director of equIP Technology in the U.K. Part of the IPsec VPNs’ appeal was based on their centralized security and policy management components that eased a lot of maintenance demands.

“However, recently we have seen the emergence of two main problems with traditional IP VPNs,” he says. “Firstly, the client software presents a labor overhead that many companies wish to avoid and, secondly, certain security issues have also become apparent, mainly centered around creating an open ended network layer connection.”

The solution of choice

Recently we have seen the emergence of two main problems with traditional IP VPNs...
Grahame Smee
director
equIP Technology

But many experts say that IPsec is unbeatable for direct secured access to the corporate network usually demanded by a typical corporate power user and LAN-to-LAN connectivity. The typical SSL VPN, however, is considered best for the average remote worker for gaining access to web-based applications. Therefore, IPsec is the choice when seeking more comprehensive access that is for both browser-based applications and private networks, as well as for remote workers and to interconnect offices, says Susanne Scheuermann, IPsec product manager at BT Global Services.

SSL VPNs, on the other hand, require no additional client software to be loaded onto end user PCs and laptops. This clientless feature is a key factor for some companies when opting for SSL over IPsec, says Scheuermann.

And, this clientless feature adds to other often-touted attributes of SSL VPNs, which include reduced cost of deployment, alongside a decrease in the demand for ongoing support and administration, adds equIP’s Smee. Moreover, “because all external-internal traffic” normally goes through a single hardware appliance, access to resources and URLs can be controlled.

“With the launch of these clientless VPN products … users can connect from any internet-connected device and get secure access through an SSL tunnel. This involves the addition of hardware behind a corporate firewall, but gives the corporation one device to manage and no client software to maintain, upgrade and configure,” he further explains.

Because end users can avoid carrying a laptop and gain access through any internet-connected device, most employee demands for connectivity while on the road can be met more easily with SSL. The issue with this, however, is that SSL VPNs typically have lower encryption levels than IPsec VPNs, says Bob Brace, vice president of Nokia Internet Communications. So, while they cost less to deploy, less to support, allow an organization to offer email access to employees from home, laptop and otherwise, or even offer up extranet access to partners quickly and easily, they still have their shortcomings.

“There are downsides, and these typically involve client-side security and performance issues,” says Brace. “For email and intranet, an SSL VPN is fine, but for more complex applications which need higher levels of security, IPsec VPNs are required.”

Connecting the enterprise

Regardless of the view that SSL is really only good for accessing web-based applications, as opposed to direct corporate network access, and is more suitable for less technical users than for power users, a bigger picture is emerging, say some.

“You’re seeing this huge emergence in evolution towards SSL being used as an infrastructure technology as opposed to making SSL just a technology that is associated with web application servers … that can be deployed in appliances like other pieces of infrastructure in the network,” says Jason Matlof, vice president of marketing and business development for Neoteris.

You’re seeing ... evolution towards SSL as an infrastructure technology ...
Jason Matlof
vice president of marketing and business development
Neoteris

And, with some SSL technologies on the market, you can extend the network to power users that you would usually trust to have a network connection from a fixed device where there is a known PC, with a firewall, anti-virus and other protections. Simply put, adds Matlof, it

is just a VPN that offers all the desired features for all users with the basic difference of traversing over SSL.

Still, there is definitely a case for organizations to use both SSL and IPsec VPNs, according to Aventail’s O’Reilley. But, he just does not feel there is a case for using both for remote access. “I think IT organizations are voting with their feet on this issue right now, meaning within the network they are moving their IPsec technologies to LAN-to-LAN and they are focusing on SSL VPN for their ongoing remote access work,” he says.

He illustrates his point by citing a meeting he had with a major technology company with some 20,000 employees internationally. Many of these end users work remotely from branch offices, home offices, airport kiosks, and more. Even though their traditional IPsec remote access technology is up for renewal, explains O’Reilley, company executives have no intentions to renew that and, instead, are moving all their remote access users to SSL VPNs.

“I think it has something to do with the kind of access you’re providing to your end users. I don’t think that kind of access is actually related to applications so much,” he says.

Whatever the buzz about SSL VPNs, companies should keep in mind that these technologies will fail to solve all problems to everyone, warns Joel McFarland, manager of product marketing within the VPN and security business unit at Cisco Systems, Inc. To him, all the chatter about SSL VPNs is merely “a market indicator that says that this is another way of solving certain classes of problems, not all problems, but certain classes.”

Client or clientless?

Therefore, IPsec is strongly asserted as the primary means for providing site-to-site connectivity where you have infrastructure-to-infrastructure communi- cation over WAN, and SSL VPNs’ clientless feature helps to reduce costs and lessen worries about maintenance of remote desktops.

“But, what that limits me to is connectivity through a web browser to assets I connect through a web browser. So, it requires you have applets for certain applications to be able to effectively access them. The things that I have more difficulty connecting to are corporate assets or applications that don’t have applets available and, therefore, I cannot run it in a clientless environment because it requires a kind of a client-rich interaction system,” he says.

“There are definite efficiencies and benefits to running clientless, but there are performance, application coverage issues and compatibilities that make it a bit more challenging to solely go with that approach. It is an approach to solve the OS client issue, the client maintenance issue, but it is certainly not a wholesale replacement for IPsec VPNs because there are two different problems that each is trying to solve with very little overlap.”

Illena Armstrong is U.S. and features editor for SC Magazine.




SSL vs. application security An alternative viewpoint
For most companies requiring remote access, application support should encompass any application that a company needs to maximize its efficiency, productivity, and profitability, says Wei Lu of Permeo Technologies. While application security offers this breadth of coverage, SSL VPNs are very limited in the types of applications they can support.

Most SSL VPNs are HTTP reverse proxies, which lend themselves well to web-enabled applications, simply accessed via any web browser. HTTP reverse proxies can support other query/ response applications, such as basic email and many of the enterprise productivity tools, such as ERP and CRM client/server applications. For accessing these types of applications, the SSL VPN offers a simple, cost-effective option for remote connections. It is plug-and-play, and does not require any additional client side software or hardware.

This same benefit, however, is also the source of the SSL VPN’s greatest limitation - the fact that the user can only access a subset of the applications and data resources they require. SSL VPNs do not provide a complete solution for remote application access because they do not facilitate access to legacy or homegrown applications, nor complex ones such as those that require multiple channels and dynamic ports and use multiple protocols.

Yet this is a key requirement for corporations and their remote users. For example, SSL VPNs do not have the architecture to support instant messaging, multi-cast, data feeds, video conferencing and VoIP.

While SSL secures a TCP channel created by HTTP, it does not work on a UDP channel, for example. Application support for today’s business, however, requires support for all types - TCP and UDP, client/server and web, off-the-shelf and in-house programs.

An application-independent application security solution enables out-of-the-box support for any standard TCP or UDP. Application security technology supports any solution that uses the physical networks. In addition to supporting all of today’s programs, application security will also support all of tomorrow’s solutions, regardless of protocol or design.

Wei Lu is CTO of Permeo Technologies, Inc. (www.permeo.com).




Faster and more secure
SSL’s potential weaknesses can be overcome, says David Hicks, creating flexibility for today’s online needs.

From online shopping to online banking applications, secure sockets layer (SSL) has become the ubiquitous security solution on the web.

As applications become decentralized and shift to the web, the use of SSL authentication and encryption will continue to grow. SSL-based virtual private networks (VPNs) allow remote access to web-based applications and network resources without the need for additional client software and associated overheads. An SSL VPN only requires that the client has a browser that supports SSL (virtually all do), and optionally, an SSL certificate to authenticate to the web server.

Preventing unauthorized access

The introduction of XML (eXtensible Markup Language) has given rise to web services, a whole new generation of applications using the web as their foundation. As data flows from client to server, and server to server, during web services transactions, the need for SSL’s authentication and encryption is paramount to protect sensitive corporate data from unauthorized access.

Is it possible to have strong key management without sacrificing superior SSL performance?
David Hicks

Unfortunately, SSL suffers from two potential weaknesses. First, the digital credentials used to authenticate the identity of a web server can be stolen or copied. Second, the intensive cryptographic processes required to drive SSL sessions can impact web server performance. To address this, hardware security modules (HSMs) offer protection for digital credentials, and SSL accelerators offload computationally intensive cryptographic calculations, adding increased security and performance to applications relying on SSL.

The secure sockets layer (SSL) protocol secures client-server communication sessions through the use of public key-based authentication and strong encryption to allow private information to be transmitted across the internet.

There are two primary issues that need to be dealt with when establishing an SSL session. The first is establishing the identity of the people or computers at either end of the link, and the second is the creation and exchange of keying material used to encrypt communications during the session. These two operations rely on proven cryptographic techniques.

Missing keys and stolen identities

When two computers negotiate a new SSL session, they use digital credentials (SSL certificates) to establish their identities to each other and exchange keying materials. The exchange of key materials is accomplished by encrypting the material using the web server’s public key (carried on the web server’s SSL certificate). Upon receiving the encrypted material, the web server decrypts it using its private key.

It is not the ongoing encryption of session data that taxes web servers offering SSL...
David Hicks

A problem arises if an interloper compromises the server’s private key. An intruder who has obtained a copy of a server’s private key can effectively masquerade as that server, since they can now perform the decryption operation and successfully proceed with the rest of the handshake. With the stolen private key in hand, the thief could establish a rogue web site, and using the valid key holder’s identity, prey on unsuspecting victims lulled into a false sense of security by the seemingly valid identity.

Due to the high stakes surrounding the security of private keys, HSMs were designed to provide a more secure, hardware-based environment to store private keys and perform cryptographic operations with them. HSMs reduce the risks associated with storing private keys in a vulnerable software format by providing physical and logical isolation of key materials from the computers and applications that use them. Additionally, tamper-resistant physical designs, coupled with strict operational policies, ensure that direct physical attack and attacks from trusted insiders are prevented.

Take the holistic view

Contrary to common assumptions, it is not the ongoing encryption of session data that taxes web servers offering SSL, but rather a few operations performed during the SSL handshake. Of special importance is the exchange of the ‘pre-master secret’ from the client to the web server, since it relies on computationally intensive asymmetric cryptographic operations.

A web server’s capacity to set up SSL sessions is constrained by a number of factors, making it important to maintain a holistic view of the web server’s hardware, software and content, with regard to performance expectations. Web servers rely on their computer’s processing power to perform SSL operations, processing power that must be shared with all other applications running on the computer.

Additionally, standard computer processors are not designed for specialized cryptographic processing. A web server’s processor speed, memory capacity, operating system and web server software all play important roles in determining the overall SSL performance.

To allow web servers to cope with large volumes of SSL connections, hardware-based SSL accelerators have been designed to offload asymmetric decryptions required during the SSL handshake, freeing the web server to serve more web pages and accept more client connections.

Unfortunately, security is often compromised by hardware SSL accelerators that have been optimized for maximum performance - the very security that SSL is supposed to offer in the first place. Is it possible to have strong key management without sacrificing superior SSL performance?

In many situations, having both the security of an HSM and the performance boost offered by an SSL accelerator is required. In these situations a hybrid product that offers both SSL acceleration and hardware key management is needed to provide SSL identity protection in addition to hardware acceleration to cope with large traffic. A truly secure SSL accelerator must rate high on both performance and security to guarantee that SSL sessions are immune to hacking and fraud.

David Hicks is marketing manager for Chrysalis-ITS (www.chrysalis-its.com).

SC Mag

Copyright © West Coast Publishing. All rights reserved.