SOURCE: Aventail

March 30, 2006 13:00 ET

SSL VPNs Play Central Enforcement Role in Network Access Control (NAC), Says Leading Analyst

SEATTLE, WA -- (MARKET WIRE) -- March 30, 2006 -- Secure Sockets Layer Virtual Private Networks (SSL VPNs) have a central enforcement role to play in Network Access Control (NAC) architectures, according to leading analyst Jeff Wilson, Infonetics Research. As the NAC architecture is envisioned by Infonetics Research, an SSL VPN device can serve as the secure gateway and the policy enforcement point, controlling access to network resources by both internal and remote users.

"Early visions of NAC involved building up or retrofitting network infrastructure, adding security control into every switch and router, so they could play traffic cop for the network," said Jeff Wilson, principal analyst, Infonetics, who outlined NAC in a Webinar broadcast this week. "However, you can deploy NAC without having to upgrade or disturb your existing network infrastructure by using standalone NAC appliances and an SSL VPN gateway."

The Webinar on "Controlling Network Access Using SSL VPNs" featuring Jeff Wilson is available on-demand at:

Network Access Control (NAC), as defined by Infonetics, is a framework that allows companies to secure access to network resources for all users by enforcing policies on the health of the user's computer, the user's identity, and the information the user wishes to access. According to Wilson, this enforcement is managed with the following steps:

1.  Authentication of the user (regardless of location)
2.  Device integrity checking on user's end point
3.  Comparison analysis of authentication and device integrity to
    centralized policy
4.  Controlled access granted, access denied, or device quarantined for

SSL VPNs are ideal for NAC enforcement, because most solutions handle all of these required steps, Wilson indicated in the Webinar. For example, SSL VPNs have a strong client integrity checking functionality built in, they provide granular access controls at the application layer, which is more secure, and they are tested, trusted, and deployed by thousands of organizations around the globe for remote access. Enterprises can easily extend utilization of an SSL VPN for NAC enforcement, stated Wilson.

While remote access will remain the primary driver for SSL VPNs overall, companies who buy SSL VPNs initially for remote access will quickly turn them inward and use them for NAC-like solutions, stated Wilson in a recent report, entitled, "Enforcing Network Access Control: Market Outlook and Worldwide Forecast."(1) In that report, Infonetics' forecast showed that more than two-thirds of SSL VPN gateways will be used in NAC deployments by 2008.

"In the future, all users will be treated as if they are remote and all end points treated as un-trusted, and our SSL VPN will be the secure gateway between all users and applications," said Chris Witeck, director of product management, Aventail. "We have many customers starting down this path by using our SSL VPN to secure access via their internal wireless networks, and the next step will be using it for all LAN-based application access."

To access the Infonetics report on Network Access Control, go to:

(1) Enforcing Network Access Control: Market Outlook and Worldwide Forecast. Infonetics Research, January 2006. Authors: Jeff Wilson, Julia Harris, and Laura Whitcomb.

About Aventail

Aventail is the best-of-breed remote access company. Aventail delivered the first SSL VPN solution in 1997 and today is a market leader, delivering the easiest to use and control remote access solution. Aventail Smart SSL VPN appliances provide users with transparent, clientless access to more applications from more devices via any network environment. For network managers, Aventail delivers a single secure access gateway for all users, internal and external, to all network resources with complete security. With more than two million end users around the globe, Aventail is the SSL VPN of choice among mid- to large-sized organizations worldwide, including AT&T, the Environmental Protection Agency (EPA), Chicago Housing Authority, DuPont, Radiology Ltd, James Richardson International, Organization for Economic Cooperation and Development (OECD), Overlake Hospital, IBM Global Services, and hundreds more. For more information, go to

Aventail, Aventail ST, Aventail Smart Access, Aventail Smart Tunneling, Aventail EPC, Aventail OnDemand, Aventail Connect, Aventail EX-2500, EX-1500, Aventail EX-750, and their respective logos are trademarks, registered trademarks, or service marks of Aventail Corporation. Other product and company names mentioned are the property of their respective owners and are mentioned for identification purposes only.

Contact Information

  • Media Contacts:
    Aventail Corp.
    Margaret Dawson
    Shannon Mapp
    Email: Email Contact
    Tel: 206-438-7214