Recently, SSL VPN maker Aventail surveyed more than 600 IT managers and found that 75% support some form of secure remote access. But over the next 12 months, secure remote access use will surge, with 85% of organizations using remote access from mobile devices, 82% from wireless LANs and 75% for disaster recovery.
But network security continues to be the biggest challenge networking professionals face when considering and deploying remote access tools.
"Security is our No. 1 priority," said Mary Beutjer, systems administrator at PCC Natural Markets, a Seattle-based natural foods co-op.
According to Beutjer, the company has a fairly large group of teleworkers who need access to critical applications from any location. Originally, the company offered a very limited remote access solution so IT could access systems from home without having to run to various locations. Later, consultants were offered similar access.
The problem, Beutjer said, was that PCC Natural Markets was using a standard firewall and an IPsec client on the other end. Setting up the client required administrative overhead and was a "bear" of a task, she said. Essentially, the client would have to be installed on any computer or device that required remote access. In some instances, end users who worked remotely would have to lug laptops and even desktops into headquarters
"It required a lot of support," Beutjer said.
Those headaches led her to a clientless SSL VPN that lets end users access applications through a Web interface. It came in handy when Seattle was buried by a blizzard and a large number of end users had to work from home.
Beutjer said her company falls in line with Aventail's survey findings, in which 98% of respondents rated security as an extremely or very important criterion in the decision-making process for a remote access solution. Security was followed by ease of use, installation and management, with more than 80% rating those categories as important.
In addition, only 44% of respondents said using a well-known brand or vendor played strongly into remote access decisions. For users, functionality far outweighed who makes the solution.
Robert Whiteley, Forrester Research senior analyst, said the survey results illustrate a shift in the perception of what remote access really is.
"Traditionally, most people defined remote access as a sort of condition of boundary -- you're either outside of the organization or inside the organization," he said. "If you are outside, you're remote."
But Whiteley is quick to note that the perimeter as it was traditionally known is dead. With increased usage of mobile devices and other devices to access business applications, it's becoming increasingly hard to determine where someone is accessing from. Someone using a PDA or smartphone to access applications could very well still be within the enterprise's walls at the time.
That element of mobility, he said, presents an interesting dilemma.
"Traditional remote access solutions did not scale at all to a mobile environment," he said, adding that offering remote access to devices like BlackBerrys and smartphones was cost ineffective.
Another problem with remote access for mobile devices is that many solutions are not session persistent. Session-persistent solutions don't break the session if the link suffers an outage or disruption -- if the device hits a dead spot or loses connectivity for a short time. Whiteley said that Aventail and Juniper both offer session-persistent solutions. Both also use dynamic compression of lower bandwidth usage.
PCC Natural Markets' Beutjer said her company is now looking into adapting its SSL VPN solution to enable better access through mobile devices. She said the company currently doesn't have too many devices deployed, but as mobile device usage within the organization rises, end users will need secure remote access to applications.
Sarah Daniels, Aventail's vice president of marketing, said the survey's findings confirm that companies are sniffing out viable remote access solutions.
The survey queried IT managers and executives who focus on networking or security, many of whom were researching SSL VPNs. The majority of the companies questioned have more than 1,000 employees.
"With today's distributed workforce, now more than ever, network IT managers need to be assured that their employees have 'anytime, anywhere' secure remote access," Daniels said, "whether it be from a home office, the road, a wireless LAN or a mobile device."