#opinionswanted #cloud #infosec

megaphone-gray I asked this on Twitter as a general question after reviewing the results in the Completely Unscientific Hybrid Cloud Survey Results from Gartner DC 2012 and continued to wonder why IPSec VPN was specifically noted but SSL VPN was not. Certainly a VPN of some kind is a requirement, no argument there, but why IPSec? Why not SSL? Is there some bias against SSL or is it perhaps just that the presenter at the conference failed to offer it as an option?

Then I thought this is just one of many questions I'd like to hear more opinions on. Blogs are good for asking questions. Blogs are good at aggregating answers and opinions in one place. By golly, a blog is a good place to ask this question too!

So, without further adieu, your question for the week:

Why IPSec for cloud bridging? Is it just the default protocol folks think of when hearing the term VPN or do SSL VPNs lack some critical function required?


Sound off, share your opinion in a comment.

 F5 Networksclip_image003[5]clip_image004[5]clip_image006[5]clip_image007[5]clip_image008[5]

Comments on this Article
Comment made 17-Dec-2012 by Lori MacVittie
Thus far we have some great response on Twitter from folks like Mike Fratto (@mfratto), David O'Berry (@davidoberry), Simon Crosby (@simoncrosby), David Mortman (@mortman) and Jack Daniel (@jack_daniel)

Some of the insights thus far:

- Smaller encapsulation
- IPsec deterministic, known overhead versus varaible
- IPSec VPN net-to-net shipping and widely available, SSPN VPN net-to-net not
- OpenVPN long available, choice of ports/protocols, more forgiving of latency
- Support and scalability

Looking forward to more insight on this one!

Comment made 17-Dec-2012 by Lori MacVittie
Christofer Hoff (@beaker) and Steve Shah (@steveshah) chiming in with interoperability and standardization as well as broader support as reasons for IPSec dominance over SSL VPN as protocol of choice for cloud bridging.