VPN vendor-lock in Windows 7

Posted: February 18, 2009 in Posts, Windows 7

For all of the good news about Windows 7, one issue has come to light as a major stumbling block for enterprises – especially from a security standpoint.

Though Microsoft doesn’t tout DirectAccess as a VPN (presumably to avoid the stigma of complexity associated with VPNs), their server setup guide calls it exactly that. What’s more, the DirectAccess IPsec connection requires enterprises to deploy Microsoft’s server… a large investment of resources and a warning sign for future vendor lock-in.

Meanwhile, Cisco has discontinued support for IPsec clients in order to promote their AnyConnect solutions. What this creates is a large divergence of product options for customers. SSL is not ideal for all VPN needs, however Cisco is aggressively pushing this on their customers. At the same time, we predict that companies are going to resist the investment to upgrade to a new server, which will hinder adoption of DirectAccess for Windows 7.  Rather than the major industry players working toward a standard, they are trying to force the market to choose one over the other. Unfortunately, security doesn’t work that way… NCP customers we’ve spoken to are angry with the situation, and many bloggers and forum posters agree that the conflicting strategies are counterproductive to the real aims of network security.

  1. […] functionality be impacted? How will the market respond to another potential shift in VPN […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s