Background for the Microsoft Whale IAG Placement in the Gartner Visionaries Quadrant for SSL VPN
There has been a lot of buzz about the Microsoft Whale IAG being placed in the Gartner Visionaries Magic Quadrant. A number of people have asked me about what this actually means and what are the implications of this placement, as well as what the Whale IAG brings to the Microsoft edge security mix of Forefront Security products.
Microsoft’s acquisition of Whale Communications and it's Intelligent Application Gateway (IAG) was a strategic move to advance secure remote access features and capabilities for Windows platforms. It was also a strong admission that full featured SSL VPN and endpoint security features were missing in the ISA Firewall product.
Whale had gone further than other vendors in developing security and functionality optimizations for mission critical applications, including both Windows and non-Windows platforms. Whale Communications also had more leveraged partner relationships in security and premium ISV markets than any other company surveyed in 2005, and was expanding those relationships at the time of the Microsoft acquisition.
Because Whale was and continues to be based on Windows, porting efforts have moved relatively quickly, and Microsoft has already announced security and functionality enhancements to its secure remote access offering, which includes both the ISA 2006 Firewall and the Whale Intelligent Application Gateway (IAG). However, Microsoft has committed to continue selling and upgrading the incumbent Whale eGap platform, and Whale eGap users will have support and migration options through Microsoft for future versions.
The new SSL VPN gateway interfaces included in Microsoft’s Whale IAG are intuitive and highly functional and will be transparently integrated with all the major Microsoft applications and portals, including SharePoint, Microsoft CRM, and all Microsoft Exchange Server services (OWA/OMA/ActiveSync/RPC-HTTP/OutlookMAPI). The Microsoft Whale IAG also provides robust and exceptionally secure access for non-Web applications via advanced SSL wrappers and a network-level SSL VPN Network Connector.
Microsoft will exit the Whale eGap-appliance business and is lining up distribution partners to create the Microsoft Whale IAG on third-party appliances. The resulting products will be priced and scaled for easy entry by small businesses, as well as cost-effective solutions for midsize to large businesses.
Microsoft’s execution ranking at this time remains visionary. This is in recognition of its continuing Whale’s existing business without interruption, and without sufficient time in the market to consider the effects of the new products and new channel penetration.
Microsoft currently targets small to large enterprises with the ISA 2006 Firewall for secure remote access, secure branch off gateway and secure outbound access to the Internet via its network level firewall, remote access VPN and site to site VPN gateway, and forward and reverse Web proxy. In contrast, the Whale IAG is a more specialized product and will typically be used as only a SSL VPN gateway for secure inbound access to corporate data resources.
Because of the widely disparate roles performed by the Microsoft Whale IAG and the ISA Firewall, the issue of the products potentially competing with one another should not be an issue, and in fact, the Whale IAG SSL VPN and the ISA Firewall will be able to supplement each other’s feature sets and security capabilities to create an extremely impressive edge security solution.
Carrier-class products were not a priority for Whale and will need time to develop. Microsoft needs to challenge the incumbent leaders in midsize to very large enterprise contracts and should furnish competitive market share data.