Simplifying virtual private networks (VPNs) by using the browser-based secure socket layer (SSL) will instigate a fundamental change in the use of VPNs in enterprises, according to research from The Tolly Group.

The research, co-sponsored by indirect-selling SSL security appliance vendor Netilla, found that 75 per cent of network managers believe enterprises will choose SSL VPNs when workers access the network externally, and expect the transformation to occur within two years.

"We were surprised by the interest in SSL VPNs because internet protocol security (IPSec) VPNs have been around for so long, we did not expect network managers to be so open to fundamental change," said Charles Bruno, analyst at The Tolly Group. "But this survey shows they are."

The research questioned 52 senior enterprise network security specialists across vertical industries, including healthcare, financial services and manufacturing.

Users can access the SSL VPN via the web on a PC with no need for client software. "The clientless nature of SSL VPNs is the key factor leading to interest because IPSec VPNs are seen as complex," said Bruno.

But despite the predictions, Bruno warned that a lack of understanding on how to deploy SSL VPNs was a potential roadblock, and urged vendors to educate users to understand its benefits.

Ian Kilpatrick, group managing director at security distributor Wick Hill, said: "There is a lack of knowledge of SSL VPNs and it is the responsibility of the vendors to educate customers and generate demand, because it is an emerging market."

But he acknowledged that there was room for both SSL and IPSec in the market. "SSL and IPSec are alternative technologies and are not mutually destructive," he said.

"SSL is an important technology and is used widely in areas such as secure web transactions, but it is immature in the VPN market. I do not think IPSec VPNs will go away, because the technology is a recognised VPN standard."