Microsoft buys SSL-VPN Vendor Whale Communications. What does this mean to Citrix?

Microsoft announced that they were buying an SSL-VPN vendor called Whale Communications.

A few days ago, Microsoft announced that they were buying an SSL-VPN vendor called Whale Communications. (Of course you probably already know this because the other industry websites were full of corny headlines like “Microsoft swallows the Whale.”) Having spent a few days thinking about this deal, I’d like to share some thoughts about what this deal means to Citrix and the server-based computing industry.

The short answer? Not much.

Of course the SSL-VPN industry is not “technically” part of the server-based computing industry. However, since the best-known SBC company (Citrix) has entered the SSL-VPN space (with the Citrix Access Gateway), a lot of people have been talking about how (1) this deal is important to us in the SBC space, and (2) this is yet another example of how Microsoft wants to put Citrix out of business.

I don’t think either case is true. Before we dive into the analysis, let’s look at background of the deal.

The Facts

Whale Communications is (was?) a software company. They have a software SSL-VPN appliance product that runs on Windows. It comes in various flavors, but basically it’s a plug-in for Microsoft ISA Server (Microsoft’s firewall server) that gives it SSL-VPN capabilities, endpoint security, and an application firewall.

This product will fall into the newly-created group at Microsoft called the “Security, Access, and Solutions Division’ (whatever that means). This is the group that owns all of the new security-type products that Microsoft has bought in the SSL-VPN, spyware, and antivirus spaces.

The Analysis

The question that everyone is asking from the SBC perspective is, “How will this affect Citrix?” My thoughts, as I mentioned previously, are that this won’t really affect them. Here’s why:

  • There are probably a hundred SSL-VPN vendors out there in the market today, and Citrix is successfully competing against all of them today. So what if Microsoft buys one of them? Is Microsoft ISA Server negatively affecting Cisco’s firewall sales? I doubt it. The same goes for a Microsoft SSL-VPN offering.
  • Much like Terminal Server, ISA Server is not a core product for Microsoft. If you talk to Microsoft sales reps out in the field, they’re pushing stuff like Windows, Office, Exchange, and SMS. They’re not really pushing ISA Server. Instead, ISA Server is (1) being built into a lot of appliances and sold by hardware vendors, or (2) used in specialized ways. One of the biggest reasons for this is that organizations simply do not need a lot of ISA Servers. A single company with thousands of Office, Windows, and Exchange users might only have two or three production ISA Servers. What’s a bigger target for Microsoft sales reps?
  • As I’ve written again and again, what makes the Citrix SSL-VPN special is the way that it very tightly and intelligently integrates with Citrix Presentation Server and their Smart Access capabilities.
  • ISA Server costs money. When Microsoft was talking about Bear Paw several years ago, that had the potential to hurt Citrix because it would have added Citrix capabilities into the baseline Windows operating system. But ISA Server costs either $1500 or $6000 per processor, depending on the version you buy. (Not to mention you need another $1000 for your base Windows Server license.)

Of course Windows 2003 has some basic SSL-VPN capabilities built into it for support Outlook to Exchange Server RPCs over HTTPS. Longhorn Server will extend that by adding RDP and SMB support. Even if Microsoft chooses to enhance the free SSL-VPN with some Whale Technology, I just don't see this affecting the core SSL-VPN vendors too much because Microsoft will have to be careful not to cannibalize their own ISA Server sales.


Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Definitely this is going to change SBC and citrix's future.
Why do you think this will change Citrix's future?
That link is about Microsoft buying Softricity.  What does that have to do with the SSL VPN and Whale?  :0 
ORIGINAL: sarav2k

Definitely this is going to change SBC and citrix's future.

i think for the ssl-vpn solution that microsoft bought.
there is no problem.
citrix and microsoft are partners, as you can see citrix stopped with the software secure access gateway and microsoft puts in lognhorn a software vpn-ssl solution , weard ? no.
Now Citrix has his access gateway, but my opinion is that this is an version 0.1 and Citrix has to make quick wins on this product, but what i see in the netherlands all the big companies and goverment are buying the access gateway because it "replaces" the secure access gateway.So i think the access gateway is a smart move for citrix, will the whale software affect this ?, i doubt it,not in 2 a 3 years maybe later on.
working remote and at home is becoming a big hipe also the security is becoming a big hipe, so an good ssl-vpn solution will always survive.
that microsoft bought softricity is a smart move , i still don't understand why citrix didn't bought softricity 2 years ago.Microsoft can now built application virtualization own there own platform.
Bear Paw on it's own is/was a minor threat.
The SSL-VPN ISA is no real threat.
Softgrid is a nice addition onto citrix for administrators, but not really a threat.
Virtualized applications (softgrid), brought to you through RDP with added functionality (bear paw) over a secure line (ISA SSL-VPN) for a price which lets you do without all the citrix licenses is damn interesting.
Especially if you take in account softricity just recently purchased a grid computing solution, which will now be Microsofts too! So basically allowing you to buy generic hardware to provide applications which are not really installed in a secure manner.
Add to this all the Microsoft SMS and you can get real time updates to virtual programs anywhere securely.
Microsoft controls the desktop. Not mobile equipment (phones etc), not the internet. Through which more and more apps are delivered. Now virtualising stuff like this allows Mircosoft to bring their applications to all and every platform. Linux platforms too, Apples too. You name em and microsoft can get their stuff on there.
So basically I do think this will change the SBC game.
The ISA SSL-VPN will be part of securing this all.
On itsself they're all small bits. Combined Microsoft might just be onto something.
What would ever, in MS's history, make you think they will deliver apps to Linux, apple or any other platform?
Companies will not be using MS's SSL VPN for the same reason they don't use MS's current VPN.  Citrix will not be affected by this buy anymore than Cisco, Lucent or anyone else will be.
Even Microsoft has to be realising that they only dominate the desktop.
Not the mobile equipment, not the internet.
And if they don't there ignorant. Easy as that.
So they will have to rethink their strategy. And bringing their applications to anyone, on anything anywhere will be a smart move. That way they can bring their office suite (which is their #1 income) anywhere.
Haven't you noticed how hard MS is struggling with vista? My guess is they'll be happy to stop doing stuff like this in the future.
Sounds like a plan to me anyways.
MS has already announced a "sea change" in their dircection last fall.  Citrix is standing in the way of it's vision for the future.  They will no longer hold back development on account of Citrix.  Citrix will be pushed aside.  MS knows the way apps are delivered/used is about to change.  How in the world can that be good for Citrix? 
I think MS wants a respectable gateway product that runs on Windows.
The majority of the infrastructure gateways are running on Linux or another OS.
MS wants to change this.
MS has something to prove here.