IBM on Wednesday announced its intent to acquire Internet Security Systems for US$1.3 billion in an all-cash deal expected to be completed by year-end.

IBM views the acquisition of ISS, which offers intrusion detection and prevention systems as well as managed security services, as a way to expand its role in the security realm and increase revenue. Industry analysts expressed mixed opinions about the merger, some saying IBM faces a huge struggle in the network-security area.

"IBM is looking to increase revenue but we just don't think it makes sense for IBM to own network-security products," said John Pescatore, security analyst at Gartner. "IBM has been successful in identity and access management software. But the name IBM doesn't ring a bell to any network security person. It's not a brand to compete against Cisco in selling network-security products."

He noted IBM exited from the firewall business five years ago. With the ISS acquisition, IBM would be back in it with the unified threat management appliances from ISS.

According to the most recent Securities and Exchange Commission filing on ISS, a full 78 percent of ISS product license and sales totaling US$66.1 million through June of this year, were derived from the Proventia intrusion-detection and prevention (IPS) appliances. The balance came primarily from the ISS managed services in its security centers.

In terms of the planned acquisition, the ISS managed security services makes more sense for IBM, Pescatore said. IBM offers managed services as well but "IBM services have sort of gone to hell in the last five years," he noted. Working with ISS to bolster that at IBM "makes perfect sense."

Another analyst, Paul Stamp at Forrester, was more upbeat about the prospects of an IBM/ISS merger, but he also had reservations about how well IBM would fare in the world of network-security appliances.

"They've concentrated more on systems and applications than on network infrastructure in the past," said Stamp. "However, with [the Micromuse acquisition] they've stepped up their management of networks, so securing them is a natural extension. They'll never be a Cisco, but for a company that's approaching this from a unified management prospective, it's a good choice."

Stamp added he thought some ISS customers "aren't going to be awfully happy about losing the independence of a stand-alone provider though."

Val Rahmani, general manager of the infrastructure management services at IBM Global Services, said IBM sees a huge opportunity in managed security services over the next decade in a market that could reach US$20 billion.

She said IBM anticipated ISS as a "base for managed services going forward," but added that IBM intends to let ISS remain as an independent business unit within IBM's Infrastructure Management Services, part of IBM Global Technology Services.

Tom Noonan, president and CEO of ISS, is expected to be appointed as head of this IBM business unit, which would remain in Atlanta. Chris Klaus, founder of ISS in 1994 and now its chief security adviser, is also expected to remain with ISS after it's officially acquired by IBM.

"This is an important milestone in the industry," said Noonan, because it joins together ISS, which he called "the most trusted brand in security" with IBM, the "most trusted and respected brand in the enterprise world." Noonan said the industry was at a "crossroads" where the "next-generation of security" would be delivered as services on an open platform. IBM's view, as expressed to ISS, is aligned perfectly with the Proventia platform, said Noonan.

"Faced with competing head-on with Cisco and Microsoft, this is a good deal for IBM," said Eric Ogren, analyst at Enterprise Strategy Group. "Large enterprises have expressed frustration deploying new applications because of all the security hurdles and detours they encounter. IBM services' mainstreaming of security will help smooth out this process for large enterprises."

IBM's Rahmani said that IBM's Tivoli software-development group would be working with the ISS team on product integration in the future following the merger's completion. Ogren pointed out "ISS has always been a poor technology partner" but he expects that to change under IBM's direction. He noted IBM and ISS are counting on the overlap in their customer bases to facilitate growth.

IBM has been on a multibillion-dollar acquisition tear this month. Two weeks ago IBM announced plans to acquire content management and business process management vendor FileNet for US$1.6 billion. Earlier in August, IBM made a deal to acquire MRO Software, which makes products for managing physical assets, for US$740 million. Another IBM acquisition is Webify Solutions, which makes industry-tailored software and services for service-oriented architecture deployments, for an undisclosed amount.