IBM's US$1.3 billion deal last week to acquire Internet Security Systems is fraught with pitfalls and possibilities: It gives Big Blue a major stake in the security game, but some wonder whether the company will know what to do with it.
In acquiring ISS - which makes Proventia intrusion-detection and -prevention appliances and offers managed security services - IBM says it wants to boost its bottom line and its security profile. The acquisition comes less than two weeks after IBM unveiled a $1.6 billion, high-profile bid to acquire FileNet's enterprise content-management software.
Lloyd Hession, CSO at BT Radianz, says developing security products requires the ability to make significant investments to keep up with the latest threats and the fast pace of change. IBM has the kind of deep pockets that could greatly aid ISS in continuing to invest in R&D as it must do.
"For ISS, it's getting funding from IBM to keep these products viable," Hession says. And by becoming part of IBM, ISS gains a lot of ground it doesn't have now. "ISS will have a whole new sales channel," he says. "They have faced an uphill battle, not being part of an enterprise vendor. Security solutions are moving away from being line-item initiatives in e-commerce buys. These are relationship buys; it has moved into the executive suite," he says.
The trend to integrated packages such as Tivoli brings value when security products work within management suites, Hession notes. The potential drawback for ISS is it becomes "part of a large organization, a small component in a huge IBM machine," he says, adding, "the established power base at Tivoli may be somewhat resistant to ISS as the new kid on the block." The challenge for IBM and ISS is to make sure ISS "doesn't get buried."
Analysts, however, question how easily and quickly IBM will be able to compete in the network-security arena, particularly against a key rival, Cisco.
"IBM is looking to increase revenue, but we just don't think it makes sense for IBM to own network-security products," says John Pescatore, security analyst at Gartner. "IBM has been successful in identity- and access-management software. But the name IBM doesn't ring a bell to any network-security person. It's not a brand to compete against Cisco in selling network-security products."
Pescatore notes that IBM exited from the firewall business five years ago. With the ISS acquisition, IBM would be back in it, with ISS' unified threat management appliances, which are a combination of multiple security protections. IBM expects to have its security consultants and global sales force selling the ISS product line.
Analyst Paul Stamp at Forrester Research is more upbeat about the prospects of an IBM-ISS merger but also has reservations about how well IBM will fare in the world of network-security appliances.
"They've concentrated more on systems and applications than on network infrastructure in the past," says Stamp. "However, with the [Micromuse acquisition] they've stepped up their management of networks, so securing [networks] is a natural extension. They'll never be a Cisco, but for a company that's approaching this from a unified management perspective, it's a good choice," he says.
Ironically, in its latest Securities and Exchange Commission filing, ISS lists Cisco first among competitors, including Symantec and McAfee, that would challenge its bottom line.
Val Rahmani, general manager of the infrastructure management services at IBM Global Services, last week touted the merger with ISS as a way IBM can broaden its managed security services, which she believes could be a $20 billion market over the next decade. ISS will prove the "base for managed services going forward," she says.
Key to that base will be ISS' Proventia line of intrusion-prevention systems, as well as the management platform for vulnerability mapping and protection prioritization it calls Proventia Enterprise Security Platform.
ISS is expected to become an independent business unit within IBM's Infrastructure Management Services, which is part of IBM Global Services. Tom Noonan, president and CEO of ISS (who is expected to continue to head ISS) says this platform can serve as the basis for managed security services on a large scale. ISS today operates a half-dozen security-services operation centers - two of them in the Atlanta area where ISS is headquartered - to monitor corporate networks remotely for attacks or other events. The ISS managed security services business, which supports non-IIS equipment as well, is thought to have about 11,000 customers.
Adopting the ISS platform model is what IBM says it wants to do in order to bolster its range of managed services on an outsourced basis.