Dell to acquire SonicWall

Acquisition-crazy Dell has now captured two new companies in three weeks and 13 in the last two years. The latest in the list is security specialist SonicWall. The acquisition is more than just a “beefing up” of Dell’s security line up – it’s representative of a shift in Dell’s overall strategy as a technology firm.

Dell recognized changes in the industry, and was willing to move beyond efficient PC/server manufacturing and distribution into new technologies and services. Of course, Dell's competitors in the full-service IT products and services business have been doing the same thing. IBM, HP, EMC and Oracle (not so much lately) have all gone through similar asset-collecting binges. Clearly visible trend from all these M&A activities is the emphasis on tightly weaving security into IT infrastructure.

The acquisition gives the company complementary assets to go with its SecureWorks services effort and KACE vulnerability and patch management. Specifically, SonicWall makes firewall software and unified threat management applications as well as appliances. SonicWall’s software includes firewalls, remote access, backup and recovery, policy enforcement and a centralized management system for network administrators. The security vendor has 300,000 customers in 50 countries, 950 employees and a channel program with 15,000 retailers, which Dell plans to integrate into its own PartnerDirect program. SonicWall also has over 130 patent apps, with 64 issued to date, which Dell rightly states as another reason why the acquisition has value. Here’s how the parts will fit together with Dell’s security portfolio.

How SonicWall fits into Dell’s overall scheme of things

Bundled security offerings- Between SecureWorks services portfolio and Dell resources, the company has built a sizable and growing security services business with its own sales force and a worldwide installed base.  Dell can now align this security momentum with SonicWall's security appliances portfolio.

Increase Mid-market mindshare– Most of SonicWall’s products are focussed on mid-market. Dell has a strong installed base in mid-market and can leverage SonicWall’s products to cross-sell to existing customers.

Integrated security and networking- Last year Dell bought switch manufacturer Force 10 Networks. If Dell can figure how to integrate, it could be a significant play for people who want another choice in integrated security and networking other than Cisco, Juniper and HP.

DataCenterand Cloud Infrastructure - Dell's Data Center Solutions (DCS) platform already powers big data centers as well as cloud offerings like Microsoft Azure and Bing.  Dell recently announced its Virtual Network Architecture (VNA), it's data center fabric play based upon Force10.  Now Dell can round out its data center offering with SonicWall's SuperMassive firewall line, a massively parallel security appliance.

My take on the deal

Impact on Dell – Positive (for the reasons mentioned above)

Impact on SonicWall – Strong Positive.

It will vastly improve SonicWall’s brand image. Dell’s reach will also help SonicWall expand opportunities with small and medium-sized customers.

Impact on SonicWall’s direct competitors – Negative

The deal can hurt mid-market focussed/specialized security appliance vendors such as Barracuda, WatchGuard, CyberOam, Palo Alto and perhaps Fortinet. However I feel impact on Cisco and Juniper would be negligible, at least in short run.

Impact on Dell’s direct competitors – Currently the deal poses a great threat to HP than anyone else. IBM would continue focussing on large deals and is in a position to demand a premium for the same. Dell, at least in short run, would be quite happy to concentrate on the mid-market to lower end of enterprise market. HP is the one who will be squeezed in between. However things can change if HP decides to acquire one of the strong security vendors.

One would argue that Dell could have done better if it had gone after Fortinet or Palo Alto Networks instead of SonicWall. However, I feel, gobbling up any of these two strong companies would require a hefty price. So looking at the price (Wall Street estimates it to be around $1.2 Billion) and the value that SonicWall brings I would say – “its not a bad deal”. I believe, if Dell can manage to tightly knit and position all the pieces – Dell server, Equallogic & Compelent Storage, Force10 network gear, SonicWall’s security and Perot Systems’ services – it can be in a strong position to offer cost-effective alternative to mid-to-large enterprises as oppose to high-priced HP and IBM solutions.

Archer GRC update

Recently I attended EMC’s Industry Analyst teleconference on Governance, Risk & Compliance (GRC). The analyst community was briefed by Eric Erston, VP, Archer go-to-market; David Walter, Sr. Director, GRC Strategy and Solutions; and Phil Aldrich, Sr. Product Marketing Manager on EMC’s GRC strategy, accomplishments and momentum.

Here I will provide the key take-away from the session and my views on overall EMC GRC strategy.

• RSA-Archer has grown from strength to strength since its acquisition by EMC in Jan 2010. The recent success stories shared by the presenters demonstrated that the company is gaining good traction in international markets.
• The success of Archer platform can be attributed to the solid technical functionality and the capability to fulfill both the demands – IT GRC as well as Enterprise GRC. I believe, organizations will start adopting a single GRC platform to manage risk and compliance efforts related to IT and enterprise domains. After all IT is just one part of Enterprise.

Fig: Archer eGRC platform

• I was also impressed by the approach EMC is taking with Archer GRC platform. The company is not only integrating it with various RSA security technologies but is also integrating with EMC portfolio to lend broader functionalities. Archer GRC platform is now integrated with RSA envision (SIEM), RSA DLP, FraudAction and cyberintelligence services. On EMC side it is getting integrated with Ionix Server Configuration Manager (SCM) and Documentum Information Management portfolio.
• EMC-RSA will continue to invest in internationalization and localization opportunities for the product and will look to leverage the Archer Community to foster greater collaboration among GRC professionals.

Gemalto

Recently I attended an Analyst Day hosted by Gemalto in Singapore. The purpose of this event was to brief the analyst community on Gemalto’s technology, vertical solutions and current activities in the market.

For starters, those who have a little/no idea about Gemalto - the company was formed in June 2006 by the combination of Axalto and Gemplus International. It is an international digital security company, providing secure personal devices such as SIM cards, smart cards and tokens in addition to software applications and managed services. The company's customers include 400 mobile network operators, 300 financial institutions and more than 30 nations for identity programs like electronic passports, driver’s licenses and national identity cards. Globally, Gemalto has 10,000 employees, 30 personalization centres, and 13 R&D centres in 45 countries with revenues of € 1.91 Billion in 2010. As of now, over one billion people all over the world are using Gemalto’s solutions – most without even knowing it. I myself am a Gemalto user on two accounts – one the digital signature I use for signing documents on Ministry of Corporate Affairs (MCA) portal and secondly use the smartcard-based driving license.

The event kicked off with a short video (I managed to find it on YouTube http://www.youtube.com/watch?v=UcaLllaUG3s). True example of technology working behind the scenes. The user doesn’t know how but expects it to work seamlessly.

The video was followed by an introductory session by Tan Teck Lee, Chief Innovation & Technology Officer and Asia President for Gemalto. Teck Lee provided a quick overview of Gemalto’s activities in APAC region and also touched upon the various government programs wherein Gemalto is involved. The session was followed by keynote presentation from various business units of Gemalto – Mobile communications & M2M, Secure Transactions, Government Programs, e-Banking & Online Authentication.

Two things that caught my attention during the event were – Machine-to-Machine (M2M) and hyper-personalization of cards. Using M2M, two machines can communicate with each other by sharing data over mobile networks. Immediately the Onida AC advert flashed in my mind where an AC can be switched on before the owner arrives at home just by sending a SMS from mobile phone. Similarly there are thousands of existing M2M applications and the potential is almost limitless.

Hyper-personalization of cards is something new to the Indian market. We have seen many banks, financial institutions and retailers issuing cards to their customers with company’s logo on it. The idea is simple – to increase brand awareness and mindshare. But most of these institutions have not given due attention to customer satisfaction and loyalty to enhance their market position. Hyper-personalization can act as a driving force behind enhancement in market position as well as increase in revenues. A survey sponsored by Gemalto claims that customer tend to increase the usage of their cards by 15% if it is highly personalized.

Fig: Hyper-personalization of cards

The personalized card shown above with my name and my photograph was done in five minutes using Gemalto’s solution.

Clearly there are lot of things Gemalto has on offer for telcos, banks, financial institutions, retailers, transport operators and governments – most of them we don’t even know.

IBM security systems division

IBMs new Security Systems division

Yesterday I attended IBMs Q4 2011 Analyst update call on IBM Security Systems and I must say there are lot of things happening at Big Blue. I have been analysing the ICT security industry for past several years but for the first time I see a security technology vendor actually showcasing a holistic end-to-end security offerings. Many will argue that Symantec, McAfee (Intel) and even to some extent Cisco and CheckPoint have an end-to-end story. But it didn’t ring any bell to me. At no point in time I could see a single vendor providing answer to – who, when, what, where, why and how – questions related to security. IBM has a vision to provide those answers to its clients.

IBM has resurrected itself from the mistakes it did post-Internet Security Systems (ISS) acquisition. Big Blue now realizes that it needs a security nexus rather than a bit of security scattered throughout various product groups. Hence the formation of new security systems division. The new division brings together the existing assets which were under various brands – Tivoli, Rational, ISS, IBM services. In addition the company has made some smart purchases to round off its portfolio – BigFix for endpoint security; OpenPages, Algorithmics and i2 Corporation for GRC; and the most recent Q1 Labs for security analytics.

Source: IBM

It’s interesting to see how IBM has shaded away the point products orientation and moved on to build security solutions and frameworks by integrating various technologies. The company understands that there is a big opportunity to not only integrate disparate security tools into enterprise architecture, but also build vertical-specific security functionality on top. By bringing in all the security IP under one roof opens up lots of options for further integration and innovation.

Over the past few years, leading security technology vendors boasted about individual products, threat research, and market share.  IBM has all of these things in its new division but it also has a few other assets like enterprise architecture expertise, lots of data analytics assets, system integration capabilities and deep industry knowledge.  This combination lends IBM an unique advantage over the competition.

What is your opinion about IBM’s approach? Do you see IBM as a strategic partner for your security needs? I would like to get your feedback.

The rise of Security Analytics

The rise of Security Analytics

IT security has long been hamstrung by obstacles unknown to many other aspects of the enterprise. Businesses may be able to measure their performance through objective metrics such as sales growth, production efficiency or customer preference, but information security management too often boils down to a reaction to recent events or the well-known trio of fear, uncertainty and doubt. However, there is a change brewing in information security and information management. In the early days, this discipline really came down to event detection. Security information and event management (SIEM) systems scanned a bunch of data looking for needle-in-the-haystack events that indicated trouble. All other data was considered "noise" and thrown away.

With the onset of regulatory compliance a few years ago, this model went through an initial change. The "noisy" data was now necessary information to demonstrate security controls for compliance audits. However, event data and compliance data still remained separate entities. Now things are changing yet again. In today's dangerous security landscape, no data is considered "noise" anymore. Rather, security analysts now want access to terabytes of historical data for analysis. IT security teams are seeking accurate and timely information that illustrates how and where attacks as well as defences succeed, highlights where they fail, and clarifies where response can best be improved.

But can this information be found in the avalanche of data that engulfs security teams every day? And do organizations have access to tools that can make this data truly actionable? Answer is YES and it’s Security Analytics. Below we list down some of the use-cases where Security Analytics fits in nicely.

Use case 1: Security analytics as a decision support system

As the pressure on business increases so does the complexity of the security challenges. As a result security teams are finding it increasingly harder to achieve, measure and communicate a measurable reduction in business risk. So how should a security team determine the best possible strategy: How much should be spent; what should be prioritised; what trades-offs to accept between lowered risk and business disruption; how to champion and justify security? Security analytics, similar to Business Intelligence platforms, can help in taking timely and appropriate decisions related to planning, budgeting, performance measurement etc.

Use case 2: Refine Governance, risk and compliance (GRC) management

One of the key challenges that IT security executives face is defining and executing a comprehensive IT GRC strategy and aligning it with broader business GRC initiatives. Security teams often face questions such as - what are the key metrics, which security controls are right, which security standards we should use, how to define new security policies etc. Today, the realm characterized as GRC is dominated more by the C, while the R is still in its early stages and is largely focused on issues such as vulnerability management. The limitations of current technology, however, suggest an opportunity for the realm of Business Intelligence (BI) to capitalize on a data-driven approach to strategic insight and security management. Security analytics tools can help in analyzing and correlating large data sets – logs, standard benchmarks, best practices documentation that can eventually help organizations refine their GRC strategy.

Use case 3: Information-centric investigation, litigation

Call it a compliance mandate or a governance rule but today organizations need answers to all suspicious activities and also need material evidence to back any claims. If there is reason to believe that Mr. X the IT administrator has been covertly accessing quarterly financial data, a subsequent security investigation will encompass everything and anything including when Mr. X was in the building, when he logged onto the network, which systems he accessed, and what he did. This type of investigation requirement changes the security technology model. It means collecting, normalizing, and storing tons of data. It means sophisticated algorithms and processor-intensive query engines. It means the integration of physical and information security, including video surveillance.

Use case 4: Strengthen defences

Organizations desperately need more accurate and timely insight into modern threats that evade detection simply because the approaches are outmoded. Security teams have long known that signature-based defences are becoming overwhelmed by the sheer volume of threats, as well as by the innovations of highly skilled adversaries who can probe a wealth of opportunities in the complexities of IT. Additionally, scanning through the vast array of potential security issues in any environment requires far greater data analysis capabilities than most of the techniques enable today. Security analytics platforms give analysts a set of tools to synthesize insight from a number of sources, from malware samples and evidence of activity collected from network content to third party intelligence. The scope and flexibility of these toolsets give practitioners a way to better understand more complex, ongoing or as-yet unrecognized security issues and accordingly strengthen their defecnces.