Note the portion where the industry analyst points out that IBM may be interested in buying CHKPF. Interesting as IBM does have their own firewall - obviously it has failed in comparison to CHKPF. Actually though, IBM is an OPSEC partner with CHKPF for their RS6000 platform - still doesn't answer fully why IBM would be interested. Anyways, a little speculation.
-Jay
_____________
Consolidating for security
By Tim Clark
Staff Writer, CNET NEWS.COM
February 20, 1998, 12:25 p.m. PT
news analysis Cisco Systems' (CSCO) acquisition this week
of security firm WheelGroup signals the rapid
convergence of the networking and network security
industries, analysts and industry executives say.
The deal also may accelerate the already-evident
consolidation of Internet security vendors by forcing them
to bulk up, perhaps bidding against networking companies
moving into security.
And because of WheelGroup's widespread partnering, the
deal could force companies looking for "intrusion
detection" software, WheelGroup's forte, and a
technology that detects hacker attacks on corporate
networks, to reevaluate their plans.
"We believe that security will be a natural expectation of
the network infrastructure," said Tony Jennings,
WheelGroup's CEO, echoing Cisco's own rationale for the
$124 million acquisition. "Customers will expect that basic
functionality [to be] in the infrastructure and for it to be
transparent."
That could spell trouble for Internet security firms with
standalone products, potentially speeding up the merger
and acquisitions spree among security companies that is
already underway.
Analysts say Cisco's acquisition also puts pressure on
networking rivals 3Com (COMS), Bay Networks (BAY) ,
Ascend (ASND), and Cabletron (CS).
It also may force the hands of Internet Security Systems, a
WheelGroup competitor that filed last month for an initial
public offering, and Check Point (CHKPF), the leading
firewall firm.
"We are going to move to a different order of magnitude
for acquisitions," predicts Ted Julian, an industry analyst
at Forrester Research, who floats the idea that IBM might
even buy a company like Check Point, despite Check
Point's $1 billion market valuation. Check Point would not
confirm IBM discussions on an acquisition.
"Today there is not a security market--it's only a subset of
the networking market called security," added Fred
McClimans, CEO of research firm Current Analysis, saying
security is no longer just add-on hardware or software for
a corporate network. "Security becomes just another
component in the routing, switching, operating system,
and virtual private network (VPN) architectures."
Networking hardware and its complex software are natural
places to put security because they control access to
corporate networks--a security-aware router, for example,
can keep the bad guys off a corporate network altogether.
Already Cisco offers a firewall, both hardware and
software versions, and is licensing VPN technology from
RedCreek. Ascend, too, has a hardware firewall, though it
doesn't show up on the firewall market-share charts. Bay
and 3Com have deals to build Check Point firewall
software into their networking hardware.
Cisco, as the market leader with a long history of buying
and integrating new technologies for its routers, is now
pressuring networking rivals to respond to its
WheelGroup deal. Cisco is upfront about its long-term
strategy for WheelGroup's intrusion detection technology.
"Short term, we think there's still a lot of room for
standalone products for about 24 months," said Michael
Safly, the Cisco business development manager who put
together the WheelGroup deal. "The effort to include
intrusion detection in the infrastructure, to make it
fundamental, isn't trivial."
But clearly that's where Cisco is headed with intrusion
detection, and by extrapolation, with other security
technologies.
In the Internet security space, the WheelGroup deal
immediately affects ISS and its IPO. It must explain to Wall
Street investors why its standalone software--which
commands 35 percent market share today, according to
Aberdeen Group figures--can survive in the long term as
Cisco and other giants move in.
Indeed, ISS has issued a careful statement on the
Cisco-WheelGroup deal, despite being in its Security and
Exchange Commission mandated "quiet period" before its
stock offering.
"Unless you have a dominant position, you cannot
survive in this [security] market," ISS stated. "Based on
Cisco's historical approach to networking, this will be
another point product in the Cisco catalog."
Check Point echoed that line: "Cisco has made several
acquisitions in an attempt to catch up," spokeswoman
Emily Cohen said. "They are attempting to create another
patchwork answer to things by slapping different products
from different entities together. But there's no management
of anything."
Despite that slam, Check Point's own strategy recognizes
the coming together of networking and network security.
The company now has three product lines: its flagship
FireWall-1, a VPN product called SecuRemote, and a
"bandwidth management" offering called FloodGate-1,
which prioritizes who gets to use limited bandwidth on a
corporate network.
In an announcement due Monday, Check Point intends by
year's end to combine FireWall-1 and FloodGate-1 into a
single product, a clear sign of the coming convergence.
Still missing from Check Point's arsenal: a network
management product.
Industry observers remain puzzled why Check Point hasn't
itself pulled the trigger on an acquisition. Cohen
acknowledges discussions with a wide variety of potential
partners but says the right deal hasn't come around yet.
Other security firms have moved faster. Last year Trusted
Information Systems (TISX), another firewall vendor,
bought Haystack Labs, an intrusion detection software
firm.
Also, firewall vendor Raptor Systems has been snapped
up by security vendor Axent (AXNT) . And encryption
software pioneer Pretty Good Privacy was purchased late
last year by Network Associates (NETA).
Network Associates itself is the biggest sign that the
network and security worlds are converging--it was
created last year in the merger of antivirus firm McAfee
and Network General.
Network Associates last month introduced CyberCop, its
intrusion detection software--based largely on
WheelGroup's technology. Cisco and WheelGroup say the
acquisition won't hurt their relations with Network
Associates, which even hints this week's deal might
deepen its already-cozy ties to Cisco.
"We've been pretty positive about the merger," said Chip
Messec, director of product management in Network
Associates' security division. "They have validated
intrusion detection as a viable way to protect networking
and that's a mantra we've been chanting for the last year
now."
Messec characterized Cisco's emphasis as "protecting the
pipes in the network," while Network Associates
"manages the pipes" as well as the applications that go
through them.
"There will be complementary products, and there may be
some overlap," he acknowledged.
Still to be heard from on the convergence issue are other
major providers of network management software: IBM's
Tivoli division, Hewlett-Packard (HPW), and Computer
Associates. |
