If you look at revenue numbers, Cisco is the clear leader in network security. That said, the company has been far less visible over the last few years–especially at the high-end of the market in consolidated data centers, wired and wireless carrier networks, and cloud computing infrastructure. This opened this lucrative market to Juniper’s SRX and the security duo of Crossbeam Systems/Check Point.
As the saying goes, “never wake the sleeping giant.” In an unprecedented series of announcements yesterday, Cisco announced its new high-end security system, the ASA 5585X. Cisco’s deepening data center chops are clearly evident here. The ASA 5585X is a 2 rack unit appliance, a small form factor that one-ups the competition in terms of power, space, and cooling but still delivers massive data center performance from 2Gb to 20Gb of throughput. Cisco also demonstrated that it is paying attention to the mobile Internet market by emphasizing that the 5585X can deliver up to 350,000 connections per second — a metric that will really appeal to wireless carriers.
The ASA 5585X announcement was one drop of a veritable waterfall of news coming out of Cisco yesterday. Whether you love Cisco or hate it, you have to give the company credit — all of the announcements were strong on their own, tied together with overall company initiatives, and supported one another. For example, the ASA 5585X announcement:
I don’t know how the ASA 5585X compares to the competition, but speeds-and-feeds are somewhat beside the point. The ASA 5585X gets Cisco back in the game. Combined with Cisco’s growing portfolio, data center experience, and un-matched marketing messages, it will most certainly sell a lot of high-end security boxes.
Tags: AnyConnect, ASA 5585X, Borderless Networks, Check Point, Cisco Systems, Crossbeam Systems, Juniper Networks Posted in Uncategorized | No Comments »
The waiting and guessing games are over; today, HP announced its intent to buy security management software leader ArcSight for $1.5 billion. I didn’t think HP would pull the trigger on another billion+ dollar acquisition before hiring a new CEO, but obviously I was wrong.
ArcSight is a true enterprise software company. As I recall, many of the early ArcSight management team members actually came from HP OpenView. With this model in mind, ArcSight went beyond technology and invested early in top field engineers, security experts, and sales people. This vaulted the company to a leadership position and it never looked back.
For HP, ArcSight fits with its overall focus on IT operations software solutions for Business Technology Optimization. In the future, security information will be one of many inputs that helps CIOs improve IT management and responsiveness. It won’t happen overnight, but think of all sources of IT management data (i.e., log data, SNMP, network flow data, configuration data, etc.) available for query, analysis, and reporting in a common repository. This is what HP has in mind over the long haul.
In the meantime, HP should get plenty of ArcSight bang-for-the-buck over the next 12-24 months by:
In spite of its security services and thought leadership, HP’s name has been notably absent from IT security leadership discussions in the past. ArcSight should change that.
A few other quick thoughts:
Tags: ArcSight, Check Point, CNCI, F5, FISMA, HP, Oracle, Riverbed Posted in Uncategorized | No Comments »
You’ve got to hand it to VMware — it clearly understands the strengths and weaknesses of the ESX environment and is focused on improving the platform. Case in point: this week’s VMworld, when the company announced the VMware vShield family of security products.
From the early announcement, it seems that vShield is composed of:
Now I’m not at VMworld, so I’m reading between the lines. Nevertheless, I like the direction VMware is taking. ESG Research indicates that security is a big issue with server/desktop virtualization. This is true for everyone from virtualization newbies to sophisticated shops.
The vShield products are a great foundation for VMware, but I believe there is still a lot of work to do beyond clearing up the messaging. I suggest that VMware:
Tags: Check Point, F5, Juniper Networks, VMware, VMworld, vShield Posted in Uncategorized | No Comments »
Before the bell rang on Wall Street, Intel shocked the army of Latte sipping financial wonks by announcing its intentions to buy security leader McAfee. The deal is valued at $7.7 billion or $48 per share, about a 60% premium on the stock price.
A few financial analysts who cover Intel say that this is about Intel’s mobile device aspirations. Maybe, but McAfee just got into the mobile device security market and my guess is that this business accounts for $5 million in revenue or less.
Sorry Wall Street but that ain’t it at all. I believe that Intel sees the same thing I see. The security market is wildly fragmented with vendors producing tactical point products for its customers. These point products can no longer address the environment of sophisticated and massive threats. In the very near future, enterprise and service provider security technologies must deliver unprecedented levels of scalability, manageability and integration.
Guess what? In today’s market there isn’t a single vendor who can deliver a security product suite anywhere near what’s needed in the market. Get it Wall Street? There is massive emotional demand but no supply. Here’s the kicker — without significant improvements in security, this whole Internet party hosted by companies like , eBay, , , etc. could get really, really ugly soon.
To be fair, McAfee can’t deliver the level of scale, manageability and integration that the market demands but it’s as close as any other vendor. Combine this with Intel hardware, money, and brainpower and you’ve gotten something.
I believe Intel sees a market opportunity, not a product opportunity. Yes, there is plenty of room to integrate McAfee with mobile phones, microprocessors, and NSPs but this is a footnote to the story.
A few other observations:
Tags: ArcSight, Check Point, Fortinet, IBM, Intel, LogRhythm, McAfee, Nitro Security, RedSeal, RSA, Sourcefire, Symantec Posted in Uncategorized | No Comments »
Check Point made a pretty significant move today when it announced its new application control software blade. Built upon technology that Check Point acquired from FaceTime, the new application control software blade can help organizations create and manage usage policies for 50,000 Web 2.0 and social networking applications and widgets.
Check Point’s application control software blade is a winner on its own, and even more so in a broader Check Point security architecture. Gil Schwed and Co. need to broadcast this news.
Tags: Check Point, FaceTime, Firewall, Palo Alto Networks Posted in Uncategorized | No Comments »
If you do some research on endpoint security you’ll quickly read one analyst or another’s claim that antivirus software is dead and that there is a pressing need for some new model like cloud security services, white listing, black listing, virtual desktops, etc.
Antivirus is dead? Hmm, I wonder if these analysts have been following the financial results of Kaspersky, McAfee, Symantec, Trend Micro or a host of others who continue to make money on endpoint security software.
As you can tell by my sarcasm, I don’t subscribe to this theory but I do believe that endpoint security is going through massive changes in order to best address new threats and new requirements. Now and into the future, endpoint security will:
Aside from market demand, security vendors will go down this path for defensive reasons. Free AV software from AVG and Microsoft is plenty good for casual users.
Will all of these features mean an uber fat client application? No. Like hybrid threat protection, vendors will offer a lot of these features as cloud services and rely on a lightweight agent to orchestrate the process. Finally, users will choose what they want and how much they want via a pricing calculator. Think online PC sales as an analogue.
Security purists may claim that endpoint security changes mean giving up control but the business case is too attractive for both users and vendors to pass up. Broad based solutions that cover requirements like threat management, performance management, backup, identity protection, and configuration management across multiple devices per user are simply the next phase of an evolutionary life cycle.
Tags: AVG, Check Point, Cisco, Dell, Finallyfast.com, IDWatchdog, LifeLock, McAfee, Microsoft, Panda, Sophos, Symantec, Trend Micro, TrustedID Posted in Uncategorized | No Comments »
Today, Symantec announced that it is acquiring two encryption companies: GuardianEdge and PGP. Some will see this as a late counter-punch to Check Point‘s acquisition of PointSec, McAfee‘s acquisition of SafeBoot, and Sophos‘s acquisition of Utimaco. In other words, Symantec is finally getting in the full-disk encryption game, primarily on laptops.
Wrong interpretation. Symantec does get endpoint encryption technology, but there is a lot more here than meets the eye. In my humble opinion, Symantec also gets:
In the next few years, large organizations will realize that encryption technologies have become ubiquitous across the enterprise with no central management. This could be a real problem for data restoration, especially in a disaster recovery situation. At that point, they will look for partners to bring order, processes, and central control to this chaos. As of today, Symantec is extremely well positioned for this burgeoning–and extremely critical–market opportunity.
Tags: Check Point, Chosen Security, encryption, GuardianEdge, IEEE, KMIP, McAfee, PGP, PKI, Symantec Posted in Uncategorized | No Comments »
There is a glimmer of good news on the venture capital front. In Q1 2010, venture funding rose 38% from a year ago to $4.7. What’s more, the pool of VC money is spread over 681 companies–a 7% increase from Q1 2009.
Good, but not great news. Most of the dough is going to biotech companies while investment in clean technology tripled.
The bad news? Investment in software declined 1% year over year. Remember that in Q1 2009, we were preparing for runs on banks and Hoovervilles.
While I have no data, there is anecdotal evidence suggesting additional bad news. I speak with security companies all the time and I simply don’t see VCs investing heavily in this space.
Perhaps they got burned investing in the 5th NAC, anti-spyware, or UTM vendor. Maybe they think that Cisco, Check Point, Juniper, McAfee, Symantec, and Trend Micro have everything covered. It could be that many believe that the whole tech space is mature, so they are chasing the new new thing in other technical areas.
I’m not sure why the VCs are eschewing security investments, but I do know that this is a problem. Why? At a time when attack volume is steadily increasing, cybercriminals operate like Fortune 500 companies, and FBI directors characterize cybersecurity attacks as “an existential threat to our nation,” the VCs are moving on to perceived greener pastures. In other words, there is serious demand for next-generation security skills and technology, but the supply-side continues to invest elsewhere. Bad economics and bad for the digital assets we all depend upon.
Okay, I understand that the VCs are in it for the money and nothing else, but something is wrong with this picture. It seems to me that when demand exceeds supply, there is money to be made. I’d like to see the VCs invest in security as a patriotic act, but I’m not optimistic. Therefore, I have a few ideas for the “smartest guys in the valley” on Sand Hill Rd.
The lack of VC investment in security could have broad implications moving forward, so the VCs can’t sit on the sidelines. It’s time for the rich guys to get more involved and proactively champion security innovation and investment rather than sit back, drink Merlot, and wait for business plans to come in. Our digital security may depend upon this.
Tags: Check Point, CIA, Cisco, DOD, DOE, Federal Government, Israel, Juniper, NSA, Symantec, Technion, Tel Aviv University, Trend Micro, Venture Capital Posted in Uncategorized | No Comments »
ESG’s research indicates that network security spending will be a focus area for 2010. Nearly half (48%) of midsized (less than 1,000 employees) and enterprise (more than 1,000 employees) organizations will invest in network security technologies like firewalls, IDS/IPS, gateways, and threat management solutions.
Yes, all of these technologies are important components of a defense-in-depth security architecture, but they are also quite mature. Why the network security renaissance? Because of:
With all of this activity, many networking vendors stand to benefit. Cisco and Juniper have great network security offerings that interoperate with their core networking products. HP will pick up TippingPoint with 3Com, but it needs to build an architecture story quickly. Brocade is working with partners and must continue to make this a core part of its value. Other networking vendors need to make similar moves.
Security gets more complex each day, so state-of-the-art devices may have a short shelf life. Expect continuous investment in network security moving forward. Networking vendors that recognize this will put themselves in the best position.
Tags: Brocade Networks, Check Point, Cisco Systems, Crossbeam Systems, HP, Juniper Networks, McAfee, Sourcefire, TippingPoint Posted in Uncategorized | 3 Comments »
I’ve written some not too flattering things lately about Cisco. Now I’ve got nothing against Cisco — I’m actually quite impressed with its broad portfolio, M&A strategy, and sales/marketing muscle. Cisco also has a lot of Chutzpah — taking on Dell, HP, and IBM on next-generation servers wasn’t a move you’d see from a risk-averse company.
In general, I admire Cisco, but I’m not sure where it is going with security. I’ve written a few blogs about flat revenue, changing agendas, and product commitments in the past that I’m sure haven’t played well in San Jose. The pushback I tend to get is that Cisco builds security into all of its products so individual security products aren’t the right thing to focus on.
Hmm, this may be so but in my humble opinion Cisco is fighting on two fronts and right now it can’t win on either one. Allow me to elaborate.
Front number one is traditional security products. Aside from a few exceptions like IronPort, Cisco security products haven’t kept up with the competition. You can build all the security you want into products but you still need firewalls, IDS/IPS, gateways, etc. Cisco is losing a lot of these security product sales. The other problem here is that Cisco doesn’t cover all security areas. It has no desktop presence, limited application presence, no database presence, etc. This is the front where I’ve been most critical of Cisco. The only way Cisco can bounce back here is with a big acquisition (McAfee, Check Point?) or with a lot of strategic little ones.
Front number two is business security solutions. What I mean by this is more end-to-end security solutions that secure enterprise or vertical industry business processes. I believe Cisco is trying to go in this direction based on its new positioning and tag lines like, “enabling the next-generation workforce to collaborate with confidence.” Cisco’s instincts are spot on — enterprise organizations are now trying to secure business processes not just IT infrastructure. The move to secure business solutions means that deals get bigger and executives get involved with security decisions. Good news for Cisco except that it can’t hold a business security solutions candle to others like HP, IBM, Accenture, SAIC, etc. When push comes to shove, these others have vertical industry and business process mojo that Cisco just doesn’t have.
Cisco should go after the business security solutions market but it can’t just throw around new marketing initiatives and succeed like it has in the networking space. I suggest that Cisco do one, a few, or all of the following:
Cisco has dabbled with a similar business security solutions strategy. For example, ScanSafe is a potential great adjunct to UCS, data center products, and cloud/service provider sales and marketing. That said, Cisco has yet to jump in with both feet.
Note to John Chambers: If you want to compete with HP and IBM you need more than marketing magic that sits on the network — you need real business security solutions.
Given its security leadership history, I believe Cisco can be successful here with the right investments but I don’t believe that Cisco can fake its way through, or compete on security products and business security solutions from its current weak position.
Tags: Check Point, Cisco Systems, Cloud Computing, Courion, CSC, Federal Government, HP, IBM, McAfee, Ping Identity, ScanSafe, Unisys Posted in Uncategorized | No Comments »
Your email: