Cisco’s acquisition of Sourcefire for 2.7 billion dollars announced yesterday has been game changing on two fronts. For Cisco it’s revived their network security story and signalled to the market that Cisco is dead serious about becoming the number 1 security vendor in the industry. With Sourcefire they add an industry leader in Network IPS, a burgeoning NGFW & FireAMP, Sourcefire’s advanced anti malware platform. There is also good synergy between both organisations too with both being network security focused and the success or failure of the acquisition will depend on how well and how quickly Cisco can integrate Sourcefire both organisationally and solutions wise.
The second front is the rationalisation of the security market with Cisco’s announcement following McAfee’s earlier acquisition of Stonesoft to bolster their network security portfolio. Most analysts are predicting the larger infrastructure vendors such as Cisco, HP, IBM and Dell to be active on the acquisition trail. In my view this is a good thing for the industry, there are too many, albeit good point solutions that may work we’ll in isolation but is too complex and costly when viewed from the prism of security technology architecture. Complexity really is the bane of security.
So who are the vendors who will profit most out of this rationalisation? Well the three I’m betting on are Cisco, IBM and McAfee. All are architecture focused, looking at building frameworks or platforms which to some degree are open using published API’s. All have a strong portfolio of solutions covering network, identity and threat management although McAfee would have to be the leader in terms of having an integrated solution set through its Security Connected platform. All three are acquisition hungry and savvy, having built their solutions both organically and through acquisition. IBM and Cisco have a natural advantage having a heavy footprint in organisations via its other solutions but McAfee are leveraging their parent, Intel to narrow this advantage.
By no means am I discounting the Symantec’s, Checkpoint’s and Trend Micro’s of the industry, I just think the aforementioned big three’s focus on platform and architecture will stand them in very good stead over the next 2-5 years in the industry.