Cisco Systems is moving quickly to integrate technology it’s gaining from buying e-mail security firm IronPort Systems.
Company officials commented in interviews here about the US$850 million IronPort acquisition, which closed today.
They said e-mail and Web site reputation data streams from IronPort appliances will be fed to Cisco firewalls by the end of this year.
In 2008, they will be extended to the company’s routers, switches and other devices.
The service checks the source of e-mail and Web sites embedded in e-mail against a database of suspicious sites IronPort calls SendBase.
In addition, early next year IronPort’s Layer 4 traffic monitor technology, which watches for spyware signatures, will also be added first to Cisco firewalls in the first quarter of next year and then to other products.
The capabilities should be capable of being pushed as a software upgrade to users of existing Cisco products, said Richard Palmer, senior vice-president and general manager of the company’s security technology group, under which IronPort will operate as a separate business unit.
Cisco’s managed network security offerings currently include spyware and malware data inspection.
The IronPort buy will enable Cisco to expand this to what it dubs wide traffic inspection – correlating information from several network devices.
In the interview Palmer and IronPort CEO Scott Weiss, who becomes the division’s general manager, had few details about product roadmaps beyond initially broadening the feeds from IronPort devices to Cisco devices.
However, Palmer did say “the vision is to continue [adding] additional inspection technologies and capabilities” in both companies’ products. One to be added next year will be instant messaging screening, but not though an acquisition. Instead, said Palmer, it would probably be accomplished by striking a partnership deal.
Both Cisco and IronPort have management platforms for that, Palmer said.
While IronPort has been partnering longer than Cisco, Palmer said Cisco has been consciously building its platform to accommodate third party applications and services.
“So to do some of this new stuff [inspecting new threats] it doesn’t have to be an acquisition.”
Weiss said the IronPort channel will remain intact.
Plans for Cisco channel partners to be trained and certified to sell IronPort products are still being worked on.
Palmer and Weiss said the IronPort buy gives Cisco a leg up on the competition in the networking and the security space.
It allows Cisco to provide a more end-to-end offering than networking competitors such as Avaya and Nortel, or security specialists such as Symantec and McAfee, they said.
Increasingly, security devices have to be integrated into the network infrastructure so they can talk to each other for the best security, the duo submitted, downplaying point security vendors.
In Palmer’s words, Cisco’s strategy “is a harbinger of things to come in the security market.”
That view found some resonance among industry analysts.
In January, when the IronPort deal was announced, Gartner analyst Peter Firstbrook wrote that consolidation in the enterprise e-mail security market is now almost complete.
IBM and possibly Juniper Networks are the only companies, in his view, that could pose a challenge. “Point (security) solutions are typically good for the first couple years of their evolution,” Zeus Kerravala of the Yankee Group, said in an interview.
“But they’re at a point now where they need to be integrated into the infrastructure, whether it’s the network or the server farm.”
On the other hand, Cisco’s IronPort play hasn’t provoked consolidation moves by other companies yet, he said. Most IT managers have welcomed the deal, he said.
“There are some very hard core security people who believe your security infrastructure and all other infrastructure need to remain separate. But for the most part the feedback’s been pretty good.”