Analysts Second-Guessing IBM/ISS Deal
The deal looks good on paper, but where is ISS going to fit in Big Blue's big picture?
On the face of it, IBM's $1.3 billion acquisition of ISS makes perfect sense.
But deeper looks at ISS's product lines and IBM's customer base have some analysts questioning how well the entire company will fit into Big Blue's own lines of business.
IBM has long considered itself a major player in the security arena, and already boasts application security, identity management and network security solutions among its services, server and software tool lines of business.
In addition to delivering IBM a strong brand in the security space, ISS brings to the table a managed security services business that fits into Big Blue's stated goal of developing an on-demand offering for all of its enterprise solutions.
IBM has already announced that ISS will be merged into Big Blue's global services division, rather than its software division.
That's one indication that IBM is serious about using this acquisition to bolster its on-demand strategy.
Val Rahmani, general manager of the infrastructure management services unit within IBM's global services division, also made that clear during a conference call to announce the deal.
One benefit of the acquisition, she said, is that it will enable IBM to offer "security as a service."
The benefit of security as a service is that it allows enterprises to respond more rapidly -- and in some cases preemptively -- to security threats than if they had an on-premise solution with capabilities that eventually become anachronistic.
Paul Stamp, a security industry analyst with Forrester Research, agreed that ISS's ability to deliver intrusion detection solutions on demand is a competitive advantage.
"ISS is coming up with ways to keep up with the hackers and then pushing that new information out to the customer," he said.
That capability also works well with IBM's global strategy.
"This potentially could go towards software as a service and open the doors for IBM on Demand," Stamp told internetnews.com.
John Pescatore, an analyst with Gartner who follows the security industry, noted that IBM has struggled to gain traction in managed security services, and suggested that IBM may migrate its own customers for those services to ISS's solutions once the transaction closes and the new teams settle in.
"That's the part of it that makes sense," he told internetnews.com.
The part of the deal that doesn't make sense, said Pescatore, is ISS's network security business, which accounts for half of the company's revenues.
As Rahmani pointed out, ISS has more than 11,000 customers worldwide, including 17 of the world's largest banks, 15 of the largest governments and 13 of the world's top IT organizations.
Those customers are not just customers of managed services, but also of products like Proventia, ISS's flagship network security solution.
"ISS has a big installed base that bought those products," noted Pescatore.
Not only has IBM been largely absent from that market, it has provided services for network security providers like Cisco, Juniper and Checkpoint.
"Those companies were channel partners of IBM," said Pescatore. "What does this do to those relationships?"
Moreover, Pescatore said he finds it hard to believe that IBM will be able to retain all those customers when it comes time for enterprises to upgrade their systems.
"IBM is not the name you would think to put on the RFP [request for proposal]," he said.
Merrill Lynch analyst Kash Rangan expressed some of these same doubts in a note published before the acquisition had been announced.
Rangan speculated that ISS could be an acquisition target because of its managed services offerings, but that its other products could be a deterrent.
"Product overlap and size could be a barrier for other security vendors," he wrote.
That said, IBM may be the beneficiary of fundamental shifts in the marketplace.
Until recently, network management and security solutions have been purchased separately, according to Yankee Group analyst Sandra Palumbo.
Now, however, enterprises want to see more integration between the two sets of solutions.
That represents a huge opportunity for IBM.
"It's a big competitive opportunity if they can get it to work together," she told internetnews.com.