Over the past year or more, security management has been converging with systems and application management as part of a concerted effort to create a real end-to-end approach to security.
This convergence has driven a number of acquisitions that has typically resulted in a company with a fairly substantial systems management portfolio moving to acquire a company that specializes in security information event management (SIEM). The latest such deal is the $1.5 billion acquisition of ArcSight by Hewlett-Packard.
The acquisition of ArcSight comes on the heels of HP's move to acquire Fortify Software. According to Jonathan Martin, vice president and general manager for information management and commercial solutions in HP's Software and Solutions Group, ArcSight and Fortify, coupled with the TippingPoint security products that HP added to its portfolio when it acquired 3Com, are all elements of a new approach to security.
That approach, says Martin, is to first embed security into every application during the development process as much as possible, expand visibility into security issues to identify threats quickly and remediate security issues a lot faster.
Martin says customers are increasingly fed up with point products that tend to be solely focused on securing the network perimeter. With the rise of mobile and cloud computing, adds Martin, customers are also starting to realize there is no enterprise perimeter anymore. In fact, with the increased use of composite applications in the enterprise that span multiple data centers, Martin says security threats has moved past the "smash and grab" era to one where security threats are sustained over extended periods on what are now essentially always-open networks.
And as those attacks are growing more sophisticated and taking place in real time. That means, says Martin, IT organizations need to instantly identify where attacks are taking place inside their IT infrastructure, which in turn is bringing security and systems management closer together.
Rick Caccia, vice president of products and channel marketing for ArcSight, says the convergence we're seeing in IT and systems management does not mean that the role of the security administrator is going away. But it does mean that the level of cooperation required between the security and IT management teams is definitely increasing. And that means that IT organizations need security management tools that can pull from any source, from intelligent sensors all the way up to high-performance computing applications.