Today, Google announced that it is acquiring Postini, an on-demand security provider. This very good piece of instant analysis by Internet News suggests that the deal signals that Google wants to move Google Apps aggressively into the enterprise sector. This requires a higher level of security, both to win the confidence of big companies in general and to reassure them that they will meet Sarbanes-Oxley, Health Insurance Portability and Accountability Act (HIPAA) and other regulatory obligations.
This is a good point at which to take a look at the security vendor landscape. The temptation is to separate business consolidation from the fast-paced technology changes. The two are highly interrelated, however.
On the business side, the market has been roiled by the entrance of Microsoft's stand-alone products and the reaction that has elicited from competitors. Separately, there has been a spate of deals of the past several months, including the purchase of SurfControl by Websense, Cisco's acquisition of IronPort and IBM's deal for Watchfire, in addition to today's announcement.
Google's acquisition of Postini was not unexpected. This BtoB Magazine piece from March suggests that e-mail filtering acquisitions will peak from March, when the analysis was published, until next spring. The piece, which takes a closer look at the Cisco acquisition of IronPort, says that the networking company considers e-mail security a "natural extension" of its existing security products and offerings.
E-mail security is not the only security technology sector in which consolidation is trendy. Network access control (NAC) approaches create a framework for controlling whether an end point is allowed onto a network. It also makes sure that the end points security is up to snuff and oversees the level of access that is allowed. This is a complex undertaking, which joins previously discreet technologies. The natural extension of this technical consolidation is the joining of the companies that offer those point products and high-level management layers. A blogger at IT-centro makes a compelling case that complex and diffuse NAC approaches make consolidation more likely. Whether the blogger (and Forrester Researcher Paul Stamp, who is paraphrased in the post) are discussing NAC, the broader world of security, or both is important. The more moving parts a technological platform has, the more important it is to have a fewer number of contributing vendors.
The security industry is in flux. In some cases, the applications are new. In others -- such as unified communications -- linkage between existing technology is the new twist. The preexisting vendor landscape was characterized by small players that covered only a sliver of the overall waterfront. The bottom line is a dynamic in which the big fish will consume smaller fry and offer the management tools to enable them to work in concert.