February 13, 2004
(Computerworld)
Two separate vendor announcements this week highlighted a growing trend toward the integration of core network technologies with security and policy management features.
One was an expanded partnership announced today between industry heavyweights IBM and Cisco Systems Inc. The companies are collaborating on product integration in a move designed to simplify tasks such as user provisioning, client security management and security policy compliance.
The other was Juniper Networks Inc.'s proposed purchase of NetScreen Technologies Inc. in a stock-for-stock deal valued at around $4 billion. If the deal goes through as expected, Juniper will start bundling NetScreen's network and application security products with its own network gear. That deal was announced on Monday (see story).
The moves highlight vendor efforts to address the growing complexity that companies face in managing the multiple, disparate network and security elements needed to protect their businesses, said Eric Ogren, an analyst at The Yankee Group in Boston.
"The common theme here is that security is moving into the network and is becoming a network service," he said. "IT in the extended enterprise can no longer control the configuration of the endpoints connecting to their networks."
In addition to allowing quick integration of basic security measures into networks, the convergence provides for one-stop shopping, said Bruce Azuma, corporate director of IT at Wilbert Inc., a Broadview, Ill.-based company in the funeral services and industrial plastics businesses. "Vendors need to be thinking of ways to embed security into the network infrastructure," Azuma said.
The partnership between Cisco and IBM is designed to address such integration issues on several fronts. For example, Cisco's Secure Access Control Server has now been tied more closely to IBM's Tivoli Identity Manager software. Network administrators will now be able to use identity information contained in the Tivoli product to also control and provision network access.
Similarly, IBM will embed Cisco's virtual private network (VPN) client and Security Agent software on all of its ThinkPad notebooks in a bid to provide more robust user authentication and remote access control.
IBM will also join Cisco's Network Admission Control program. Under that program, launched last fall, Cisco is collaborating with several security vendors to develop technology to let companies enforce strict access-control policies on all remotely connected systems. IBM plans to provide a technology component that will enable automated remediation of remote systems that aren't compliant with policy.
Meanwhile, Juniper's proposed purchase of NetScreen will allow the company to extend the functionality of its offerings, said Richard Ptak, an analyst at Ptak, Noel & Associates in Amherst, N.H.
NetScreen sells a range of security products, including a deep-inspection application firewall and a VPN product. "This will allow Juniper to create a broad-based family of security functions to protect the network, applications and devices," Ptak said.
Unlike other major network companies, Juniper sells exclusively to the service-provider market. Even so, the company's move is similar to those of several other vendors in the networking space, led by Cisco.
"Over the last three or four years, Cisco has successfully convinced enterprise customers that security has to go down to the packet level," said Bill Lesieur, an analyst at Hampton, N.H.-based Technology Business Research Inc.
"Pretty much all the telecom equipment makers will offer some kind of security product or service," Lesieur said. For instance, Nortel Networks Ltd. has been "designing bulletproof security" into its architecture for almost three years with technology from a previous acquisition, said Atul Bhatnagar, a vice president at the Brampton, Ontario-based company.