Don Proctor, senior VP of the San Jose-based networking vendor’s collaboration software group, described the Securent product as a scalable, distributed infrastructure for companies to decide who can access what data repositories and in what circumstances.
He said its main competition comes from the policy management capabilities of individual business apps like ERP or CRM systems, or indeed the back-end databases, but of course these are vendor-specific, whereas Securent’s offering has the benefit of heterogeneity.
He claimed that no other ISV has attempted to create such a central management capability for access policy across a corporate network, a technology the acquired company refers to as entitlement management.
Securent, which was founded in 2005, does this by using the Extensible Access Control Markup Language (XACML) open standard for expressing security policies and access rights. XACML was ratified by the Organizaton for the Advancement of Structured Information Standards (OASIS) in February 2003 and is supported natively by a growing number of enterprise apps.
In the case of those software packages, the Securent Entitlement Management Solution (EMS) can talk to the app directly, while for apps that don’t support XACML such as Microsoft SharePoint, it uses a connector for protocol translation. It maintains relationships with the three main players in database software, i.e. Oracle, IBM and Microsoft.
Our View
The Securent acquisition, which is Cisco’s 125th (the acquisitive vendor actually mentions this in its press releases nowadays), strengthens its Service-Oriented Network Architecture (SONA) strategy of injecting a standards-based layer of intelligence into a network for services such as presence, identity and, now policy.
It remains to be seen, however, whether Securent is truly the only company to have developed a heterogeneous, app-neutral policy management offering. One could imagine companies such as HP, with its OpenView suite, or indeed EMC’s Re5source Management Software Group, might want to step up to the plate to challenge Cisco in this arena, and if they can’t do it with endogenous development, they may look for other start-ups with competing technology to Securent’s.
