It seems a short time since EMC undertook one of its most significant acquisitions in June 2006, of RSA. With far less fanfare, it acquired a company called Network Intelligence a few months later, and with it Envision, an appliance-based offering designed to facilitate both the collection and analysis of event data from disparate devices in the enterprise infrastructure. This focus positions Envision within the market area known as security event management (SEM), which has achieved steady growth over the past few years, but without taking off at the rate that had been expected.
Envision uses the logs of infrastructure devices as the source of its data, integrating this into a common database while storing it without compromising the integrity of its source format. The added value from Envision arises from its taxonomy of the log information from the various technology types, which delivers insight into the unstructured log information.
RSA focuses this voluminous technical data on real business needs, as an aid for compliance, support of forensics, and the formulation of threat responses. To support the first two of these, Envision stands as an auditable source that maintains the integrity of the source data while adding a metadata layer to support analysis. The third use envisaged is to support correlation in near real-time, using conducting analysis of operations against known threat characteristics that RSA keeps up-to-date, and diagnosing any necessary response that needs to be initiated.
RSA’s overall strategy is seen as addressing customers’ specific areas of risk via policy control (with enforcement of that policy via the company’s identity & access management, or I&AM, solutions), and compliance via Envision. Over the next few years, this model will be enhanced by automated insight from Envision, closing the information loop by keeping policy up-to-date, and also triggering enforcement to take action to remedy any breaches of access policy that are found in the logs. However, RSA admits to being some way short of this vision as, currently, policy is not controlled using one discrete product; unfortunately, that function is embedded in several products.
RSA has substantially extended the value of Envision, and it also plays well into the areas of EMC’s market strengths. One year and more on from the acquisitions of RSA and Network Intelligence, the larger unit is contributing strong double-digit revenue growth while Envision is selling at a pace that is generating a rate of growth several times greater.
Clearly EMC has gaps left to fill to make this vision into a set of products that will work together, so it would not be surprising to see the company make further acquisitions in related areas. For now though, RSA was clear about whether it intends to make further acquisitions to round out its I&AM capabilities, which currently lack any capability for account provisioning – it sees this as an area in which customers’ implementation attempts have been lengthy, and in which expected benefits generally fail to be delivered, and hence RSA states a preference not to acquire a provisioning offering.
Source: OpinionWire by Butler Group (www.butlergroup.com)
