HP buys security tools firm ArcSight for $1.5bn
More security biz consolidation
HP has agreed to buy security event management firm ArcSight for $1.5bn.
The deal, rumoured over the weekend and announced on Monday, is the IT giant's second significant acquisition in two weeks, following the purchase of storage outfit 3PAR. It also follows last month's deal to buy application security tools firm Fortify Software.
ArcSight, which received funding form the CIA's venture capital arm in the early days of the firm, markets technology that helps corporates to make sense of logs from firewall and intrusion prevention appliances. Its security information and event management (SIEM) products also help companies to meet corporate compliance regulations.
HP said the acquisition of ArcSight "will provide customers the ability to proactively monitor real-time events, assess risks and respond quickly to threats".
ArcSight, which was founded in 2000 and floated two years ago, made $3m on revenue of $48.1m for the quarter ending 31 July. HP is offering $43.50 per share for ArcSight's stock, a premium of 25 per cent on its closing price on Friday.
The HP/Arcsight tie-up follows less than a month after Intel's $7.7bn much puzzled over acquisition of McAfee, Symantec’s recent acquisition of PGP, and IBM’s purchase of BigFix. IT giants are buying security firms like money was going out of fashion in one of the most intense periods of consolidation in the sector to date. ®
Not quite 17 GB
One typical example of an HP printer driver is "375.39MB" (I'm cut-and-paste quoting).
And of course it needs to be updated (re-downloaded in it's entirety) every few months/weeks/days.
What happend to ...
...the catchy catch-phrase HP used to have - "Invent". They seemed to have dropped that for "Acquire".
This makes sense for HP, so who will buy netForensics?
HP is huge in government following it's acquisition of EDS, ArcSight are pretty much the go-to shop for Audit and Security Event Management in Government, there are very few products on the market which even come close to touching it. It makes sense for HP to buy products it can easily sell through it's services arm, as products like this tend to involve a lot of services to set them up and get them to work with the vast array of devices that are involved in government networks.
The second best product in this market is netForensics, if I were a betting man I'd put money on Oracle snapping them up shortly.
Why Oracle? IBM has Tivoli suite, which has an auditing component and an event management component, IBM could build SIEM functionality fairly easily from it's existing products (if it hasn't already, I'm a bit out of touch with Tivoli) and it wouldn't need any additional talent to accomplish this. Cisco has MARS, it's not fantastic, but it's a mature product. Dell doesn't have enough software assets or interest in this market to be shopping. CA has Log management products but doesn't appear to have the vision.
So Oracle are the most likely buyer that I can see for nFX as they aren't likely to be bidding against much competition and they don't have a product in their arsenal that fits this space. I would expect nFX to go fairly cheap and Oracle to put in quite a big investment to make it a good contender to ArcSight, the key problem both products have at the moment is scalability, but ArcSight is currently a bit ahead in that area. As both products run atop of an instance of Oracle DB, you'd think it would be something that Oracle could easily sort out with nFX... no?