Defence firm Ultra goes cyber with AEP buy
Slings military might into cyberwarfare
UK-based defence conglomerate Ultra Electronics has acquired security appliance firm AEP Networks in a deal valued at up to $75m. Ultra Electronics agreed to pay $57.5m plus a further $17.5m, depending on sales figures, for the remote appliance firm.
AEP Networks specialises in SSL VPN appliances that allow workers to securely connect into corporate applications and databases without the need to install client software on every PC, thus saving money. The technology works in conjunction with remote access hardware encryption products. More recently AEP also began marketing a subscriber-based thin client virtualisation service called Cloud Protect.
Most of AEP's 80 employees are based in Ascot, Berkshire and Hemel Hempstead, Hertfordshire. AEP also has a sales and engineering operation in New Jersey in the US. It claims 5,000 blue chip and government customers in over 60 countries.
Ultra Electronics's main line of business is defence and aerospace, although it has a finger in many pies, including energy and transport. AEP will join Ultra's Tactical & Sonar Systems division.
The end game for most security firms is to be bought by the likes of Symantec, Cisco or Juniper. Less frequently start-ups grow to the point where an IPO is possible.
The AEP deal shows that a greater range of businesses – including those in the defence sector – are looking to expand their cyber-security capabilities, primarily because it might allow them to gain a slice of lucrative government net security contracts. ®
Combine this "business plan" with the guys that are making the open source hardware for audio visuals, then you have a very desirable small box to do vpn with no configuration and low costs.
In fact most of the circuitry must already be present in power socket plugs with networking. Probably could be usb powered for laptops.
InITForTheMoney - pretty much on the money
Your description is exactly right.
The spanner(s) in the works were Barron McCann announcing that they weren't planning to re-certify (CAPS) the X-Kryptors that most forces already had when the certification period was up and the subsequent outsourcing of the xCJX to C&W, guided towards AEP by the guys from CESG. This was pitched to Force Security Officers by the NPIA and CESG as a sensible choice because a number of organisations already using AEP kit were also being connected to xCJX.
Oh, and all 43 forces finally having to have their RESTRICTED capabilities accredited to enable them to fulfil their PND connection obligations!
The result: carnage!
Wasn't CESG who mandated this...
NPIA had the option of those or Barron McCann X-Kryptor's and chose the AEP's because they have superior key management and the ability to update keys over the wire without having to visit the encryptor or send out the updated key mat to the local force IT team. They actually pay for C&W to manage the encryptors on their behalf.
Forces had the option of either having CONF enclaves (a CONF network in a room) and having all xCJX workstations linked to a single AEP ED20 unit via a local switch, or they could have individual CONF machines dotted around their force networks, in which case they needed an AEP Net Remote encryptor for each individual workstation (Net Remote is a personal VPN encryption device designed for remote workers) to allow them to tunnel back to xCJX over the force network. It was the force decision which they chose, some forces decided that they would do all xCJX access from a bureau service, others that they would have scattered workstations, it depends on the geography of the force.
Police Force IT security is notoriously lax, a lot of the forces I am aware of don't even comply with the CESG guidelines for the RESTRICTED data they hold on their networks, mainly because they have little experience or budget to afford the security devices that are required.