IBM quietly shoves ISS wares into Tivoli
Services only, please
IBM Internet Security Systems (ISS) products have quietly been booted from Big Blue's global services business and into the ever-expanding Tivoli brand product line, The Register has learned.
IBM acquired ISS four years ago in a deal valued at an astounding $1.3bn. And though the Georgia-based firm was best known for its security software and appliances, what really attracted IBM to ISS was its managed security service offerings.
True to IBM's skewed intentions, ISS was given an awkward split from the outset. ISS software was integrated with the IBM Tivoli line, while ISS products like Proventia intrusion prevention boxes — which represented the vast majority of the firm's revenues — were vended through a separate business unit in IBM's global services organization. The very same business unit that would sell ISS security services and consulting.
The acquisition did provided ISS with a notable talent pool of security consultants, managed services, and the X-Force security research group for the new IBM Internet Security Systems unit. But many industry watcher were immediately skeptical as to exactly how ISS products fit into the services scheme. And long story short: it didn't. Even though it has taken four years for IBM to recognize the unit was lopsided.
"ISS's managed security services provider (MSSP) offerings are a good fit for IBM, whose own MSSP offering has performed poorly for years," Gartner wrote (PDF) in 2006 just days after the ISS purchase was announced. "The acquisition of ISS's network security product, however, seems less logical."
Fast forward to today, and IBM ISS lags behind Cisco, Juniper, and others in the security appliance market. And it's not a stretch to say IBM probably isn't the first name that pops into your head when you think security systems. According to IDC, IBM ISS accounted for 2.3 per cent of security appliance market revenue in Western Europe as of Q4 2008, behind Nokia (4.2 per cent), Fortinet (4.9 per cent), Juniper (9.9 per cent), and Cisco (with a huge lead at 25.5 per cent).
"The services organization is not provisioned to develop, maintain, and bring to market products," Amrit Williams, CTO of systems and security management software firm BigFix and one of the authors of the Gartner report, told El Reg. "They're provisioned to, basically, provide services."
Williams added: "The reality is that that Tivoli software team has better skill sets in maintaining and bringing products to market than the services group does."
The creaking wheels at IBM have finally moved to correct the split purposes of ISS. In January, the Big Blue quietly made the decision to slip ISS products from global services into its software group under the Tivoli banner.
Products making the change include:
- IBM Virtual Server Security for VMware
- IBM Proventia Management SiteProtector
- IBM Proventia Server Protection
- IBM Proventia Network Intrusion Prevention System
"The question here is whether IBM will be able to replicate the same selling strategy that ISS had — or that IBM wanted to adopt in the early days — which is, 'we'll sell you gear and we'll sell you services.'" Williams said. "I don't know how well IBM is able to do those kinds of cross-functional selling methods."
The decision does make sense in correcting how ISS was provisioned into IBM in the first place. But why it's taken IBM so long to recognize an incongruity that was plain to folks when the acquisition was announced back 2006 is less clear.
IBM essentially took a company that makes a majority of its revenue from product license revenue and made it into a services group. Moving the products to Tivoli illustrates that despite best efforts, IBM was never able to rationalize how it could sell product through a services team.
IBM declined to talk to El Reg about the change, but an announcement sent out to business partners this month indicate the migration will be formally unveiled on March 4.
A letter (PDF) sent to its business partners last Friday indicates that ISS services and consulting will remain in IBM global services as part of the Security Service Product Line.
"These actions strengthen IBM's Security Framework by driving a more integrated security portfolio and roadmap," the company wrote.
IBM's silence in the matter isn't really so surprising. After all, $1.3bn is a lot to pay for meal that you suck down the wrong pipe. ®