In-Depth

Analysis: Behind Big Blue’s $1.6 Billion Acquisition of ISS

What does ISS give IBM—and is it worth the $1.6 billion Big Blue paid for it? That depends, analysts say.

• By Stephen Swoyer
• 09/12/2006

It was easy to lose IBM Corp.’s acquisition last month of Internet Security Systems (ISS) Inc. in the midst of all of Big Blue’s other August purchases.

Sure, IBM ponied up $1.3 billion for ISS, but Big Blue paid more than that ($1.6 billion, to be precise) when it nabbed the former FileNet Corp. just two weeks prior. What’s more, ISS was IBM’s fourth software-related acquisition in a fortnight: before FileNet, IBM spent $740 million for MRO Software (a developer of asset management software) and purchased privately-held Webify Solutions (a provider of application-deployment software).

What does ISS give IBM? For starters, analysts say, the Internet security specialist has a better-managed security services provider (MSSP) offering than Big Blue. That in itself might be worth its $1.6 billion price tag—provided IBM can first solve a few (more or less requisite) integration problems.

“ISS's … MSSP offerings are a good fit for IBM, whose own MSSP offering has performed poorly for years. IBM plans to migrate its MSSP clients to an integrated ISS-based offering, which should deliver service quality improvements and economies of scale,” write Greg Young, John Pescatore, and five additional Gartner Inc. researchers.

The rub, the Gartner septet points out, is that ISS has a large, multi-client, multi-platform MSSP practice. In other words, it’s a practice that isn’t geared specifically toward IBM products. Big Blue naturally wants to integrate ISS’ offerings with its own, but—the Gartner analysts stress—must tread carefully in doing so. In other words, they write, ISS’ MSSP practice must stay more or less multi-client and multi-platform-friendly.

“IBM must, however, work hard to ensure that it maintains product independence in its MSSP offering,” they note. Not that there aren’t also potential areas of synergy or highly complementary integration, of course. “ISS's X-Force research group will also bring IBM credibility as a vulnerability and threat expert, and IBM should be able to leverage the capabilities of ISS's Proventia host-based intrusion prevention product and the Tivoli host agent footprint to deliver a converged security and operations client,” the Gartner team writes.

If IBM would have stopped with ISS’ MSSP, Gartner states, the acquisition would have made more or less complete sense, its $1.6 billion price tag notwithstanding. But the acquisition of ISS's network security product, too, is less easily justifiable. “This acquisition will put IBM in the position of competing directly with network infrastructure vendors, such as 3Com, Cisco Systems and Juniper Networks, in this market,” the analysts note.

This isn’t without its attendant advantages, of course. “ISS's products can help IBM create dedicated network devices that integrate diverse elements of the service-oriented architecture framework and software stack … [which has been] a key focus since … [IBM acquired XML appliance vendor] DataPower,” they argue. But that might be putting the cart before the horse, at least in view of ISS’ existing go-to-market strategy. “[T]his goal runs counter to success in selling high-speed inline network security products to the network security buying center, which represents the majority of ISS's installed base and brand value.”

Elsewhere, ISS adds another layer of complexity to IBM’s already confusing security console portfolio, which includes not just ISS and Tivoli, but also assets Big Blue acquired from Micromuse/GuardedNet.