Building The New EMC, One Acquisition At A Time


EMC's acquisition this week of security vendor Network Intelligence, and its June acquisition of RSA, are part of a strategy to bring security into everything EMC produces, but not at bringing the company into the perimeter security business.

That's the word from Dennis Hoffman, vice president of information security at EMC, who in a conversation with CRN discussed how EMC will integrate the two companies into his organization and how EMC will bring their technologies into its other products.

EMC this week acquired Network Intelligence, Westwood, Mass., for $175 million. Network Intelligence offers tools which capture data from the network, security, host, application and storage layers of an enterprise. The tools then transform that data into reports for compliance, security forensics and auditing purposes. The acquisition follows closely on the heels of EMC's $2.1 billion acquisition in June of RSA Security. That acquisition formally closed on Monday.

With the close of the two acquisitions, EMC also unveiled the formation of its new information security division. The division, headquartered in RSA's Bedford, Mass. headquarters, is led by Art Coviello, the former CEO of RSA who now serves an executive vice president of EMC and president of RSA.

Hoffman was tapped by EMC Chairman, President and CEO Joe Tucci in August of 2005 to help put together the company's information security strategy. He said EMC divides the security market into two buckets: perimeter-centric security, which focuses on technologies such as firewalls and anti-virus, and information-centric security, which focuses on ways to protect a business' data.

All the big security players except RSA are in the perimeter-centric security market, a market that EMC has no intention of entering, Hoffman said. "That's not where the primary battle is," he said. "It's important. But we have a lot of partners on that side like Microsoft and Cisco."

Hoffman also notes that many of the CEOs and other executives he's spoken with say they're OK with their perimeter security, so there is little need or opportunity for EMC to focus on the space.

When planning on how to beef up its presence in the information-centric security space, EMC evaluated dozens of security companies before deciding on RSA. RSA was an anomaly in that it was the one large vendor in a pool of small companies and startups in the market.

Interestingly, RSA's size did not factor into EMC's decision to purchase it. Instead, Hoffman said RSA has the best business platform, including a brand name and a yearly conference that will bring name-brand recognition to EMC's move into this space. "This is important," he said. "I spend a lot of time in front of [chief security officers] who say EMC who?"

The other reason behind the RSA acquisition is its technology platform, including its experience in areas such as ID management. "Those technologies have moved from a monolithic platform to a modular security platform that can be applied to EMC storage, VMware and so on," he said.

On the technology side, RSA also has a services-oriented architecture (SOA) that is open to bringing in technology from other vendors which customers use, Hoffman said. "We want to keep this open for our sales needs and for customer needs."

Hoffman contrasted EMC's approach to security, which is to look for one or two companies that best fit its market and technology needs, to that of Symantec. "They buy a lot of companies and knit them together," he said. "That approach just doesn't work. EMC is too big and can never move like a startup again."

While Network Intelligence is a much smaller company than RSA, and smaller than its rival ArcSight, Cupertino, Calif., it still fit EMC's needs for a market leader, Hoffman said.

Network Intelligence plays in three areas of the security industry, he said. The first is log management, a space where the leader is another company, LogLogic, San Jose, Calif., Hoffman said.

Next: More on Network Intelligence's strengths, and how EMC will deal with direct-indirect sales conflicts