What EMC wants, EMC gets — or so it appears. Just as it was completing its acquisition of RSA Security earlier this week, it also announced the acquisition of Massachusetts-based Network Intelligence. It seems that EMC takes on a different identity each month.
Just a few years back, it was a relatively simple creature — and the dominant disk array vendor. Then it moved into NAS, then storage software and services. Soon thereafter, EMC rolled out the hype machine around the information lifecycle management (ILM) moniker. More recently, we’ve been introduced to EMC the security specialist and now it may be edging into the network. So what’s next? Online gaming applications?
Mike Karp, an analyst with Enterprise Management Associates, points out that these seemingly random buys are heading in a very definite direction.
“It has everything to do with EMC’s strategic thrust to become a vendor serving all of IT, rather than ‘just’ a storage vendor,” Karp says. “HP and IBM are there already, while Cisco and HDS are heading in that direction.”
IBM, for example, has announced security enhancements that tie together operating systems, mainframe processors, software and storage systems, including tape, as part of a cross-domain, total ecosystem approach. Sun, on the other hand, handles security from a server and host software perspective, while companies like Cisco prefer a network model, where they sit between users and servers, and servers and storage.
“EMC is moving up from being a storage hardware and storage management software vendor into a broader data and information management role that has to include a strong security element,” says Greg Schulz, senior analyst and founder of StorageIO. “To remain competitive, vendors need to expand their offerings. Thus, traditional storage vendors must add value beyond storage systems without losing sight of their bread and butter business.”
By spending tens of billions on mergers over the last decade, EMC has steadily expanded its dominance in the storage sector.
“EMC has spent probably the equivalent of the GNP of some small nations on acquisitions over the past 10 to 15 years” says Schulz. “It has done relatively well if you look at growth.”
According to Gartner, EMC holds the number one spot in the worldwide external controller-based disk storage market with a 23.8 percent revenue share. That represents almost a billion dollars in one quarter, and a growth rate of 4.3 percent — and that number excludes OEM revenue from Dell and Fujitsu Siemens.
The gross figures don’t tell the story of a willingness to adapt to a changing technology landscape. When NetApp appeared out of nowhere to create the NAS category, for example, EMC shifted gears so that today, along with NetApp, it has cornered that segment. Now it is charging headlong after the ILM dream. That broad concept is taking it into pastures new.
“The battlefront in security has shifted from securing the network perimeter to protecting and securing the information itself — wherever that information lives and wherever it moves,” says Joe Tucci, EMC’s chairman, president and CEO. “The additions of RSA and Network Intelligence to the EMC family enable us to execute on our information-centric security strategy to help organizations around the world secure their information throughout its lifecycle and reduce the associated cost of regulatory compliance.”
As a result of its reputation for encryption and protecting online identities, Tucci says, the RSA Security brand will remain. The new information security division within EMC will house RSA products in the fields of enterprise identity and access management products, consumer identity and fraud protection, encryption and key management, as well as other ILM security items.
Network Intelligence will fall under the RSA umbrella. Network Intelligence focuses on the security information and event management market, with tools to collect, monitor, analyze and report on security event-related activity anywhere on the network. Such products take the millions of security alarms and messages generated within the enterprise and consolidate and prioritize them according to preset policies. Thus, storage managers can view summarized information about potential threats on one screen before drilling down as necessary.
Look for these tools to be leveraged on the compliance side too, making it easier to show compliance with the growing number of information security rules.
Making It Work
While this may look good on paper, translating it into real-world gains is another challenge. As a result, some analysts express doubts about the long-term viability of such mergers.
“EMC’s RSA has achieved a good standard in security, but its technology is not necessarily state-of-the-art,” says Donna Taylor, an analyst at Gartner Dataquest. “The question is whether it will be robust enough, especially as it pertains to open systems.”
She admits, though, that the company’s vision for the future makes buys like RSA and Network Intelligence attractive. If EMC is able to successfully harness these areas in conjunction with its own core competencies, it can further strengthen its position in the market.
“A key determinant of M&A success is, of course, the integration piece,” says Taylor. “Very few companies succeed in this area even if the target and the deal itself is well-planned and executed.”
Schultz concurs. But he believes EMC’s track record is better than many in this regard. Centera, CLARiiON and VMware are three examples where the company has added value via an acquisition. Not every acquisition has been a resounding success, however.
“I think the jury is still out on EMC’s union with the likes of Legato, Dantz and Documentum,” Schultz says.
Will End Users Benefit?
How will the EMC/RSA merger affect customers? Karp, for one, doesn’t see any immediate effect.
“Customers of both companies will go on being serviced by the same sales and service orgs they are used to seeing,” says Karp. “Any changes will be well downstream, and may not be significant.”
Schultz sees some clear pluses on the customer front. Having a single vendor to go to for data storage and security management needs could mean, for example, better security option capabilities for traditional EMC solutions.
“If EMC can operate RSA in a somewhat autonomous manner similar to what they have done with VMware, that should help bring some near-term peace of mind to RSA customers,” says Schultz. “This approach will also enable EMC to leverage the technology into its own solutions.”
On the other hand, he says, existing RSA customers could see changes in the way they acquire products and rising concern over pricing changes.
Gartner’s Taylor agrees. She believes that continued consolidation in the industry will reduce end-user choice and slow ongoing price declines in the process.
And what about the fact that more security is being built into EMC’s products — better identity/access management, encryption and key management via RSA, as well as event management courtesy of Network Intelligence? Will this mean free security added to existing storage gear? Not likely.
“Keep in mind that nothing is for free,” says Schultz. “I expect that some basic capabilities will be incorporated into existing solutions as part of feature enhancements to add and maintain value. But some extra value features beyond standard items will have some add-in costs.”
Karp takes this theme further.
“All but the most basic security products are likely to be for-charge products,” he says. “As the company integrates the marketing of the new security features, and as these features start to share a common infrastructure, look for them to be bundled in enterprise IT offerings.”
For more storage features, visit Enterprise Storage Forum Special Reports