Cisco's Got an Okena
The network equipment giant announced today that it will pay about $154 million in stock for the company, and that it will probably complete the acquisition in the third quarter this year. Cisco said that the board of directors at both companies has approved the acquisition.
While securing desktop computers and servers may be a far cry from Cisco’s core business of selling network infrastructure, the Okena acquisition makes sense in light of Cisco’s overall goal of embedding a wide range of security technologies throughout the network.
With its host-based intrusion detection, firewall, malicious code protection, and operating-system lockdown, Okena’s software will complement Cisco’s long line of hardware and software products that perform the same security tasks at the network level, says Joel McFarland, the manager for security platforms at Cisco’s VPN and security business unit. “This is part of a broader initiative to mitigate threats,” he says.
Cisco’s Okena acquisition is not only a sign that the company is serious about spreading security to every nook and cranny of the network, but also that it is putting more resources into intrusion detection systems (IDS) and intrusion protection. While Cisco already has several IDS products in its portfolio, and actually just bought another IDS software company last month, none of the products secure the end-points of the network (see Cisco Buys Psionic).
“It’s all about IDS. Now they can extend their network visibility right out to the edge,” says Joel Conover of Current Analysis. “They’ve got to go there to make sure that their security solution is competitive.”
Enterasys Networks Inc. (NYSE: ETS) and Internet Security Systems are the two other major IDS vendors that offer both network-based and host-based solutions.
While industry analysts say IDS has become a checklist item for any company serious about security, the technology is also riddled with problems. The largest problem facing companies using IDS technologies in their network is data overload, since IDS products often mistake legitimate traffic for questionable traffic, leading to a huge number of false alarms. With no way of checking every alarm, systems administrators often decide to shut off the IDS system altogether.
“We have solved the accuracy problem,” Cisco's McFarland insists. He says that the company’s acquisition of Psionic last month automated the investigation of alarms, dramatically reducing the number of false positives.
Some observers say that Cisco’s recent investments in IDS show that the company is playing catch-up with some of the other vendors out there. “This is an admittance from them that they didn’t have a very strong IDS story to begin with,” says Zeus Karravala, an analyst with the Yankee Group. However, he says, Cisco’s strategy of offering both network- and host-based products is a good one. “It’s good to give customers options,” he says.
One company that probably was not happy to hear of the planned acquisition today is Entercept. Cisco has been licensing its host-based security services to Entercept for several years now, and industry observers say they expect a lot of that company’s business to disappear once Cisco starts producing its own host-based technology. “I expect their relationship with Entercept will diminish,” Conover says.
Cisco says that all of Okena’s current 52 employees will join its VPN and security business unit once the acquisition is completed.
Cisco, which said that it will take a one-time charge of no more than 1 cent per share in connection with the acquisition, saw its stock price drop 5 percent in afternoon trading, falling to $13.86 a share. But that came on a day with a 3 percent decline in the Nasdaq Composite.
— Eugénie Larson, Reporter, Light Reading