This week at the RSA Conference 2012 in San Francisco, HP will explain how it has integrated a number of security acquisitions in recent years and unveil HP EnterpriseView, a set of tools designed to help enterprise executives understand security risks and the business risks associated with them. The company will also be highlighting security technology to protect cloud environments and mobile devices. The HP Enterprise Security Products business unit will incorporate the company's security assets, including such acquisitions as ArcSight, Fortify and Tipping Point.
"EnterpriseView is taking these various feeds from ArcSight, Fortify and Tipping Point, and putting it much more into a business context," says Stuart McIrvine, director of product management for HP Enterprise Security.
All sorts of enterprise security tools include management dashboards that tell the IT security people how their firewalls, intrusion prevention systems (IPSes), malware protection and other security controls are working. EnterpriseView, however, will provide more specific information on how a particular vulnerability or threat can impact supply chain management, the order-to-cash process or e-commerce systems for a website and the risk to the specific IT assets that deliver those services, McIrvine says.
"Are these events attacking a server that's a part of my supply chain, or are they attacking the server that's hosting the cafeteria menu?" he says. "Now, I can start to make risk-based decisions because of all this intelligence about the events that are happening."
This and other new products and services are coming from the Enterprise Security Products business announced by HP in September 2011. The unit integrates the acquisitions of IPS vendor Tipping Point, part of the 3Com acquisition, security information and event management (SIEM) company ArcSight and application security provider Fortify, all in 2010, plus app security vendor SPI Dynamics in 2007. Together these acquired products, plus data encryption and key management capabilities HP already had in-house, are tightly integrated.
In September, IDC's Chris Liebert, senior analyst, security services, said the worldwide security services market compound annual growth rate would be 15% over the 2010 to 2015 forecast period with revenues exceeding $39.5 billion in 2011 and growing to almost $63 billion by 2015. She added that HP is making a strategic bet based on the movement of the enterprise market to outsourced business services.
"This shift can be attributed to enterprise mandates in a few key areas: reducing infrastructure and network overhead, reducing capex and opex, and outsourcing manual processes like network security, storage and business applications for better efficiency and employee productivity. Key to this shift in enterprise outsourcing is security, as security is a market driver and pushes other sales now, not the other way around, and may be a bright spot" in HP's software strategy.
Ed Ferrara, principal research analyst, security and risk, at Forrester Research, said an integrated approach would have strong appeal to enterprise customers. "The ability to have a tier-one player like HP provide such a vision puts other tier-one players on notice."
