The pantheon of major security players includes the likes of Cisco
Systems, Juniper Networks, IBM, Symantec, McAfee and even Microsoft.
Missing among the noted is Hewlett-Packard, which has fielded security
products over the years, but not a concerted effort to stake out a
piece of the security market.
That’s changing, rapidly. Today, HP unveils its first
firewall/intrusion prevention appliance based on ProCurve 8212 and 5400
Series switches. The new hardware introduction is a milestone in the HP
goal of not only establishing a significant security presence, but also
marks a significant step in its evolutionary to disrupt the entire
security and IT infrastructure marketplace.
“We’re a new kind of security player that reduces the gaps and
reduces the complexity of security,” says Chris Whitener, HP’s chief
security strategist. “You’d really have to bolt together IBM, Dell and
EMC to get the breadth of HP. We are the first horizontal security
player.”
The ProCurve firewall launch marks HP’s most significant thrust into
the security market and channels. Whitener and other HP executives say
the company has plans for creating both an in-house set of security
products and capabilities, as well as an ecosystem of OEM partner
products and services that it and reseller partners can deliver to
market.
“This is a massive opportunity,” Whitener says. “We will work with
VARs and channel partners in this space in how these offerings are
built and packaged for the channel, and show how they are different and
will benefit our customers.”
HP has not been devoid of security products or services. Its’
OpenView management system has long been a choice application for
security application developers and integrators for administrating and
reporting on network security activity. It’s also developed and
integrated a number of security applications and features into its PC,
server and printing portfolio. Beginning a year ago, however, it
embarked on a strategy of building out its security and product
offerings into a more holistic portfolio.
One of the first signs of HP’s greater security ambitions came two
weeks ago when it launched three new security software and service
products as part of its Security Applications Center. Probably the most
significant of this initial thrust is WebInspect 8.0, an enhancement of
its code testing tool that’s been augmented with technology gained
through HP’s 2007acquisition of SPI Dynamics. WebInspect is used to
test the security and reliability of Web 2.0 applications.
Additionally, HP launched Assessment Management Platform 8.0, which is
a distributed Web application security testing platform.
At the beginning of the month, HP announced a major alliance with
McAfee to resell the security vendor’s entire portfolio of security
products and services to HP’s enterprise customers. This means HP is
able to bundle everything from McAfee’s enterprise malware protection
applications to its sophisticated risk management platforms into
packages with ProCurve networking gear and Proliant servers. More
significant, its HP’s plans to integrate the McAfee relationship with
consulting and managed services delivered by its EDS services
organization.
“EDS now has the capability for a whole series of discrete security
services ranging from help desk to providing managed security services
to recommending security around our hardware and software,” says Jim
Alsop, vice president of service delivery operations for the security
and privacy service line at EDS. “The opportunity for growth, by adding
a service to the provider side is one of the biggest opportunities for
my organization.”
HP’s push into security comes just a month after its longtime ally
Cisco Systems unveiled its blade server strategy and ambitions for a
greater presence in the data center hardware market. Cisco’s plans
impact all of the server vendors but most particularly HP, which sells
and distributes a significant amount of Cisco product through its
direct and indirect channels. Several analysts and industry observers
had wondered how HP would respond to the new Cisco threat. The security
push might be one of the significant responses, given that Cisco
generates more than $1 billion annually in security hardware and
software sales.
The security market is a crowded, disparate market, which is one of
the reasons HP is expanding its presence. Whitener says HP customers
buy point security products from dozens of vendors, creating complexity
and cost in deployment, and a higher total cost of ownership in
operations and management.
“If you come to us, we can do the security blueprint and you can
still get all the pieces, but you can also call HP and get the whole
shooting match,” Whitner says.
HP’s entry into the security hardware, software and services market
opens the possibility for some significant and interesting scenarios
among its competitors, alliances and channel partners.
While its alliance with McAfee gives HP access to a wide range of
security software and hardware products not currently in its portfolio,
it’s problematic for its existing relationship with Symantec. EDS
reportedly sells as much as $400 million of Symantec’s products and
services annually. Alsop says EDS is cognizant of its need to remain
agnostic and deliver products that customers want, so he doesn’t
anticipate substantial conflicts.
With its entry into the firewall and IPS market, HP is entering a
crowded space dominated by security and technology vendors with years
of experience developing security technologies and massive install
bases. That means it will have to take on Cisco, Juniper Networks,
Check Point Software Technologies, IBM, McAfee (Secure Computing),
Fortinet, SonicWall and WatchGuard. Many of its products and services
could even bring it conflict with Microsoft, which recently put its
security suite ForeFront: Codename Stirling into beta 2.
And the security market isn’t getting any smaller. At the RSA
Conference last week, Netgear unveiled its new ProSecure UTM10 and
UTM25 appliances, a line of unified threat management. And Lenovo was
exhibiting an enterprise-class unified security gateway; the KingGuard
is a 3U appliance that is currently only available in China, but Lenovo
has plans for bringing it to the U.S.
HP has plans for becoming a significant actor on the security stage,
but says it won’t follow the traditional path of conventional security
companies. Over the next several generations of product development, HP
plans to add more security functionality to its security devices and
services, and continually integrate security into the fabric of its
computing, storage and networking devices.
For instance, the next generation of the ProCurve firewalls will
have VPN and IPS built in. The generation after that will have
firewall, IPS and VPN functionality integrated into the silicon,
returning the device as a secure blade switch that eliminates the need
for layered security devices, says Maurico Sanchez, the chief security
architect for HP’s ProCurve division.
With each generation of networking, computing and wireless
advancement, HP will embed security to the product to reduce complexity
and improve manageability, Sanchez says. The first step in that process
is the introduction of the ProCurve 8212 and 5400 Series and
availability of new management modules.
“We’re doing a complete refresh of all the networking management and
security will be a big part of that,” says Sanchez. “IT administrators
will have all the traditional networking management and the security
management under a single pane of glass. No one else in the industry
can do that.”