Shavlik White Papers

Security "Point" Solutions are Not a 4 Letter Word

In recent years there has been a substantial amount of consolidation in the IT security industry. There were over 20 significant security related acquisitions in 2007 alone. Google acquired both Postini and Green Border, IBM bought Watchfire, HP bought SPI Dynamics, Checkpoint acquired Pointsec, Symantec snapped up Vontu, and there were plenty of others.

Large vendors with a healthy appetite for acquisition would have buyers of security software believe that this consolidation is a good thing; that bigger is better, that built-in is tops, and that individual best-of-breed point products are a nuisance to be avoided, a four letter word if you will. While consolidation can be a good thing, flying the same corporate brand doesn’t always equate to integration or operational efficiency.

Patch management is a good example where an individual point solution is not only desirable, but may be required. While acquisition-hungry vendors have tried to deliver broader functionality by adding patch management function into their suites, there will always be a need for 3rd party patch management tools. There are a number of reasons why. Consolidation of patch management functions is tough to do correctly. Suites offered by the big guys don't provide best-of-breed patch management capability —they lack patch content, patch-specific targeting or patch reporting.

With all of the consolidation and investment in more expensive and larger systems, the end customers are not necessarily seeing any added value. Let’s examine some of the issues.

View this report by entering your information below. It will not be shared with anyone else.