A few weeks ago, Blue Coat Systems acquired Solera Networks. No one was surprised about the acquisition of Solera as it plays in the white hot big data security analytics market. That said, many people remain perplexed by the acquiring company. Several dozen reporters, vendors, and end-users have already posed a common question to me: Why Blue Coat?
For those of us that have been around the industry for a while, the bewilderment is certainly understandable. Blue Coat is often associated with its Internet era roots such as CacheFlow, selling proxy servers, and Internet access solutions circa 1998. Yes, this is historically accurate but it’s the equivalent of thinking of IBM as the company that introduced the System 360 back in 1964.
A lot has changed at Blue Coat since everyone was gaga over Netscape. Aside from WAN optimization which evolved out of CacheFlow, Blue Coat is a leader in web threat management, offering physical and virtual web security gateways and a cloud-based intelligence service, WebPulse. The key is the cloud-based brain power which benefits from the “network effect” of millions of nodes sharing new threat intelligence. When an unknown threat is detected, it triggers the creation of a new rule in near real-time to block the threat everywhere else on the Blue Coat network.
Blue Coat supplemented its threat prevention story with its acquisition of Crossbeam last winter. Crossbeam and partners like Check Point, Imperva, McAfee, and Sourcefire enhance the Blue Cot story with perimeter protection.
That brings us to Solera. With strong assets for threat prevention, Blue Coat grabbed Solera to:
- Add incident detection/response. In spite of all the threat prevention in the world, the bad guys keep hacking into large organizations. This is where Solera fits in with real-time big data analytics. Solera excels at incident detection and problem isolation so organizations can isolate problems and remediate them quickly—before they lead to costly/embarrassing data breaches. Blue Coat can now talk threat prevention, detection, and response.
- Solera can become another sentinel for Blue Coat cloud-based intelligence. When Solera does discover malware, a compromised URL, or C&C traffic, it can communicate these findings to Blue Coat cloud intelligence which can then spread the word across its threat management network.
- Blue Coat plus Solera = Security Architecture. The combination of Blue Coat and Solera gets the company out of the security products business and into the security architecture business. Add in Crossbeam and its software pals and you have a pretty attractive enterprise portfolio.
Blue Coat’s strategy is spot on as the future of enterprise security will be built with integrated technologies, cloud-based intelligence feeds, and central management. Obviously, Blue Coat’s next challenge is product integration to make the security architecture vision a reality while adding functionality along the way. Blue Coat also needs to establish and manage a partner ecosystem for developers and software partners. Finally, Blue Coat must teach its sales force and channel partners how to sell enterprise solutions rather than network/security products.
Even if Blue Coat executes flawlessly, it will be all for naught if the industry continues to respond to the company by stating, “I know you guys; you used to be CacheFlow.” IBM changed its stripes long ago. If Blue Coat can do the same while it implements its strategy, it could become a far more visible enterprise security player.