Cisco and RSA Extend DLP Partnership and Product Integration

| Jun 24, 2009 | Enterprise Security | Competitive Update

| Analyst: Andrew Braunberg

Current Perspective: Slightly Positive
Vendor Importance: Moderate
Market Impact: Moderate

Event Summary

June 24, 2009 – Cisco has partnered with RSA, the Security Division of EMC, to introduce data-loss prevention capabilities that are engineered to integrate into the industry-leading Cisco IronPort e-mail security products. Cisco also announced new functionality in its Cisco IronPort Web security gateway designed to block the loss of sensitive data via the Web and FTP, along with a new consultative business security service that helps businesses design a preventive strategy aligning people, business processes and technology.

Analytical Summary

• Current Perspective: Slightly positive on the announcement from Cisco and RSA that the two companies will expand their existing DLP partnership with the integration of RSA DLP technology into Cisco’s IronPort email security appliances. This is an obvious move, but it was obvious last year when the companies first announced that Cisco planned to leverage RSA’s DLP technology. What took so long?

• Vendor Importance: Moderate to their security businesses, because with the possible exception (for both companies) of Microsoft, this is the most strategic security partnership each company maintains. The relationship goes well beyond DLP, of course, but DLP (and a data-centric strategy) are foundational to their approach to the larger market.

• Market Impact: Moderate on the security markets, because these are two of the largest players in enterprise security, but they have not yet fulfilled the initial promise (threat) of the relationship. Cisco and RSA announced that RSA DLP would be integrated with Cisco Security Agent (CSA) more than a year ago. As far as we know, there is still no roadmap for availability of a joint product.

CLIENTS ONLY

Competitive Positives and Concerns

Recommended Vendor Actions

| Client access - More reports in Enterprise Security | More information

Recommended Competitor Actions

• There are pure-play secure messaging vendors, such as Proofpoint, Sendmail and Tumbleweed, that push basic DLP (what some call DLP-lite) functionality as an adequate solution for the majority of their customers. These vendors should position the Cisco/RSA announcements as another technological endorsement of the idea of blending DLP into secure messaging but they should make the case that they are already delivering built-in, as opposed to bolt-on DLP functionality.

• Symantec should, of course, point to its Information Risk Management bundle that it announced in the fall of 2008. The solution includes secure messaging, email archiving and DLP. Symantec should not oversell the built- in versus bolt-on aspects of its solution either, but should continue to make it clear that it understands enterprise pain points and where products need to be integrated.

• With its Secure Computing and Reconnex acquisitions, McAfee has all the pieces its needs to make a similar announcement. The company should emphasize that its Email Gateway does currently support some DLP features such as data discovery and classification techniques combined with policy-based message handling. The company should quickly roadmap integration with its acquired DLP suite, however.

• Pure-play DLP vendors should reach out to Cisco to demonstrate interoperability with Cisco’s IronPort Web appliances. Most DLP vendors support ICAP, and it would seem to be a fairly simple exercise that could generate some business.

CLIENTS ONLY

Competitive Positives and Concerns

Recommended Vendor Actions

| Client access - More reports in Enterprise Security | More information

Top