Slashdot Mirror
IBM to Buy ISS for $1.3 Billion
gerald626 writes "IBM announced today that they have formed an agreement to purchase ISS for 1.3 billion dollars." From the article: " The all-cash transaction of about $28 per share is meant to bolster IBM's ability to deliver security services to corporations, the company said. ISS builds network protection products and services, including intrusion detection and monitoring tools. IBM said it intends to use ISS's expertise and software to provide more robust security-related services to its corporate customers."
...want a space station? To spy on Redmond?
GetOuttaMySpace - The Anti-Social Network
IBM: This ISS, could it carry my wisdom beyond the Internet?
Sybok: It could. Yes.
IBM: Then I shall make use of this... ISS.
Sybok: It will be your chariot!
(Kirk politely raises his hand.)
Kirk: Excuse me.
IBM: It will carry my power to every corner of creation...
Kirk: Excuse me! I'd just like to ask a question!
(McCoy looks at Kirk like he just farted in church.)
Kirk: Excuse me, but What does IBM need with a space station?
Javascript + Nintendo DSi = DSiCade
Geez, everyone's telling the same lame "ISS" = "International Space Station" joke.
It's just a typo! Haven't you figured that out yet? IBM simply bought IIS from Microsoft. I wonder if they'll make IIS run on Linux?
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
There are going to be millions of mod point used on -1 Redundant.
That's only because there isn't a -1 Obvious.
Now, back to my job at NASA.
This tagline is copyrighted material. Please send $10 for an affordable replacement.
It is internet security systems: http://iss.net/ I hope blackice remains as a pc firewall, I think it is one of the best
Free yourself use open source.
Maybe in this case it would be wise to spell out the acronym,
International Business Machines
There, does that help?
when I first started working in infosec (5, 6 years ago) I spent a lot of time downloading and playing with the free trials for various vuln scanners - ISS, Retina, LANGuard and so on. I mentioned this to someone with more security experience who replied "ISS? It's Still Shit, right?"
Everything I needed to know about life, I learnt from Blake's Seven
irregular_hero, you are of course entitled to your opinions. Hopefully I can provide a little more information about some of the points you are confused on.
> Not too long ago, ISS made the fateful decision to knife most of its IDS/IPS product lines in the back by discontinuing support for "General Purpose" servers and third party appliances, effectively forcing all of its enterprise customers to buy an "owned" ISS appliance (the Proventia series).
I'm guessing by "General Purpose" servers you are referring to the Network Sensor and Server Sensor products which could run on hardware you bought. The first Proventia appliance launched was the Proventia A, which was the Network Sensor software pre-installed on a rackmount, sold as a unit. In truth the Proventia A was not very different from the Network Sensor software because it was almost running the same software. The appliance came about because many customers did not wish to buy their own hardware -- they wished to have the appliance. On the other hand, many customers did still wish to buy their own hardware. Thus, Network Sensors, Server Sensors, and Proventia As are in fact all still fully supported. The exception is the slow phase-out of the least popular Nokia and Solaris platforms.
For more information on the Product Life Cycle of the above mentioned products, please see the Product Documentation for the product you're interested in:
Server Sensor -- http://www.iss.net/support/documentation/docs.php? product=15&family=7
Network Sensor -- http://www.iss.net/support/documentation/docs.php? product=12&family=6
Proventia A -- http://www.iss.net/support/documentation/docs.php? product=35&family=12
Or for a full listing of products you can see the documentation for, please see: http://www.iss.net/support/documentation/index.php
There may have been some confusion on this point due to the wild popularity of the Proventia G and Proventia M products which is a completely different product and relies on completely different software. The older Network Sensor, Server Sensor, and Proventia A products are in fact still available, supported, and sold.
> Companies with large deployments of ISS RealSecure on now End of Lifed platforms suddenly found themselves offered a year of update support and another capital outlay to "upgrade" to Proventia appliances. Not many followed the company down that path, but the ones that did get "first cut" appliances found that they, well, sucked. The company then recentered on a more "appliance"-looking hardware platform, but, by then, the damage was done.
I believe you may have to be more specific to help resolve your confusion here. Perhaps you were on one of the least-popular platforms of Nokia or Solaris which has been slowly phased out to improve support for more popular products? Based on your mention of appliances, I can only guess you had a Network Sensor (since there is no such thing as a Server Sensor appliance)? The first appliances that came out were the Proventia As, which ran pretty much the same exact software as the Network Sensor software. So your frustration was perhaps due to the hardware? As I mentioned above, the Network Sensor software on many platforms including Linux is still fully supported.
> Then ISS took a market-leading desktop security product, BlackICE, and folded it into their IDS/IPS management product. The integration damn near killed a lot of existing BlackICE customers, not to mention the fact that succeeding software releases were, in many cases, incompatible with previous
....soon to be "Interstellar Business Machines"!
Hey, glad to see ISS's PR department knows about Slashdot. And, hey! You're right, I was affected by the product line "simplification"! Glad to meet you, now sit down and listen.
Knifing the Nokia relationship left lots of enterprise customers in the dust, not because it was done, but it was done while 1) the product was still being actively pushed by both companies, and 2) without an assessment of what impact it would have on the customer base. Let's face it, the Nokia stuff was axed because ISS wanted to enter the appliance space, without regard to existing deployments. I still remember the arrogant tact of ISS's sales staff when they approached us with the news AND a quote for replacing all of our deployments with Proventia -- it was 20% higher than our TCO on Nokia! That was, and still is, a bad BUSINESS move, and left a lot of customers with a bad taste in their mouths about ISS. That aside...
I find your assertion about the Proventia G and M being "wildly popular" a bit dubious for a product that has only had about a year and a half in the market (and, yes, I'm counting that from the launch of the G400 and G2000 -- as an enterprise customer, they're the only ones we every considered). I talk with a lot of ISS customers. The big ones -- the truly big ones -- consider themselves saddled with their Proventia investment. They see other vendors coming in providing multi-gigabit solutions that operate at wire speeds on all packet sizes... They see IPS functionality being rolled into core switch fabrics, some of them on general purpose blades... They begin to wonder why they're invested in edge IPS when their firewalls are starting to gain the same feature functionality... And they get angry when a Core update munges their SiteProtector AGAIN... Leave the assessment of "wildly popular" to the point in time when these users report themselves as being totally satisfied with the investment they've made, not because our installed base is X^2 instead of X.
I know you've still got a "general purpose" network sensor out there. We used to run a few of those, until we had little nagging issues with XPUs where the proposed solution was "get to Proventia" because "that's where the development is being done now". And although your Network Sensor has an "inline mode," I know for a fact that your sales force actively steers people away from using it as an IPS. Having a product available is not the same as being able to provide undeniably good support for it -- just ask CA about that one.
As for the BlackICE (nee Desktop Protector, nee Proventia Desktop) installation, hey; what can I say? I wish we could all adopt a product at a point along its lifespan where everything is as we want it. But that didn't happen for us -- and for other customers (mostly bleeding-edge adopters). To speak to the "integration" with SiteProtector, I'd say the selling point there is relatively limited compared to what it was proposed to be when sold to us. But what do I know? I'm just a guy that has to redeploy a bunch of crap that will be replaced by GPO-managed Windows firewall rules and next-gen platform health checking that Microsoft will eventually give us for free. For the second time.
Thanks for the response, though.