Hewlett-Packard has announced it has agreed to purchase security vendor ArcSight for US$1.5 billion. The deal is expected to close by the end of the year. ArcSight sells a series of products for monitoring suspicious activity on corporate networks. Combined with HP's own IT management software, the products will allow customers to detect threats, understand their impact and take corrective action, said Bill Veghte, executive vice president of software and solutions at HP, during a conference call.
"Smash-and-grab" security attacks have been replaced today by more sophisticated and sustained attempts, and such threats are impossible to detect without gaining a comprehensive view of all IT activities, he said.
The ArcSight deal follows HP's recent move to purchase Fortify, which gave it capabilities for strengthening security before applications are compiled, he said.
In addition, security customers are looking not only for software but complementary hardware and services, and HP can deliver that combination, Veghte said
The acquisition is the second major purchase announced by HP in recent weeks. It is also buying storage vendor 3Par for $2.35 billion, following a heated bidding war with Dell.
ArcSight had been a rumoured acquisition target in recent weeks, with Oracle, IBM and EMC also interested, according to reports.
Executives declined to discuss whether there was a competitive bidding process for ArcSight, or when talks began.
HP is "very confident" in its offer for ArcSight, according to Steve Fieler, vice president of investor relations. But he declined to say whether HP expects competing bids will emerge.
Sidebar: In acquiring ArcSight, HP signals intent to be security leader
HP says its planned $1.5 billion buyout of ArcSight is intended to propel HP into the heart of enterprise security - a move that both surprised and impressed industry watchers.
ArcSight, which recently put itself up for sale, is a vendor in the security and information event management (SIEM) arena, with its Enterprise Threat and Risk Management Platform used by corporate enterprises and government to monitor external-originating threats and general employee activities for compliance as well as logging of events.
"It's a great asset, a market-leading company," says Jon Oltsik, an analyst with Enterprise Strategy Group. He notes ArcSight's main competitors today include RSA with its enVision product, as well as vendors Q1 Labs, LogLogic and LogRhythm. Oltsik admits he was a bit surprised to see HP going out to snag ArcSight since HP has not built up a large security product portfolio and has at times divested products, such as its identity management suite, which it sold to Novell.
"They haven't really jumped in with both feet [previously]," Oltsik says. But he adds that ArcSight's security monitoring does appear to be a good fit with HP OpenView and Opsware.
On a call with Wall St. analysts Monday morning, Bill Veghte, HP executive vice president for software and solutions, emphasized that the planned acquisition signals "HP's intent is to be a leader in enterprise security."
The visibility that ArcSight's products bring into an organisation is a cornerstone for that. "If you can't see it, you can't secure it," Veghte said.
ArcSight has about 1000 enterprise and government customers, and Tom Reilly, president and CEO of ArcSight, says he intends to stay on after the HP acquisition and will likely report directly to Veghte.
In an interview with Network World, Veghte and Reilly indicated that until the HP acquisition of ArcSight is completed, great detail can't be shared publicly about HP's plans. But when Veghte and Reilly were asked about the role that HP might consider for ArcSight in both cloud security and services, they both made it clear there are a lot of ideas moving along those lines.
"At HP, we'll take a new approach. More holistic than in the past," Veghte said. There are already good perimeter tools out there, and HP's intent with ArcSight is to go further into the enterprise with more IT operations tools. In addition, while there will be customers that want to directly own and run software themselves, others will consider having their IT assets secured by a service organisation, he said.
Cloud computing is also being eyed. Reilly said the cloud "is one of those things corporations don't have visibility into today," saying the HP acquisition of ArcSight could lead to a way to provide greater visibility into sensitive data stored in cloud environments. Ellen Messmer
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.