This week, IBM purchased Consul Risk Management Inc., a privately owned Dutch developer of compliance and security audit software.
Consul's technology allows companies to track, report and investigate noncompliant behavior, such as unauthorized activity by information technology administrators and other users.
Consul is "focused on security auditing and compliance management," said Joe Anthony, program director for identity management for Tivoli. "It allows a user to go in and see what other users are doing and if it's compliant with business processes. At a bank you might have one teller who looks at 800 customer records per day, while others work with 200 records. It's possible that that teller is more productive than his peers, but it's something that you should flag and look at."
Anthony said Consul was attractive to IBM because its products are built to run on both distributed systems and mainframe systems, which means Big Blue can sell Consul product across all its platform offerings.
IBM and Consul will probably close the deal in the first quarter of 2007, subject to regulatory approval. Terms of the transaction were not disclosed.
Charles King, principal analyst at Hayward, Calif.-based Pund-IT Inc., said IBM's deal with Consul is both tactical and strategic.
"On the tactical side, Consul gives IBM some tools for compliance management that the company did not have, and that fits very, very well with IBM's existing solutions, particularly the zSeries mainframe platform," King said.
Strategically speaking, King said this is a continuation of IBM's software "buying spree." It's a strategy many industry leaders, such as EMC and Hewlett-Packard Co., have been adopting, he said. By building up the software business, IBM is also setting up its business services division, he said. Once customers adopt its platforms and software, they are more primed to hire consulting services as well.
King said Consul is a good fit for IBM. Consul "doesn't have the end-to-end security management capabilities that, say RSI, has, which EMC bought a few months ago," King said. "But I think the Consul product is very deep in security administration for the mainframe, and IBM has been pressing really since the announcement of the z9 platform for having the mainframe be the security hub for the enterprise data center."
Wayne Kernochan, senior IT analyst at Nashua, N.H.-based research firm Illuminata Inc., said integration of a newly acquired product into an existing software portfolio always carries some risks.
"The situation used to be that IBM users found IBM software a little bit difficult to use because it was not necessarily fully integrated. On the one hand, you have something [from Consul] that's fully integrated, but on the other hand you still have those same integration problems. You can't always count on the integration of products being fully successful."
Kernochan said it might take IBM as long to integrate newly acquired software as it would to build new software internally. However, Consul's history of making its product work with the IBM mainframe makes this deal less risky than others.
Let us know what you think about the story; email: Shamus McGillicuddy, News Writer