Fortinet's acquisition of database security company IPLocks' vulnerability scanning technology is part of the company's strategy to expand its security product portfolio well beyond its core UTM/firewall business.
And, it's yet another indication of the more general market trend of larger security companies reaching into new areas, either through development or acquisition.
"Companies like Oracle are moving into this space; IBM, a little bit," said Rich Mogull, founder of Securosis and former Gartner analyst. "It will not surprise me to see other big companies move into this space—ones that make Fortinet look small."
The purchase was part of a complex deal in which IPLocks divested its U.S. holdings, centered around its database VA tool, while keeping its Japanese operation and database monitoring and auditing products. So, Fortinet acquired all the assets of IPArmor, and licensing rights to resell Audit Center and Audit Control outside Japan. The agreement also allows Fortinet to develop the auditing and monitoring code and then sell it as its own going forward. IPLocks' will be allowed to resell the VA scanner in Japan.
The deal is part of Fortinet's strategy to develop products in the application/database security market. The vendor won't go into details about its plans, but the opportunity to snap up the IPLocks assets was fortuitous.
"If the technology is in accordance with our strategy, and the opportunity works out, then we'll make an acquisition, "said Anthony James, vice president for products at Fortinet. "This just happened to be the right company, the right technology and the right timing. There was good synergy with what we wanted to do in the application space."
Fortinet is keeping about 30 IPLocks employees, primarily in engineering and sales.
The marriage of database and application security, which Fortinet appears to be moving towards, makes a lot of sense from a data protection perspective. The application front-ends the database, the crown jewels. Success against either compromises the data. Securosis' Mogull calls the concept ADMP—application and database monitoring and protection.
"Combine a Web application firewall and other Web application monitoring capabilities with the database stuff," he said, "and you start getting a compelling solution to deal with things like SQL injection and other kind of attacks."
Imperva, for example, which competes in the database and application security market, is unique in offering both full Web application firewall and database monitoring and auditing products. But, said Mogull, most of their deployments are one or the other. That's because a combined solution is a tough sell into the enterprise, he said. You have to address disparate application, database and security groups, who don't necessarily talk to each other much.
"That's whole lot of people to get talking together and get a line on a single strategy," he said. "That's why a lot of companies haven't looked at this and why a lot of vendors haven't offered solutions."