Sun shifts strategy with GRC push |
 |
By Robert Westervelt, News Editor
04 Mar 2008 | SearchSecurity.com |
|
|
Sun Microsystems Inc. launched its governance, risk and compliance (GRC) strategy with new products and services for identity management, auditing and compliance. Sun's move into the market directly challenges Oracle, IBM, CA and others vying for a larger share of the identity management market.
|
|
|
|
|
I think Oracle and Sun are in a foot race if not a horse race to provide a separate set of GRC capabilities more comprehensive than role management.
Kevin Kampman,
senior analyst, Burton Group
|
|
|
|
|
|
|
|
|
|
Sun, is putting less emphasis on technology, focusing on a complete GRC portfolio that includes partnerships and services to address risk. Analysts said the new strategy would be a challenge for the vendor, which has traditionally focused on its open source tools.
The GRC strategy includes an expansion of its identity management portfolio with the new Sun Role Manager—integrating its acquisition of Vaau RBACx role management suite as well as the company's services arm into the portfolio. Sun acquired Torrance, Calif.-based Vaau in November to fill in a gap in enterprise role-management. It had a longstanding partnership with Vaau, enabling the software to work with the Sun Identity Manager. Sun executives said they plan to release new technologies and features over the next 12 months to fill in additional missing pieces in the portfolio.
"Enterprise role management is critical to establishing access control compliance and is a big part of GRC," said Nick Crown, a GRC product line manager at Sun. "It allows people to understand the level of access users have and more importantly it also provides an interface in order to define and manage roles."
The market for role management software has been consolidating over the last year. In September, Oracle Corp. acquired ERM vendor Bridgestream Inc., and Cisco Systems Inc. announced that it's acquiring security software maker Securent, of Mountain View, Calif., for about $100 million.
Kevin Kampman, a senior analyst at Midvale, Utah-based Burton Group said he would be watching to see how well Sun executes its strategy in an area they are less recognized in. Sun has been trying to retool its identity management strategy for a while and didn't have a clear message formulated, he said. GRC is a way to bring all the components together.
"I think Oracle and Sun are in a foot race if not a horse race to provide a separate set of GRC capabilities more comprehensive than role management," Kampman said. "Vaau was a serious contender in the role management and compliance management space, so it was a very timely acquisition for sun to leverage that organization's view of how to manage identities in organization and tie that into role management."
|
| Identity, roll management market: |
Sun acquiring Vaau for identity management: To better serve customers preoccupied with regulatory compliance and identity management, Sun has agreed to acquire enterprise role-management vendor Vaau.
Audio download:
Security360: Identity management market Analyst Mark Diodati describes the leaders of the identity management market; IBM's Joe Anthony explains Big Blue's strategy and Novell's Dale Olds on user-centric identity. |
|
|
|
|
Sun has about 500 Identity Manager customers with about 300 that have deployed the product in production, according to the Burton Group.
Sun executives said they would make a push to be more competitive in the market by expanding their ecosystem of partnerships with third party vendors and experts to further develop its open source technologies and identify customer opportunities and participate in development.
Vaau has had partnerships with CA and IBM and Crown said he expects those partnerships to continue. For example, CA has used Vaau in several large provisioning implementations.
"One of the benefits of the product is that it can work with other identity management systems with other vendors, and we're going to continue that moving forward," he said. "Having open interfaces and giving customers choice has been the philosophy at Sun."
|
