The rumored merger of storage software giant Veritas Software Corp. and information security behemoth Symantec Corp. may be a sign of things to come.
According to various reports, Symantec, of Cupertino, Calif., is angling to buy Mountain View, Calif.-based Veritas—which offers software for backup and archiving, file systems, storage and server automation, and application service management—for more than $13 billion.
If completed, the merger of the two companies may be the proof the industry needs that storage and information security themselves are merging, said Steve Duplessie, senior analyst at Enterprise Strategy Group of Milford, Mass.
“It proves what we and users have been saying for a while—you cant continue to disassociate security from data,” he said. “Security has typically been perimeter-based, but all of the crown jewels are spinning around on disk drives, and it was inevitable that these two things come together.”
Over time, the combined company could begin providing what the industry needs in terms of security-infused storage products, he said.
“Youll see complete integration of things, like a security event triggering an automated backup, that ultimately have to happen,” said Duplessie. “And Id be surprised if you didnt start to see Veritas starting to encrypt data everywhere.”
The move makes sense for both companies, experts said. Symantec has long tried to begin applying security principles to storage, first by attempting to buy VMware (eventually purchased by EMC Corp.) and then following through with the purchase of PowerQuest. The purchase of Veritas, which was a stockholder of VMware, would further that goal.
Veritas has made itself a particularly attractive target through its rash of acquisitions over the past few years with application-level agents and network reporting technology, said Jay Kidd, chief technology officer of Brocade Communications Systems Inc., of San Jose, Calif.
“It has moved from being at the layer of the enterprise value stack, which is totally focused on storage, up into more application and server administration,” he said. “If Symantec was looking to move up into the enterprise, Veritas put itself right in Symantecs path.”
In addition, the companys stock is at a relatively inexpensive level, making the timing good for both Veritas and Symantec, Duplessie said.
But the motivation for Veritas may be quite different. Like Symantec, it could be a realization that storage and security belong together, but it could also be a way for the organization to grow beyond its current capabilities, said John Webster, senior analyst of Data Mobility Group, of Nashua, N.H.
“They have been talking a lot about utility computing, but how much of that can Veritas really address as a storage player?” Webster said. “A lot of analysts told them they were biting off more than they could chew. They can address storage management, management of the storage network, and they have even made some acquisitions that have shown they are trying to get into application performance management, but there is still a hole in the strategy—the network. They cant manage the network unless they are willing to buy Tivoli away from IBM or OpenView away from HP [Hewlett-Packard Co.] or Unicenter away from Computer Associates or buy BMC outright. So they may have come to the realization that they have come as far as they could go alone.”
Although the impact on many storage companies may be minor, the impact on Veritas direct competitors could be devastating.
“If the deal goes through, companies like EMC will look like they were caught sleeping, because they are nowhere when it comes to security,” Duplessie said. “This could wake up the rest of the giants, and they are going to realize they have to play, because it will be difficult for anybody to just sell backup when Veritas/Symantec can walk in the door.”
Although its far too soon to anticipate what major competitors like EMC might do, Duplessie said they have just a few options. “They might react by buying a smaller security company and trying to integrate it, or maybe they try to cut a deal with McAfee or Computer Associates. They will have to do something, though.”