Filling the holes: thoughts on an EMC/Courion combo

So RSA’s parent company, EMC has entered into agreement with Courion to offer Courion’s suite of products including:

  • PasswordCourier – password management
  • AccountCourier – user provisioning
  • RoleCourier – role engineering and management
  • ComplianceCourier – policy verification and self-assessment

This, as Ian Yip points out, does fill the gapping hole in the EMC/RSA identity management story left by Oracle purchasing Thor, RSA’s old user provisioning partner.

The other side of this equation is that Courion has lacked a web access management tool.  That is not to say that I think they truly needed one and I applaud Courion for sticking to their knitting and making a really great business/end-user focused suite.  But that being said, they are in Gartner’s leadership quadrant for user provisioning with the big boys, all of whom have WAC/WAM capabilities.  In a toe-to-toe fight against those guys I am sure there are cases where no having a WAM product has hurt them.  (Although people proclaim the identity management suite dead or at least a non-issue, I have to imagine that there are still RFPs out there looking for the whole enchilada no matter how poorly integrated it might be.)  This is the long way around to say that RSA Access Manager (Securant not to be confused with Securent – anyone else confused by this?) helps fill a hole in the Courion family of products.

All in all if EMC were to actually buy Courion, it would be too surprising.  At the very least, it wouldn’t increase employees’ commute to work too much…

More coverage of Cisco and Securent

I think that Phil’s take on this sits somewhere in between Dave’s cynicism and Eric’s unabashed joy.

I do agree with Dave in that I doubt that this acquisition signals a market consolidation – the entitlement market is too new.  Look at the role management market as an example: it’s been around for a few years, lived longer than most expected, and just now are we seeing consolidation.

Your network ate my fine-grained auth engine: Cisco to acquire Securent

Cisco has announced it has agreed to acquire Securent. First, of congrats to my friends there. Well done.

Second, I have to wonder about this one. It makes a form of sense to integrate Securent into SONA. That makes sense… at some point. I wonder how baked the addressable market is for fine-grained authorization capabilities managed from the network through the application stack. Abstracting routing tables to business processes and objects is definitely an interesting one, but when does it really transition from an interesting academic exercise into a Cisco-sized market?

Third, Andras Cser over at Forrester writes:

Given the fact that enterprises are increasingly looking for integrated IAM stacks, the entry of Cisco into the entitlement management market will require a clear strategy of becoming a provider of IAM solutions either through organic growth or by acquisition.

If Cisco is really getting into the IAM market, they picked a bit of an unusual beachhead. Entitlement management and fine-grained auth are emerging submarkets within IAM; they are important, but are significantly smaller markets than web access management, enterprise single sign-on, user provisioning, etc. If Cisco is that serious about tackling this market, it seems to me they would have started with a more mainstream, mature area.