|
|
Instant Insight |
January
22, 2002
IBM and VeriSign Ink Internet Security Alliance
IBM and VeriSign have announced the signing of a technology, services and marketing alliance. Under the multi-year agreement, the two companies plan to collaborate on Web technology, infrastructure and security, integrate key technologies and market new and enhanced services to their customers. As part of the agreement, IBM and VeriSign will:
¨ Develop and market a new Entitlements Management Service based on Tivoli Policy Director, IBM’s security management and access control software. Implemented with VeriSign’s Hosted Services technology, the new service will combine online authentication; digital credentialing and signatures; and signatures, authorization and policy management with dynamic updating of customer and partner information.
¨ Leverage IBM Global Services to coordinate consulting and integration services with VeriSign. VeriSign’s Consulting Services network of affiliates will cooperate to provide managed services and support for companies implementing public key infrastructure (PKI) solutions.
¨ Collaborate to advance key security standards, including SAML and XKMS for enabling dynamic Web services. IBM plans to embed XKMS into and leverage SAML in Tivoli Policy Director.
¨ Deploy IBM server and software infrastructure components in VeriSign’s IT infrastructure, including IBM eServer pSeries and xSeries systems.
The new alliance is designed to provide customers computer security options ranging from stand-alone software to managed software services delivered as a utility service over the Internet. Tivoli and IBM Global Services will begin offering VeriSign’s PKI solutions to their clients immediately.
Pricing/Availability
The jointly developed Entitlements Management Service is scheduled for availability in mid-2002. No pricing for products or services was released
Net/Net
While there is no shortage of publicly announced alliances in the technology sector, this agreement is notable for a number of reasons, the first of which might be called the 600 Pound Gorilla Factor. Given the company’s aggressive development of PKI technologies and associated online authentication and credentialing solutions, and its continuing management of Web domain names, VeriSign has maintained primacy in its areas of expertise, despite the efforts of competitors such as Entrust and Baltimore Technologies. On the basis of sheer size alone, IBM has long been the alpha player in enterprise computing, but over the past two years the company has become scarily efficient at entering new (or sometimes re-entering old) business sectors and seizing turf. Put the two behemoths together with a well-engineered agreement to make sure they play nice, and one can behold an alliance with tectonic potential for the rest of the market.
That said, what does this agreement mean for the principals, their customers, their competitors and the rest of the market? From a purely practical standpoint, VeriSign looks to be the biggest potential winner here, at least over the short term. The alliance provides a measurable method for opening the doors of IBM’s reported 20,000+ business clients to VeriSign PKI solutions, and puts those products into the hands of IBM’s Global Services sales reps that have seldom (if ever) been accused of being shy or retiring. But IBM should also see real benefits since pairing with VeriSign allows the company to go directly to market with well-known and established security products at a time when the world in general and businesses in particular are feeling especially insecure.
For customers and the market the news should be largely good, though the proof, as they say, is in the pudding. On the surface, the IBM/VeriSign deal would provide IBM customers immediate access to security products whose capabilities are known quantities. VeriSign’s clients, especially those who use IBM products, may see some performance enhancements as the companies work together to optimize their solutions. That optimization, of course, is the previously mentioned pudding. The technology realm has witnessed countless proclamations of undying friendship fall silent in unmarked graves. How well the IBM/VeriSign deal will play out remains to be seen, but in the end the best thing about the agreement may be its sheer magnitude. This fact may inspire the principals to do their best to keep the thing alive and kicking since sweeping it under the rug would prove logistically difficult in the extreme.
The news may not be so good for the competition. If the agreement pans out as planned, it puts a few more arrows into IBM’s already potent enterprise quiver. Additionally, the part of the deal that makes IBM pSeries and xSeries servers and software part of VeriSign’s infrastructure will likely be regarded as a black eye for Sun Microsystems, which was VeriSign’s previous server vendor of choice. PKI solution vendors including Entrust and Baltimore Technologies have little to cheer them in the deal, though the alliance may inspire other infrastructure hardware vendors to consider similar deals with security ISVs. There is also the possibility that IBM and VeriSign’s willingness to work together might have unintended consequences, especially in the areas of driving standards-based systems and open development. At its heart, this deal is a Web services play, and the Web services arena has been host to some ugly wrangling of late, especially between Sun’s Liberty Alliance crowd and Microsoft’s .NET. Given the relationships Microsoft maintains with both IBM and VeriSign, and the two companies’ commitment to industry standards and open development, we wonder how the folks in Redmond will respond.
Lastly, let us consider the IBM/VeriSign deal’s hosted
services angle. As we have said before, we believe in Service Computing, the
notion that business computing infrastructures and access devices will soon be
able to provide computer applications as Web-based services similar to
utilities such as telephone and electricity. This ain’t your Grandma’s ASPs,
but will instead be highly flexible computing capabilities that can be scaled
and adapted to virtually every need. IBM dubs this Commercial Grid Computing,
and while we might differ on terms, we agree completely with its assumptions.
In its ultimate incarnation, this alliance could provide a rigorous testing
ground for delivering applications via the Service or Commercial Grid Computing
infrastructure. Ultimately, we believe that this would outweigh whatever
financial and business benefits the deal might deliver to IBM and VeriSign in
the near term.
The
Sageza Group, Inc.
900
Veterans Blvd, Suite 500
Redwood City, CA 94063-1743
650·366·0700 fax 650·649·2302
Europe (London) 44·020·7900·2819
Copyright © 2002 The Sageza Group, Inc.
May not be duplicated or retransmitted
without written permission