The move extends Fortinet’s recently announced Security Fabric to include visibility into non-Fortinet products. It also gives Fortinet its first entree into SIEM, a market the security giant had yet to participate in.
AccelOps’ products will be folded into the Fortinet portfolio under the name of FortiSIEM.
Based in Santa Clara, Calif., a stone’s throw from Fortinet’s Sunnyvale, Calif. home, AccelOps is a nine-year-old company with about 60 employees. AccelOps had raised $25 million in two rounds, the latest one in 2012. Fortinet acquired the company for $28 million in cash plus $4 million in incentives, according to an SEC filing.
SIEM involves securing monitoring, management, and analytics. In other words, it’s about keeping watch over the network. Nowadays it’s being combined with threat intelligence — a catalogue of known threats and intrusion methods that can be compared with the activities SIEM sees. In the case of AccelOps, Fortinet can accelerate that integration, says John Maddison, the company’s SVP of products and sales.
Putting SIEM to Work
Fortinet sees SIEM not only as a key category by itself but also as an enhancement to the Security Fabric. The term refers to Fortinet’s combined portfolio and is meant to invoke images of these products interweaving to span the entire network — from endpoints, including Internet of Things (IOT) devices, to the cloud.
But Fortinet can only provide visibility into its own products on the Security Fabric. AccelOps will extend that visibility into other companies’ products.
In that sense, as well as in a more straightforward sense, SIEM was a missing piece for Fortinet, Maddison says.
Eventually, AccelOps could help Fortinet provide segmentation, applying different security models to different parts of the network. More immediately, the acquisition will satisfy a simpler need: a snapshot of what products (Fortinet or otherwise) are even on the network.
“I have customers who have thousands of firewalls out there, and they don’t know where they are,” Maddison says.
Fortinet also plans to use AccelOps as the basis for a managed security-auditing service called 360° Support. That’s due to be available in the third quarter, Maddison says.
Finally, Fortinet expects to offer SIEM on a software-as-a-service basis to small and midsized businesses, Maddison says.