Last week Cisco (Nasdaq: CSCO) announced it is buying OpenDNS for the healthy price tag of $625 million. It’s nice if you can get it. The deal shows Cisco realizes the urgency of being positioned in security and, especially, having a cloud security solution.
Cisco was already an investor in OpenDNS, which protects against malware, botnets, and phishing at the Domain Name Server (DNS) layer of the Web. Combined with Cisco’s purchase of SourceFire in 2013 for $2.7 billion and you have a $3.5 billion investment in emerging security technology. In the last year, Cisco has also purchased malware analysis business ThreatGRID and security advisory firm Neohapsis.
Industry sources said they were surprised by the size of the deal. OpenDNS is believed to have revenues in the $100 million range, giving it a valuation more than 6 times revenues. It’s clear that security startups around the world are celebrating their healthy bump in value after this deal.
So the big question: What does this mean for Cisco’s security strategy, and where is it going? Security is a huge opportunity for new CEO Chuck Robbins, and this is his first big deal. Will security be Cisco’s big focus?
The most important thing about OpenDNS is that it is a pure cloud security product — based on a Software-as-a-Service (SaaS) model. Another interesting thing is that OpenDNS integrates with firewall and intrusion detection systems from Checkpoint Software and FireEye. Will Cisco toss those out and plug in its own products?
One interest thing I’ve found is that a group of leading “best-of-breed” security technology companies — Checkpoint, Cyberark, Fortinet, Fireye, Qualys, Palo Alto Networks, and Proofpoint — are dominating the revenue growth in this market. Those seven companies have generated an average of 24% compound annual growth over four years.
Some of the fast growth for these up-and-coming players is due to starting from a smaller base. Cisco actually leads the security category, according to numbers from research firms such as Infonetics, with close to 35% market share. But the best-of-breed players have been chipping away with steady market-share gains.
The problem for Cisco is that even though it has large market share, from a marketing perspective it is not always thought of as a leading security vendor. It’s thought of as a networking hardware company.
As Cisco looks to fold in OpenDNS, which is focused on protecting Web domains with SaaS security, it will need to flesh out its cloud-based model. It’s got a lot of products, and the security nomenclature and categories can be confusing. A look at the products and strategies that make up Cisco’s security portfolio include Cisco Advanced Malware Protection (AMP) — derived from the SourceFire acquisition — Firepower Intrusion Prevention System (IPS), Cisco Cloud Web Security, Cognitive Threat Analysis (CTA), Adaptive Security Appliance, and Identity Services Engine. In addition, Cisco has partnered with Elastica to offer Cloud Access Security Broker (CASB) services.
At the same time, Cisco says that its Software-Defined Networking platform, Application-Centric Infrastructure (ACI), will include new security features, such as the integration of Firepower IPS. This product is available as software or loaded on an appliance.
So, there is no doubt that Cisco is serious about piecing together a broad security strategy, which now includes OpenDNS. But what is the broader vision for security in the cloud? We await with interest to see how Cisco can tie together AMP (Sourcefire), ACI, Firepower IPS, and OpenDNS and how these products will work together in a new cloud environment — perhaps with a powerful new SaaS model.
We’re waiting to see who can become the Salesforce of Security. CEO Robbins has a great platform to build on — it will be interesting to see if he can craft Cisco’s security position into a leading cloud security brand.