It's almost like the McAfee product strategy people have been going through the PCI-DSS standards and acquiring technology to address gaps in their portfolio so they can sell a portfolio that "solves" all of a customer's PCI issues (or so they say):
- They've had their Anti-virus and Anti-spyware solutions for a long time.
- They acquired Onigma at the end of 2006 for its data leakage/loss prevention/protection (DLP) capabilities. They also just updated the DLP product with functionality to catch up with its competitors somewhat (although they're still behind in functionality).
- They've got network access control software.
- They've got a so called policy engine.
- And now they've just shored up their encryption capabilities with the SafeBoot acquisition.
The gaps left are:
- Firewall - but McAfee will probably say they've got that covered with their intrusion prevention solutions working in conjunction with their network access control solution.
- System passwords and restricting access to information. In other words, Identity and Access Management.
- Testing and monitoring all accesses to resources and data. Again, more Identity and Access Management - although McAfee will also claim their DLP product working with their network access control product and their policy engine gives them the tick in the box here.
Another thing. Their list of products is growing. If they aren't careful, they'll end up like Tivoli's portfolio from a few years ago, where half the products overlapped in functionality with the other half and very few of them worked nicely together. Tivoli have since fixed that, but it took a few years.