My former employer (IBM) is at it again. They've made another acquisition to add to their IBM Tivoli Security suite. This time they've acquired Encentuate, which provides an Enterprise Single Sign On (ESSO) solution in conjunction with strong (and multi-factor) authentication capabilities. They also added to the whole story by announcing the "forming of the IBM Security Software Laboratory in Singapore", which to the innocent bystander sounds like IBM are investing in Singapore and also expanding its "research" operations. In reality, it's "IBM speak" for "we just bought a company that had a bunch of developers based in Singapore and we are turning those offices into another 'lab' that we can add to our list of software labs around the world". The whole lab thing is not the point here. I just thought I'd decode that part of the press release for the non-IBM alumni out there.
So who are the ones most affected by this acquisition?
- Any customer who has bought and implemented IBM Tivoli Access Manager for Enterprise Single Sign-On (ITAM ESSO).
Halfway through 2006 (not long after the agreement with IBM), Passlogix announced the same thing with Oracle, one of IBM's major competitors in the Enterprise Identity and Access Management space. You don't need to be a genius to work out that IBM Tivoli's management team were not amused.
Passlogix actually also have an OEM agreement with Citrix for use in their solution, although I should point out that this preceded the IBM agreement and only uses sub-components of the v-GO product suite (so I've been told by some of the Passlogix guys). Consequently, the real thorn in IBM's side was the agreement with Oracle.
In other words, Passlogix shot themselves in the foot by hedging their bets with both IBM and Oracle. Sooner or later, one of these 2 giants of the software industry was going to toss Passlogix out the door like a rag doll...although still with a thin thread attached. I don't know why Passlogix didn't see it coming. Let me explain the thin thread analogy.
IBM now finds themselves with an ITAM ESSO product that is essentially a competitor to Encentuate, which they have just bought. They have also sold ITAM ESSO to many customers in the world (if I was involved in selling you this thing, I apologise profusely - I had no idea). Being IBM and with a reputation to uphold, they will still have to support it for customers that have bought it. In parallel, they are going to have to "blue rinse" Encentuate and out of the colouring process will emerge ITAM ESSO! In other words, the next version of ITAM ESSO will be the "blue rinsed" version of Encentuate. What will marketing do with this? Here's my guess:
- Announce (probably informally - essentially just "socialising" the news to existing customers through the sales teams) an impending upgrade to ITAM ESSO 6.0 (Passlogix v-GO).
- "Blue rinse" Encentuate.
- Announce the release of ITAM ESSO 7.0 with new, major functionality including strong and multi-factor authentication, remote single sign on and additional logging and auditing which is integrated with IBM Tivoli Compliance Insight Manager (actually, this last bit will probably be released in version 7.1 because IBM product management will just want to get core 7.0 out the door ASAP).
Apart from existing ITAM ESSO customers, Passlogix is the other obvious loser. IBM will need to keep its relationship with Passlogix because they still need to support version 6.0 and Passlogix are ultimately the "development team" in this instance. This arrangement will only last as long as customers are on version 6.0 or when IBM decide to stop supporting version 6.0. From memory, upon release of a new version, IBM will officially support the n-1 version for 2 years starting from the date of release of the new version. I don't know if the policy has changed, but if it hasn't this means that the IBM and Passlogix relationship will only last for a further 2 years starting from the release date of ITAM ESSO 7.0.
I can only imagine that Passlogix is suddenly being extra nice to Oracle because it looks like they have just lost IBM as a potential suitor to sell to. It also means they cannot rely on pushing the acquisition price up by hoping that IBM and Oracle start a bidding war. At this point in time, Passlogix have 1 suitor. Oracle. IBM has found something "better" and as a bonus, they just added strong authentication to their kit bag!
UPDATE 1: I just read the Burton Group's reaction to the acquisition and it reminded me that Sun also has a partnership with Passlogix. It's not an OEM one to the best of my knowledge, but Sun could perhaps be a suitor for Passlogix. I still think Oracle's the more likely option however, as Sun has hedged their bets as well because of their partnership with ActivIdentity (one of Passlogix's major competitors).
UPDATE 2: Chris (I don't know his full name because he doesn't publish it) just left me a comment in response to this post to point out that BMC are also a Passlogix v-GO reseller. I actually went back to take a look at Passlogix's list of non-OEM partners and true enough, BMC is on there. If you look down the list, you might also notice that Novell is listed. I don't know if it's a reseller agreement or just a technology integration certification/partnership, but Passlogix are sure hedging their bets even more than I initially thought. I still believe that Oracle are the number 1 suitor and the vendor most likely to acquire Passlogix, but at least having all these partnerships gives Passlogix options if things don't go well with Oracle.