With the dust settling after Oracle's acquisition in April of Sun Microsystems, onlookers are left wondering how the companies will integrate and what it might mean for the IT security marketplace. As a result of the acquisition, Oracle will add various Sun products to its current line-up of solutions, including programming language software Java and the Solaris operating system, which already has been a major platform for the Oracle database.
The addition of these products will give Oracle the opportunity to build a very secure “vertical stack,” thereby reducing much of the attack surface of incorporated offerings, said Don Leatham, director of solutions and strategy at vulnerability management vendor Lumension.
“A tightly integrated, locked down operating system and database platform holds great promise for increased security in the future,” Leatham said.
When the acquisition was announced, Oracle CEO Larry Ellison said in press release that the move would allow the company to create an integrated system that tied “applications to disk” together. “Our customers benefit as their systems integration costs go down while system performance reliability and security go up,” he said.
But that's not all. Sun has quite a bit to offer in other areas of security, such as public key infrastructure and encryption, said Sally Hudson, a research director in the identity management products group at analyst firm IDC. And they've been a strong player in the identity and access management space. On the flipside, Oracle has a huge application portfolio, database business and middleware stack, which gives Sun a much broader reach, Hudson added.
Customers benefit, too, gaining more choice and flexibility. As well, the combined companies will offer “interesting and viable” solutions in the cloud - an area that is continuing to see growth.
The challenge, though, will be deciding which product lines, features and functionality Oracle will keep and which will be phased out, Hudson said.
And with two databases now, Oracle database and MySQL, the company also will be tasked with keeping both secure, along with Java, which is likely to become even more ubiquitous and thus a more tempting target for exploitation, said Leatham. – Angela Moscaritolo