Syncsort Bolsters IBM i Security Play With Cilasoft Buy
January 8, 2018 Alex Woodie
Syncsort significantly beefed up its security bona fides last month after we went on holiday hiatus when it acquired Cilasoft, an IBM i security software company based in France that also has a significant North American presence. Syncsort, which bought HA giant Vision Solutions last year, recently shared its security product plans – including the possibility of creating a new IBM i product based on technology from Cilasoft and Enforcive and integration with Splunk – with IT Jungle.
On December 12, Syncsort announced that it has completed the acquisition of Cilasoft, its products and technology, and its approximately 35-person workforce, which is split between offices in Annecy, France, and Atlanta, Georgia. Syncsort CEO Josh Rogers says he is thrilled to welcome Cilasoft and its IBM i expertise to Syncsort, which is headquartered in Pearl River, New York.
“The addition of Cilasoft, combined with the complementary security capabilities recently acquired with Enforcive Systems, significantly bolsters our data availability portfolio with innovative software to meet modern security challenges,” Rogers says in a statement announcing the deal.
David Hodgson, Syncsort’s chief product officer, tells IT Jungle the company is looking to create a new security product (working name: MIMIX Security) that addresses some of the most pressing security concerns of IBM i shops.
“What we’re looking at doing is taking the best of both products and create a new product,” says Hodgson, who joined Syncsort about 18 months ago after spending more than 10 years at CA Technologies.
While the plans are still being firmed up, the idea is to start with Cilasoft as the base product, and then to pull some of Enforcive’s IBM i security capabilities into it. The company is particularly keen on Enforcive’s policy management and encryption capabilities, according to Hodgson, while it’s fond of Cilasoft’s IBM i journaling and auditing capabilities, its Controller access control solution, and its elevated authority management (EAM) offering.
2018 is shaping up to be a big year in auditing due to the General Data Protection Regulation (GDPR) going into full affect this May. Hodgson says both Cilasoft and Enforcive have good IBM i auditing capabilities, although he adds that Cilasoft’s footprint with QJRN/400 is smaller and the product more nimble.
In addition to buying products and customers, the acquisition of Cilasoft nets Syncsort some additional talent in the human resources department. In particular, the Syncsort team is eager to start working with former Cilasoft president Guy Marmorat.
“Guy Marmorat is a wonderful addition to the company,” Hodgson says. “Guy is going to be central to us going forward as we build our IBM i business.”
Marmorat will be joining Hodgson’s group in product management, where he will be leaned on to help shape strategic direction for Syncsort’s push into security and auditing. “Clearly he’ll still be working closely with CTO Tendü Yogurtçu’s engineering teams, but just from a slightly different supporting structure,” Hodgson says.
When news of the Cilasoft acquisition broke last month, rumors began circulating that it showed that Syncsort was having second thoughts about the deal for Enforcive. (Vision Solutions announced its intent to acquire Enforcive just one day before announcing the private equity deal that would see it merge with Syncsort last July).
That couldn’t be further from the truth, Hodgson says. “Clearly what I don’t want to do is give the impression that we’re backing away from Enforcive,” he says. “Enforcive is still a really strong solution and has a big customer base. So we’ll be investing in both.”
The acquisitions of Cilasoft and Enforcive also figure to play in some of Syncsort’s other security development plans, including building connections to next-gen security information and event management (SIEM) products, like the one from Splunk.
“We have a good strong partnership with Splunk at the moment over our product called IronStream, which integrates log data from the z/OS environment on the mainframe into Splunk,” Hodgson says. “We’re very interested in how we can beef up, perhaps even re-use the technology between Enforcive and Cilasoft, to grow the integration with Splunk.”
Driven by requests from customers who run both of IBM’s Big Iron platforms, Syncsort is currently working on a new product that would push IBM i log data into Splunk. “We’re doing some work at the moment creating Spunk dashboards to actually present the IBM i data,” Hodgson says. “It’s still early days, but we’re playing with those dashboards. But what we sort of imagine is that there’s some customers who are interested in seeing user activity across mainframe and IBM i.”
When it acquired Vision last year, Syncsort talked about its new “Big Iron to Big Data” strategy. Creating an innovative way for IBM i shops to address GDPR requirement and to deliver IBM i log data into Splunk would appear to be strong early example of that strategy being put into action.