As a Cisco partner, every time we meet with Cisco they tell us ‘we’re going to be recognised as one of the biggest security partners in the next three years’ – they’ve been saying that for the last 12 months.
By acquiring Splunk, Cisco are putting their money where their mouth is.
If you’d asked me who they’d acquire, I wouldn’t have picked Splunk. But the more I look at it, the more I think it’s a really smart acquisition.
Walking the security talk
If I look at where Cisco has been making noise, it’s all been about security.
But when you say ‘Cisco security’, a lot of people still think firewalls, and lots of partners don’t really cover Cisco from a security perspective outside the core stuff.
If you look at what Cisco have been doing over the last few years, it feels like a very similar story to what Microsoft went through. They were almost laughed at in security because they had a bit of a bad reputation. They really did the groundwork to build up their reputation, because you can’t just go from zero to hero in something like security; you have to do it through careful growth.
When I saw the Splunk news, I was surprised as I thought Cisco would go for more of a direct security play rather than on the log analytics side of things. Splunk wasn’t the one I would have put my money on. Although there were rumours about Cisco buying Splunk last February, the channel almost dismissed them.
But when you think about where Cisco are playing around full stack observability, the Splunk acquisition makes sense. That’s where they’ve come on leaps and bounds with what they’ve done with AppDynamics and ThousandEyes, and the way they’ve embedded ThousandEyes into the fabric of what they do. That’s quite a differentiator from the core security competition.
Cisco are coming at security from a slightly different angle than the competition.
Cisco own the network. And if I look at what they’re doing now with full stack observability, and embedding security within it, they’re almost leaving the platform side to the Microsofts of this world and coming it at it from the perspective of ‘we’ll protect everything from the next layer’, which is quite a nice differentiation.
They’ll still try and compete in the other areas – they have their own XDR platform – but it feels a bit like they’re dabbling there.
What Splunk gives Cisco
The Splunk acquisition will join a lot of the dots for the companies that have had long-term investments in Splunk. It gives them a lot of access to that customer base, where they would probably traditionally have competed. I think Splunk have struggled to modernise. We used to do a lot with them but don’t any more. Cisco have got a good marketing and partner machine I think they will make them great.
There has been a lot of talk about the deal being too much money – or not enough. The teams that decide what something is worth are far smarter than me. If Cisco do the integration well they won’t have paid enough and if they mess it up they will have paid too much. History is full of bad acquisitions, not because they weren’t the right choice but because they were badly integrate. One thing I will say for Cisco is that they are actually pretty damn good at assimilating products.
Cisco need to be really open with partners and clear about their intentions for Splunk. With a big acquisition like this, people immediately worry that they’re not going to invest in the product and that the price is going to triple. Cisco has got to be really open and honest, and not price themselves out of the market.
It will be successful, but Cisco need to not try to integrate it. They need to keep it as a product, like they have done with Meraki and AppDynamics. And not mess it up like they did with Viptela!
Will Cisco achieve a slam-dunk with Splunk?
My guess is yes.
This acquisition is partly about being recognised as being serious about security. If you look at how Microsoft did that, it was kind of the same. Microsoft spend more money on security R&D than any other security company – and they weren’t known as a security company. That’s only happened after five years of hard work and partner investment – that’s what it needs.
That’s what Cisco partners need – and I think we’ll get it. Cisco are really good at this. They will invest in partners and in training and awareness.
Generally, when Cisco put their mind to something they do a good job of it. They took their eye of the ball in collaboration. But I think they are trusted in this category.
Rob Quickenden
Rob Quickenden is CTO at Cisco and Microsoft partner Cisilion and a Microsoft MVP
