As an analyst, I’ve taken a lot of telephone and face-to-face inquiries about what we think will happen when the acquisition of Sun by Oracle is completed (or if it is completed– but that is another blog). We wrote a couple of research notes on the topic and more are in the works that look at the entire company portfolio impact, but being in IAM, I’m going to confine my comments to the identity implications of this acquisition. Let’s see if our line of reasoning about these unfolding events matches, or if you have different views on this very important topic.
First, it’s important to put the IAM part of the discussion in context with the major decision Oracle made to acquire Sun. In the great tradition of my favorite philosopher Dirty Harry, “a man’s got to know his limitations”. In this context, it means that the role of IAM in the Oracle decision to buy Sun was practically non-existent. Other Gartner research highlights the key areas that made the go-no go decision for acquiring Sun, and if IAM was even on it, it was dead-last. So let’s put the discussion about what Oracle will do with Sun IAM in the “oh yeah, we got this too” category. I’m not trying to be rude, I’m just trying to highlight the boundaries of this discussion and avoid conspiracy theory.
Second, one has to consider what kind of products we’re talking about and what historical evidence you may have to draw upon to help you do any kind of analysis on what may happen. We’re talking about products (in IAM) that overlap almost perfectly with existing products in Oracle’s portfolio. What usually happens to such products? We could try falling back on other trite sayings like “To the victor belong the spoils”, but what I’m really going to suggest may be counter-intuitive. I actually think that in spite of the overlap, there’s less reason (from historical evidence) to believe that this automatically spells doom or dismemberment of the the Sun IAM suite. Now why might one conclude that?
Oracle’s first mission in life is not to support international standards. It isn’t to consolidate and streamline the market and provide fewer choices for customers. It isn’t even to provide a one-stop shop for most IT needs. Oracle’s first mission is to make money, bluntly. To the extent other things can be done that assist in that (e.g. taking good care of customers) fine, but we are a free-enterprise society. If I look at it from that perspective, and I look at the several thousand IAM customers Sun has acquired over the years, I detect a distinct desire on the part of Oracle to maintain recurring revenue from those customers as one of its main priorities– particularly in an area that I received as a bonus part of a larger deal. This means that any snap judgments about which products to merge, which products to discontinue, which services to consolidate, all are going to take a little bit longer than you might suspect, and the final decisions may surprise you.
Having feature overlap isn’t the only kind of overlap discussion to have. One must also look at the customer profile, and to understand where Sun and Oracle overlaps occur. This means horizontal across industries (i.e. how many more banks has Sun sold to than Oracle, for example, and so on), vertical across customer size (small business, corporate, enterprise) and structure (centralized, distributed, decentralized). There are a number of variables to consider, with one really important question in mind: how much overlap occurs between Oracle and Sun products in potential customer markets, and is there a way to leverage two pretty good weapons to “divide and conquer”? Further, is there a shorter path to taking over competitor customer markets by approaching it with two weapons than with one? Which takes less time? Let’s be pragmatic here, not technologically elegant just to be elegant. There’s little return in that.
Third, play the scenarios out and estimate the timing. Let’s assume scenario 1 is “keep the Sun portfolio intact and sell– to different market segments or sectors, but in any case continue development and support” and scenario 2 may be “begin systematic review and integration of products wanted by Oracle, discard the rest”. (There are several other logical variations, but this is a blog, not a research note, so let’s be– pragmatic.) If scenario 1 does occur, it buys Oracle time to review what they have, build a long-term integration/migration strategy, and implement that over several releases of the product — say at least five to be safe. Assume one major release a year, it buys them 5 years to settle the existing customer base and offer continued opportunities for new Sun customer acquisitions. Scenario 2 is a much longer, more involved process (that is, if it’s done right) to align architectures, styles, approaches, workflows to a common future architecture, or to systematically gut the Sun product (or the Oracle product, for that matter) and do “best of breed” selection. Again, this takes a long time to do, and I would still estimate at least 5 years to reach a viable final roadmap state.
This means that Sun customers have a fairly long planning cycle– if these assumptions of future movement are reasonably accurate or logical. It also means those potential customers who have chosen Sun or are considering Sun aren’t automatically discouraged from doing so. As an analyst, I’m keen on seeing the process by which vendor selection is done not be unduly influenced by uncertainty. It is logical to be careful, methodical, and even conservative in product selections. But do not let undue uncertainty about futures that really are futures affect what may be a good choice for your enterprise. I find it a bit disturbing that consideration of Sun identity solutions is affected more by the length of time this acquisition is taking than in the real factors customers should use in such a decision process. Sun’s solutions are good ones, the people providing the solutions are very good at what they do, and it distresses me to see the company caught in the limbo of uncertainty and suffering for the wrong reasons as a result. This would be the case for any vendor caught in such a situation if the solutions they offer are viable and are likely to remain viable for a long time. I am not showing favoritism to Sun (just ask them, they’ll tell you they get bashed plenty when we perceive they’ve earned it), just stating a fact applicable to any vendor in this situation. If you must consider the future in your vendor choices (and you must) make them based on risk and informed likelihood, not artificially induced uncertainty.
Please let us know your views on this topic either way.