Recently, Micromuse announced plans to augment its security information management products with its acquisition of GuardedNet, one of the longstanding players in the space.

This event was not a surprise. With limited differentiation among competing offerings, the SIM market has become highly competitive - as suggested by the number of competing taxonomies that describe it. Segment leaders ArcSight, e-Security, Intellitactics and netForensics, as well as challengers such as Network Intelligence and OpenService, increasingly go up against larger players like Computer Associates, NetIQ and Symantec - all competing for highly demanding integration efforts among the largest and most complex verticals.

In this atmosphere, GuardedNet had been particularly aggressive in its partnership efforts, so the acquisition was not unexpected, and will significantly shore up the competitive positioning of both Micromuse and the well-pedigreed GuardedNet team.

Does this signal the consolidation of SIM, particularly in light of Cisco’s acquisition of Protego Networks late last year? While the answer remains to be seen, SIM’s potential for complementing network and systems management has long been noted.

SIM aggregates and correlates security event data from a number of sources. As the market has matured, some SIM products have been positioned as enterprise security management (ESM) systems that can “close the loop” on security event management. This is why HP has multiple partnerships here, and even IBM has a Tivoli offering (though hardly on a par with ESM leaders).

Management vendors aren’t the only ones with an interest in SIM/ESM. Symantec continues to leverage its own management assets to beef up its enterprise strategy. Protego’s functionality has become a cornerstone of Cisco’s approach to security management - but the company partners with leaders such as netForensics when additional depth in SIM/ESM is required.

One of the more interesting security management partnerships is between EMC and SenSage. SenSage is differentiated by its ability to correlate meaningful data from a large body of unstructured information. Today, SenSage uses this capability in security analytics. Its technology could, however, become valuable to EMC in managing massive amounts of data, which could play a role in EMC’s forward-looking approach to information lifecycle management.

Denise Dubie is senior editor with Network World.