Single vendor or consolidated platform strategy starts with “cost efficiency” and ends with “sub-optimal” experience and security with no real cost benefits
The arguments between the single-vendor (also marketed as a consolidated platform) strategy and the multi-vendor (also marketed as best-of-breed products) strategy continue forever. Every vendor backs the arguments of one side based on their current product offerings rather than taking a critical look at the real value that customers are achieving in reality.
I believe that single-vendor vs multi-vendor is similar to being reactive vs proactive respectively. Why?
Customers prefer the single-vendor model or consolidation for the following reasons
- Cost efficiency
- Least maintenance overhead
- Single point of contact for support
But in reality, all the above points are not achieved by selecting a single-vendor. The reasons for single-vendor not delivering above promises are
- Disintegrated products: Vendors bundle multiple different products organically or inorganically into one package. There is no real product/technology level integration. Customers still end up using multiple policy definitions, consoles, and even EDR products to consolidate the logs.
- Loose ends: While single-vendors might offer several functions, they have not invested on all these functions to make them best of the class. So, customers have to live with some functions that are sub-optimal.
- Higher costs: While the bundled package price is less than a group of best-of-breed products, customers have to buy professional services from the single vendor because there is no easy or built-in integration. The cost of professional services increases the overall cost of ownership of these single-vendor platforms.
- No single point of support: There is no single support personnel who can troubleshoot all functions of the platform. Customer ends up with several support people working on their issue.
Above all, customer ends up with an infrastructure where some functions are “me-too” or “sub-optimal” than a state where all functions are best-of-breed. This is the most important drawback of following the single-vendor strategy.
Does it work?
Take some examples in the last one-year. There have been security attacks on major customers and federal agencies because they consolidated all security functions using one vendor. There were loopholes in some security functions in the platform offered by the vendor which helped attackers an easy entry.
There are incidents where the industry’s top vendors are using 10-year or 3-year certificates for their infrastructure which went unnoticed till they expired. While service disruption is one issue, using such long-period certificates is a very poor security practice.
So, is everything perfect in the world of “best-of-breed” products? No, there are some critical points that customers must look for. If customers take these additional steps, the end result is a high-quality, highly secured infrastructure that works out well for customers.
- Integration: Customers must ensure that these best-of-breed products clearly demonstrate that they can integrate with other functions (from other best-of-breed vendors) smoothly.
- Differentiation: The best-of-breed products must demonstrate why they are considered best, and what is the differentiation that they are bringing to the table. The architectural superiority of these products must ensure that customers receive the highest value for what they are buying.
- Collaboration: Vendors must demonstrate and provide SLAs to collaborate with other vendors when it comes to supporting the customer as one team. Otherwise, customers will not have the confidence to adopt the best-of-breed products.
Customers can go with a single-vendor strategy to avoid evaluating and integrating multiple best-of-breed products. But, the risk of “reacting” to an incident in the future when some function of this single-vendor platform fails is always lurking. Or, customers can take the route of “proactively” evaluating and integrating the best-of-breed products to get a highly robust infrastructure and avoid future incidents.