In these pages last month, I stressed the need for top-level executives to treat communications security as an end-to-end necessity for corporate spending. However, if we flip the telescope around and look at security spending from the point of view of crypto or firewall specialists, it's easy to exaggerate the impact of a security miniboom on overall corporate IT trends.

If you take a look at most of the EE Times issues from the past summer, the bulk of communication product introductions were security-related. Point-specific products like firewalls and intrusion detection systems are some of the few healthy growth areas in an anemic corporate-spending environment. But there's the rub.

In a recent article chiding Hewlett-Packard's poor performance, The Economist magazine tangentially mentioned that security was one of the few areas where corporate IT spending was evident. Larry Ellison of Oracle was quoted as warning that, if security spending alone had to hold up IT growth, it was hard to say there was much of an upturn this year. For once, I completely agree with Ellison.

Secure system development must be part of a broader corporate strategy. Juniper Networks found the best way to use the interesting point products of NetScreen and Neoteris, by acquiring the combined companies and making security an integral part of router architectures.

The handwriting is on the wall for companies offering standalone firewalls or intrusion detection systems: Broaden your talents, acquire, be acquired or watch yourself become obsolete.

The same lesson applies at the chip level, for communication processors. Broadcom, Freescale, IDT, Intel and other control-plane NPU leaders are bringing security features inside general-purpose processors. Among the newcomers that tried to promote security coprocessors in 2000-2001, only Cavium Networks retains a strong chip-level focus on multilayer security functions.

Last week in Santa Clara, Calif., Cavium hosted a soiree to announce that it is broadening its architecture to include general-purpose control-plane functions based on the MIPS instruction set. It's certainly no surprise. A business plan based solely on embedded-security functions can't sustain a company.

From the panels I hosted last week at the Embedded Systems Conference in Boston, the implication of the very term "embedded security" is that multilayer security becomes an integrated and invisible function of broader communication and information-processing tasks. Security is scarcely its own profit-and-loss center.

Loring Wirbel is Communications editorial director for EE Times and its network publications.