By Simon Duddy
Symantec and Secure Computing bag big game as security firms look to bolster themselves in face of market consolidation. The welter of small players in the space means that further frantic consolidation is almost a certainty.
|~|andyPhilpot_m.jpg|~|“The deal is very interesting from a Middle East perspective as CyberGuard built up extensive partner and customer networks in the region, whereas Secure Computing had not.” - Andrew Philpott, VP of European sales at Secure Computing.|~|IT managers must keep their eyes on the security market at the moment as it is one of the fastest moving segments in IT. With enterprises guarding against ever evolving threats, a multitude of technology areas are being created though not always sustained, which has led to hordes of second and third tier security vendors.
The harsh reality is that very few of these aspiring companies will ever grow to compete on an even footing with giants of the industry like Symantec. This will inevitably lead to acquisitions and mergers. There has been ample evidence of this in the last few months with Symantec acquiring endpoint compliance vendor Sygate and Secure Computing swallowing rival unified threat management (UTM) vendor CyberGuard.
The Symantec deal shows the increasing importance of endpoint compliance in security. The technology’s pioneers are Cisco with the network admissions control (NAC) initiative, Microsoft with the network access protection (NAP) policy and Sygate with its solutions. Thanks to this acquisition, Symantec now has the technology to challenge Cisco and Microsoft on a broader front.
Endpoint compliance solutions help the enterprise enforce security by guaranteeing that all devices connected to a network — desktops, laptops, servers, and mobile devices — are running the appropriate security solutions, are configured correctly and possess up-to-date patches.
“Sygate has built up a strong reputation in the Middle East market with some major regional clients and we look forward to working with these customers to provide a comprehensive endpoint protection solution for both managed and unmanaged devices — combining Sygate’s expertise in endpoint compliance and protection with Symantec's leadership in client security,” says Kevin Isaac, regional director for Symantec MENA.
In terms of industry significance, the deal has the potential to shake-up up the endpoint compliance market, with Cisco and Microsoft’s dominance likely to be seriously challenged. Particularly enticing to Symantec is the open nature of Sygate’s solutions, with the vendor having built important relationships with a variety of network players.
“Sygate has differentiated itself through strong heterogeneous network environment support,” says Andrew Braunberg, senior analyst of information security at Current Analysis. “One of the real gems for Symantec is that Sygate has important relationships with network equipment vendors such as Alcatel, Extreme, Foundry, and HP, who license the Sygate Embedded Agent,” he adds.
Furthermore, Sygate technology allows the network professional to control unmanaged devices through its Sygate On-Demand (SODA) product. SODA allows administrators to control what network connections are allowed from a device based on domain, IP address, port, and service.
That said, although the Cisco and Microsoft solutions don’t work with each other, they do work on any network vendor’s kit. System engineering manager at Cisco, Abderrafi Belfakih, says Cisco Trust Agent can extend all the functionality of network admissions control across the equipment of any other vendor.
The deal should be good news for current Symantec customers as they will now be able to boost their security robustness without having to take on relationships with new vendors and partners. Matters are less certain for Sygate’s existing customers, who must be nervously wondering if they will get value for their investments. This is especially true as a rationalisation of Sygate and Symantec product lines is inevitable. While Symantec has emphasised how important Sygate’s endpoint security solutions are, it has been less enthusiastic about Sygate’s threat management offerings, which compete with well-established Symantec products.
Symantec says Sygate’s products will continue to be sold under the Sygate brand, although within six months of the deal closing, the products will be re-branded under Symantec. Beyond that, Sygate’s products will be integrated with the rest of the Symantec enterprise portfolio.
“Existing Sygate customers should expect that their technology investments will be well protected — at least on the network access control side,” says Braunberg. “Customers that rely on the threat protection features in Sygate’s products should look to Symantec for some assurance of continued feature support or product migration schedules,” he explains.
The product rationalisation could also have a profound impact on Sygate’s Middle East partners. Distributors and installers of Sygate systems will naturally be worried as the long term viability of large portions of their product portfolios are called into question.
“We are waiting on information from Sygate,” says a Middle East based distributor for Sygate who asked not to be named. “Whether we are positive on this or not depends on how far Symantec disturbs Sygate’s existing channel. I understand Symantec left the channel set-up alone when it took over Veritas but it remains to be seen if that will happen in this case,” he explains.
Further security market consolidation occurred when second tier vendor Secure Computing acquired similarly sized rival CyberGuard for approximately US$270 million. The deal has not been finalised yet but is expected to close in November. In connection with the deal, private equity firm Warburg Pincus will invest US$70 million in Secure Computing.
Ironically, Secure Computing rejected a takeover bid of approximately the same amount tabled by CyberGuard in July 2004, saying that it did not believe an acquisition was in the best interests of its shareholders.
Secure Computing says its acquistion of CyberGuard will create a leader in the nascent unified threat management (UTM) market. UTM devices contain more than one security technology, for example having firewall, intrusion protection and VPN on one box. IDC identified this new category of security appliance and says it will grow faster than other security hardware segments. The research firm predicts it will grow at a compound annual growth rate (CAGR) of 61% between 2004 and 2009 and comprise the majority of a combined firewall, VPN and UTM appliance market it claims will be worth US$3.45 billion in 2008.
Secure Computing also says the move will accelerate its ability to further penetrate the secure content management market and positions it as the number two player in web filtering, with approximately 21 million licensed seats.
The vendor says the combined company will benefit from a stronger and more attractive worldwide geographical footprint that includes 680 employees, more than 17,000 customers and 1,000 resellers in more than 90 countries. The company also expects more opportunities to cross-sell to both current and prospective customers.
“The deal is very interesting from a Middle East perspective as CyberGuard built up extensive partner and customer networks in the region, whereas Secure Computing had not,” says Andrew Philpott, VP of European sales at Secure Computing.
“No decisions have been made on the product roadmap yet, but customers will be a central consideration in any plans. We will canvas customers and partners from CyberGuard before we decide on the future. We want to be a billion dollar company by 2010 and we’ll only do that by retaining the customers we have acquired as part of the deal,” he explains.
The security landscape is shifting faster than dunes in the desert and deals like these emphasise potential pitfalls for the IT manager when investing in security solutions. The rapid obsolescence of products and solutions as threat evolves is a huge concern for enterprises.
“Information security managers are being confronted with rapid changes. Old methods that protect obsolete technologies from irrelevant attacks are no longer good enough,” says Jay Heiser, vice president of Gartner.
Another problem is the huge number of vendors on the market. Many smaller players have technologically innovative solutions and lead the industry when countering certain issues. A good example is Sygate’s admissions control solutions. However, the future of smaller companies is very uncertain and IT managers may hesitate to invest in a vendor that may not be around to fulfill its roadmap promises. For this reason, it is likely that most IT managers will play it safe with the result that big security players will get stronger and continue to swallow up technologically sound but stagnating smaller firms.||**||