Analysis: Symantec rattles security landscape

[InfoSec News <isn () c4i org>]

http://www.infoworld.com/articles/hn/xml/02/07/18/020718hnsymantecanaly.xml

By Brian Fonseca and Sam Costello 
July 18, 2002 4:10 pm PT

AS THE DUST begins to settle on Symantec's eye-catching $350 million
cash purchase of three vastly different security vendors, big-name
security players suddenly lodged squarely in Symantec's sights have no
intention of sitting idly by and already are planning their next move.

Bolstering its own formidable anti-virus and security appliance
product set with a much broader security portfolio, on Wednesday
Symantec placed its bid to assimilate Recourse Technology's anomaly
and signature-based IDS (intrusion detection system) capability,
SecurityFocus' vulnerability assessment technology, and Riptech's
managed security range of services, according to Gail Hamilton,
executive vice president of Cupertino, Calif.-based Symantec.

In the short term, Hamilton said the acquired assets will be offered
as separate products but will eventually be absorbed into Symantec's
overall security management system starting with bundling in
Recourse's IDS Manhunt product as its first priority.

"[With the acquisitions we are] going to just leapfrog over [security
competitors] with a commanding lead in the marketplace," said a
confident Hamilton. "Our intent is not to be number two or three. We
want to be number one."

However, fallout from Symantec's feeding frenzy is drawing criticism
that the task of integrating the triage of dissimilar security
technology into a cohesive and affordable unit for customers will
prove difficult to pull off.

"I really question how effectively a company can bring together four
very unique and different companies and solve customers' problems in a
best-of-breed or best-of-class way," said Steve Grant, vice president
of solutions management and business development at Atlanta-based
Internet Security Systems (ISS).

Remarking that he was "flattered" that Symantec would acquire pieces
that directly oppose ISS' managed services offerings, IDS components,
and X-Force research team, Grant said only a suite strategy can
loosely tie together such different parts in a short period. He noted
that enterprise customers in greater numbers are turning their backs
on security suites in favor of point solutions capable of
disseminating between a security-related performance problem and
network outages.

According to Hamilton, Symantec's acquisition of Mountain Wave earlier
this month for $20 million will play a "major role" of integrating and
leveraging its CyberWolf security event detection technology to power
the security management system Symantec envisions. In fact, how much
Symantec is capable of squeezing out of Mountain Wave will determine
the success of its bigger high-profile acquisitions, said Pete
Lindstrom, director of security strategies at Framingham, Mass.-based
Hurwitz Group.

Lindstrom said Symantec's blitzkrieg shopping spree will help the
company narrow its focus and allow it to deliver upon its Symantec
Security Enterprise Architecture. It has been touting for some time
now that obvious gaps the company has struggled with have finally been
filled. Hurwitz's Lindstrom said its competitors, both new and old,
should expect a rejuvenated Symantec.

"The thing that Symantec has that ISS doesn't is an anti-virus
business. That is much more mature than IDS. Here's some opportunity
to take that lead," said Lindstrom. "Certainly with the McAfee
tug-of-war creating hassle [for Network Associates], it doesn't bode
incredibly well. NAI needs to acquire to remain competitive in the
enterprise security space."

Symantec's aggressive nature to accrue its new components is evidenced
by its pursuit and courtship of SecurityFocus, said the company's CEO,
Arthur Wong.

"We were not looking around to be acquired," said Wong, noting that
although his company was above Symantec's financial forecasts, the
security vendor came at them hard with a great deal. "The strategic
combination for us was just too good to pass up."

SecurityFocus' online presence, in particular its popular BugTraq
security alert and discussion forum, will remain independent and will
run by a separate team from Symantec, he added.

Carefully watching from the sidelines, NAI says it also is on the move
to strengthen its arsenal by actively signing "a couple" of letters of
intent to acquire technology for augmenting its Sniffer and McAfee
security products, said Sandra England, executive vice president of
business development and strategic research at Santa Clara,
Calif.-based NAI. She said the company is carefully treading its
acquisition path in lieu of past experiences.

"NAI was acquisitive in the past. We didn't always make a success of
the acquisitions we made, so we want to make sure it's a right
technology fit, and cultural fit," England said. "The ISS relationship
is a very important with us and it may grow something into stronger in
the future."

In May, NAI and ISS announced plans to integrate a number of their
products and research teams. Charles Kolodgy, research manager at
Framingham, Mass.-based research firm IDC, said both security giants
could reassess the depth of their partnership.

"[Symantec] is really throwing the gauntlet down to CA [Computer
Associates], ISS, Check Point, and Network Associates," said Kolodgy.  
"They're going to put some pressure on other enterprise vendors that
don't have the suite Symantec does."

Count CA among security vendors that are not quivering in their boots
despite Symantec's brash, quick-strike acquisition act. The Islandia,
N.Y.-based software giant does not see Symantec as a legitimate
enterprise security provider until it is able to protect customers
against internal threats and properly secure mainframes, said Simon
Perry, vice president of eTrust Security Solutions for CA.

"Despite the acquisitions, they remain completely focused in threat
management. But there are two other broad areas of interest to [the]
enterprise: protecting against insider attack and hardening of
internal systems," said Perry. "[But] if I was NAI and ISS, I'd be
really worried about this."


Brian Fonseca is an InfoWorld staff writer. Sam Costello is a
Boston-based correspondent for the IDG News Service, an InfoWorld
affiliate.

 


-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.