As the dust begins to settle on Symantec Corp.'s eye-catching US$350 million cash purchase of three vastly different security vendors, big-name security players suddenly lodged squarely in Symantec's sights have no intention of sitting idly by and already are planning their next move.
Bolstering its own formidable anti-virus and security appliance product set with a much broader security portfolio, last Wednesday Symantec placed its bid to assimilate Recourse Technologies Inc.'s anomaly and signature-based IDS (intrusion detection system) capability, SecurityFocus Inc.'s vulnerability assessment technology, and Riptech's managed security range of services, according to Gail Hamilton, executive vice president of Cupertino, Calif.-based Symantec.
In the short term, Hamilton said the acquired assets will be offered as separate products but will eventually be absorbed into Symantec's overall security management system starting with bundling in Recourse's IDS Manhunt product as its first priority.
"[With the acquisitions we are] going to just leapfrog over [security competitors] with a commanding lead in the marketplace," said a confident Hamilton. "Our intent is not to be number two or three. We want to be number one."
However, fallout from Symantec's feeding frenzy is drawing criticism that the task of integrating the triage of dissimilar security technology into a cohesive and affordable unit for customers will prove difficult to pull off.
"I really question how effectively a company can bring together four very unique and different companies and solve customers' problems in a best-of-breed or best-of-class way," said Steve Grant, vice president of solutions management and business development at Atlanta-based Internet Security Systems (ISS).
Remarking that he was "flattered" that Symantec would acquire pieces that directly oppose ISS' managed services offerings, IDS components, and X-Force research team, Grant said only a suite strategy can loosely tie together such different parts in a short period. He noted that enterprise customers in greater numbers are turning their backs on security suites in favor of point solutions capable of disseminating between a security-related performance problem and network outages.
According to Hamilton, Symantec's acquisition of Mountain Wave earlier this month for $20 million will play a "major role" of integrating and leveraging its CyberWolf security event detection technology to power the security management system Symantec envisions. In fact, how much Symantec is capable of squeezing out of Mountain Wave will determine the success of its bigger high-profile acquisitions, said Pete Lindstrom, director of security strategies at Framingham, Mass.-based Hurwitz Group.
Lindstrom said Symantec's blitzkrieg shopping spree will help the company narrow its focus and allow it to deliver upon its Symantec Security Enterprise Architecture. It has been touting for some time now that obvious gaps the company has struggled with have finally been filled. Hurwitz's Lindstrom said its competitors, both new and old, should expect a rejuvenated Symantec.
"The thing that Symantec has that ISS doesn't is an anti-virus business. That is much more mature than IDS. Here's some opportunity to take that lead," said Lindstrom. "Certainly with the McAfee tug-of-war creating hassle [for Network Associates], it doesn't bode incredibly well. NAI needs to acquire to remain competitive in the enterprise security space."
Symantec's aggressive nature to accrue its new components is evidenced by its pursuit and courtship of SecurityFocus, said the company's CEO, Arthur Wong.
"We were not looking around to be acquired," said Wong, noting that although his company was above Symantec's financial forecasts, the security vendor came at them hard with a great deal. "The strategic combination for us was just too good to pass up."
SecurityFocus' online presence, in particular its popular BugTraq security alert and discussion forum, will remain independent and will run by a separate team from Symantec, he added.
Carefully watching from the sidelines, NAI says it also is on the move to strengthen its arsenal by actively signing "a couple" of letters of intent to acquire technology for augmenting its Sniffer and McAfee security products, said Sandra England, executive vice president of business development and strategic research at Santa Clara, Calif.-based NAI. She said the company is carefully treading its acquisition path in lieu of past experiences.
"NAI was acquisitive in the past. We didn't always make a success of the acquisitions we made, so we want to make sure it's a right technology fit, and cultural fit," England said. "The ISS relationship is a very important with us and it may grow something into stronger in the future."
In May, NAI and ISS announced plans to integrate a number of their products and research teams. Charles Kolodgy, research manager at Framingham, Mass.-based research firm IDC, said both security giants could reassess the depth of their partnership.
"[Symantec] is really throwing the gauntlet down to CA [Computer Associates], ISS, Check Point, and Network Associates," said Kolodgy. "They're going to put some pressure on other enterprise vendors that don't have the suite Symantec does."
Count CA among security vendors that are not quivering in their boots despite Symantec's brash, quick-strike acquisition act. The Islandia, N.Y.-based software giant does not see Symantec as a legitimate enterprise security provider until it is able to protect customers against internal threats and properly secure mainframes, said Simon Perry, vice president of eTrust Security Solutions for CA.
"Despite the acquisitions, they remain completely focused in threat management. But there are two other broad areas of interest to [the] enterprise: protecting against insider attack and hardening of internal systems," said Perry. "[But] if I was NAI and ISS, I'd be really worried about this."