Symantec is still spending hundreds of millions of dollars annually to develop new products, but the company recently stepped up spending on acquisitions as well to bolster its offerings. Symantec this month completed buyouts of Sygate Technologies and WholeSecurity for undisclosed amounts, and reached a deal to acquire BindView Development for US$207 million.
Symantec says that buying these companies will help round out its security products portfolio in several ways, the common thread among them being policy enforcement.
Acquiring WholeSecurity, a start-up in Austin, Texas, gives Symantec a method for e-commerce security that lets a Web site block dangerous malware on the online customer's desktop before granting access to services. WholeSecurity's Confidence Online software, which is used by eBay, Deutsche Bank and Visa, can identify and block malicious code based on its behavior rather than a specific signature. This can provide threat detection at an early stage before new attack code has been fully analyzed.
"It's the zero-hour protection," says Brian Foster, senior director for product management at Symantec, explaining the purchase of the 32-employee outfit. Symantec employs 14,000.
While Symantec intends to continue to sell WholeSecurity's Confidence Online products, it will integrate the behavior-based technology into Symantec's anti-virus and the Symantec Client Security desktop software, which includes anti-virus and a desktop firewall.
The acquisition of Sygate, a privately held company in Fremont, California, which has about 200 employees, also was carried out with an eye toward bolstering Symantec Client Security.
Symantec expects to continue selling Sygate's policy-enforcement product, Sygate Enterprise Protection (SEP), in the short term. SEP can enforce desktop use of VPN, anti-virus and patch updates based on corporate policy.
The goal is to integrate SEP into future editions of Symantec Client Security and then phase SEP out, Foster says. No timetable has been announced for doing that.
The acquisition of Houston-based BindView, expected to close early next year, is one in which Symantec has not announced plans to phase out products. Symantec says acquiring BindView will give it a line of vulnerability assessment and IT compliance software that complements its own.
BindView, whose IT compliance software is used by about 5,000 companies and government agencies, has 550 employees. The security firm reported $72.9 million in revenue last year, with an anticipated $84 million in revenues for this year.
BindView makes bv-Control and bv-Admin products, which scan desktops, server and other network gear without using agents. In contrast, Symantec has software called Enterprise Security Manager, which requires a host-based agent on the monitored machine in order to report about vulnerabilities, configuration and compliance with security policies.
Symantec says it is acquiring BindView to offer its customers both, while acknowledging agent-based software will cost more.
Gartner analyst John Pescatore says the debate over the merits of agent-based vs. agentless software for security monitoring is a timeless one for the industry.
With agent-based software, "the huge benefit is the deeper information about that node," Pescatore says. "The bad thing is agents can be expensive to install and manage."
Another advantage in using agent-based software is scalability in larger networks of 70,000 nodes or higher where scanning without agents is slow, says Randy Streu, vice president of ConfigureSoft, which competes against BindView. Agentless approaches to scanning don't work well in some networks, such as satellite links, he adds. -- Network World (US)
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.