Currently, I think there is still a market for standalone antivirus products, but the window is shrinking. For the last couple of months, my colleague Matt Carpenter and I have been testing the so-called "all-in-one" endpoint security suites, kicking the tires of the products that bundle together antivirus, antispyware, personal firewall, and host-based intrusion prevention system (IPS) functionality. Our lab tests showed that while some of the vendor products were solid, a lot of them were also immature.
When rolling all of these products together into a single package, it is difficult to prevent one functionality from stomping on another. Given the immaturity of this market niche, some of the products are difficult to use. Some even have broken functionality, which cause the AV software to crash, for example. The specific details are in the November 2007 issue of Information Security magazine. Because of the vast complexity of these tools, along with the products' immaturity, enterprises should proceed with caution.
Of course, the vendors have a vested stake in cleaning up these problems -- and doing it quickly. That's why I think that we'll see a market for the standalone products, but only for the next six to 12 months or so. After that, I believe the integrated management capabilities will convince the vast majority of enterprises (as well as consumer-grade users) to migrate to the all-in-one suites.
This was first published in February 2008