When McAfee Inc. unveiled its Total Protection offering last week, the company said it was responding to IT professionals...
who want fewer security tools and a better way to manage what they have.
"We have crossed the line where customers have found there are too many point products, too many tools to manage and too many vendors to deal with," said Vimal Solanki, senior director of marketing for the Santa Clara, Calif.-based network security provider. "Meanwhile, the threats keep growing more sophisticated."
Security analysts agree IT professionals are tired of buying a new tool each time a threat emerges, and they want help managing their existing defensive devices. But, the motivation behind the latest moves from McAfee and other vendors like Cupertino, Calif.-based Symantec Corp. can be summed up in one word: Microsoft.
"Microsoft has gotten into the AV game, said John Pescatore, vice president and research fellow with Stamford, Conn.-based Gartner Inc., noting its numerous recent security acquisitions. "This has forced companies like McAfee and Symantec to aggressively work toward products that address the management challenges; products that roll a lot of tools into one."
Pescatore said traditional AV vendors are trying to stay ahead of Microsoft by offering things that improve the user's experience instead of simply trying to offer more tools for new threats. "They are responding to the customer," he said, "who would rather have one tool to address all these different threats rather than have all these different tools."
Protection for all
Exemplifying the trend, Solanki said McAfee Total Protection is designed to combine and manage all the elements of a comprehensive corporate security system through a single console and agent platform.
Offering basic and advanced versions for both small and large businesses, Total Protection for enterprises includes AV for all tiers of the network, antispyware, antispam, desktop firewall, host intrusion prevention and a complete network access control system, according to the McAfee Web site.
The enterprise versions are available beginning next week ranging from $68 to $77 per 1,000 nodes, and the small business versions are available April 25 ranging from $30 to $45 per 1,000 nodes.
"Customers have seen too much complexity with different products and different interfaces," Solanki said. "Our goal is to give comprehensive protection for everything with a single console that offers a single view" of the network security situation.
Acquisitions and parterships
Pescatore said that, in Gartner's view, McAfee has generally been ahead of the curve in offering multifaceted products. "Two years ago they put out McAfee 8.0i, where for the same price as AV, you got a built-in firewall and intrusion detection capabilities," he said.
But Symantec has been moving steadily in the same direction with AV, the personal firewall and intrusion prevention, he said. "[Symantec] calls it integrated endpoint security and critical service protection," he said. "Symantec only got there recently by making a bunch of acquisitions," including Sygate Inc., WholeSecurity Inc., Platform Logic Inc., among others.
One example of Symantec's integrated offerings is its Gateway Security 5600 product, which offers firewall, antivirus, antispam, content filtering, IDS/IPS, VPN and client configuration compliance. Another example is its Client Security product.
Like Symantec, Microsoft and others, McAfee has also moved ahead through acquisitions, such as its purchase of Foundstone Inc. nearly two years ago.
A cold war heats up
Daniel Blum, senior vice president and research director with Midvale, Utah-based Burton Group, agreed security vendors are responding to customers who are frustrated with the growing array of tools they have to manage.
"Complexity in the enterprise environment is causing a lot of heartburn," he said. "Meanwhile, Microsoft and Cisco have gotten into the antimalware space because they have to protect their environment and they see a new opportunity. So the AV market of old, with a small set of vendors and a good revenue stream, really heated up because of the fast evolution and intensity of threats like spyware."
Now, he said, McAfee and Symantec are like two countries fighting a cold war, engaged in an arms race.
"Symantec has more weapons, but McAfee is better organized right now," Blum said. "Symantec is still trying to pull together all the acquisitions they made. They don't yet have a single management console for all these products, so you need multiple update mechanisms and multiple policies IT managers must administer to the endpoint. But Symantec does seem to be heading in the same direction."
While the top vendors continue jostling for position, Pescatore said most of them seem to have learned a big lesson.
"There was a shift with the emergence of spyware," Pescatore said. "The vendors were all hoping to sell people a separate piece of software for spyware [protection], but spyware is very similar to viruses and customers grew frustrated.
"No one wants to touch 10,000 desktops to install a new tool. It's easier to put something on 10 servers. So now the vendors want you to choose them because they say they offer you the best way to manage [antispyware and other tools]."
All eyes on Microsoft
As traditional security firms like McAfee and Symantec compete for customers interested in integrated offerings, they are also keeping a wary watch on Microsoft, hoping to stay ahead of the software giant. Blum and Pescatore think enterprise security customers have largely benefited from Microsoft presence.
"It pushes the other vendors to focus more on interoperability and managing the tools that are out there," Blum said.
Yet Blum worries about what might happen if Microsoft becomes less cooperative with third-party vendors in favor of its own security products. "I hope that doesn't happen," he added.
For now, Blum said, McAfee illustrates how security vendors are moving toward more architectural, management-focused products, adding "We're in a transition from one trend to the next."