The planned takeover of security software giant McAfee, Inc. by Intel Corp. has been met mainly with scepticism and some dismay by experts in the UK security industry.
Intel is paying an awful lot of money to enter a war with Microsoft.
ChairmanWick Hill Ltd.
The acquisition, announced on August 19, is worth $7.68 billion and has already received approval by both boards of directors. It still needs to be cleared by shareholders and regulatory authorities.
Intel said the deal would help it deliver a new approach to security. "Today's security approach does not fully address the billions of new Internet-ready devices connecting, including mobile and wireless devices, TVs, cars, medical devices and ATM machines, as well as the accompanying surge in cyber threats," the company said in its written announcement. "Providing protection to a diverse online world requires a fundamentally new approach involving software, hardware and services."
But Clive Longbottom, founder and head of Reading-based consultancy Quocirca Ltd., said that Intel has a poor track record in working with software companies. "Intel has a long and chequered history in the software market," he said. "Remember LANDesk? Left to rot, spun out, bought by Avocent [Corp.], which was then bought by Emerson [Electric Co.] and is now being spun out again? How about Excalibur? That had excellent video and image recognition software, which was spun out by Intel. That went through several morphs until it was bought by FAST and then bought by Microsoft. Overall, Intel has more luck with its microcode and its compiler software."
He doubted that consumers would choose Intel as their security software provider, and warned that any attempt to bundle McAfee software with Intel processors would run into trouble with legislators . Furthermore, he questioned whether systems integrators would side with Intel or go with other independent security software vendors where they have a stronger hand in negotiations.
Ian Kilpatrick, chairman of distributor Wick Hill Ltd., was equally sceptical, saying the merger would create an even larger company that would be less flexible and responsive to change. "Endpoints are not all Intel-based. We have new mobile phones that are grossly under-secured, and we have many other new threats, such as PBX hacking and preventing voice data leakage," he said. "These things are developing quickly and you need a flexible response."
He also forecast that Microsoft would see the move as a threat to much of the work it has done in building up its security credentials. "Microsoft will not shrink from a battle with Intel/McAfee. They will not let them walk off with what they have been building strategically," he said. "Intel is paying an awful lot of money to enter a war with Microsoft."
Many companies running all-Microsoft systems might also be fear being forced to adopt all-Intel hardware, said Kilpatrick. "It will create uncertainty, and for our resellers, uncertainty means an opportunity [to sell more products]. It is good news for us and our resellers."
However, Fran Howarth, a senior security analyst at Bloor Research Ltd., was more positive about the move. She said takeover rumours had been circulating about McAfee since April, with HP strongly tipped to buy the software company, and that an alliance with Intel will help it compete more effectively.
"I fully buy in to the argument that security is an increasing concern as IT and physical worlds collide, with an increasing number of devices being IP-enabled," she said. "This is revolutionising industries such as healthcare and brings benefits to all parties."
She said mobile phones are just the tip of an iceberg that includes many other devices, and that McAfee has already begun developing products for vertical markets, such as healthcare, where it offers protection to medical devices. "This will provide the opportunity for greater innovation and R&D and will allow McAfee more chances to go head-to-head with its larger competitor Symantec [Corp.]," Howarth said.
Ron Gula, CEO of Tenable Network Security Inc., which supplies the Nessus vulnerability scanner, also questioned the feasibility of hardware-based security.
"There is a lot wrong with today's antivirus model, such as tracking the sheer number of potential bad types of software. Putting this into hardware may sound promising, but I question how much can be placed into a chip," he said.
"If Intel can move the antivirus agent into hardware, I'd like some assurances that this can be patched when a security vulnerability is found with it. Antivirus software is very complex and we often run into customers whose agents are one or two patch levels behind and open to attack," Gula said. "Patching hardware or firmware is much harder than patching software."