Symantec: Searching for a strategy?

When Symantec Corp. announced plans to drop some of its security appliances late last month, a company spokesman described the move as a strategic shift that will "allow the company to develop best-of-breed solutions that meet the complex needs of today's businesses."

Days after the announcement, rumors began swirling that the Cupertino, Calif.-based antivirus giant was one of the companies that had launched a bid to acquire Bedford, Mass.-based RSA Security Inc. RSA was ultimately acquired by Hopkinton, Mass.-based storage giant EMC Corp. for just under $2.1 billion in cash.

Symantec has not confirmed or denied those rumors, but recent developments have reignited debate in the information security community about the vendor's strategic direction. Industry experts are reluctant to speculate on whether its new appliance strategy is part of a larger shift in focus, but they do agree that an update to its mission statement is long overdue.

Symantec has heft, but do they have best-of-breed capability right now? Not so much. These guys are constantly reacting to what's happening out there, and that reputation eventually hurts. Mike Rothman,

Some have suggested that Symantec should focus less on acquisitions and new products and more on integrating the tools it already offers. More specifically, customers want a centralized, easy-to-use console-based system to manage their various security tools and Symantec must do more to meet that need.

"People are looking for products and services where there's a lot of integration, with different tools rolled into one," said Mike Rothman, president and principal analyst of Security Incite in Atlanta. "In that case appliances make sense." But, he said, Symantec seems to see Microsoft as their biggest rival, so they are focusing more on their software to compete with Microsoft. To put more resources there, he said, Symantec is looking for an outside company to build whatever hardware it needs.

Rothman said he has talked to others in the industry who also wonder if Symantec has spread itself too thin.

"Symantec has heft, but do they have best-of-breed capability right now? Not so much," Rothman said. "These guys are constantly reacting to what's happening out there, and that reputation eventually hurts."

He said Symantec has a broad product line, but lacks the management linchpin that's needed for enterprises to make use of all its offerings. If the company works on a better way to hold it all together, much as McAfee Inc. did with its Total Protection launch earlier this year, then it increases the likelihood that it will maintain its status as a market leader in information security.

"They have an opportunity to integrate all this stuff into better management consoles that help customers simplify their security management environment," he said. "If the vendor offers integrated products that work well, customers will choose that over different best-of-breed tools."

Eric Maiwald, a senior analyst for Midvale, Utah-based research firm Burton Group, agreed Symantec must focus more on integrating what it has because technologies from companies it has purchased in recent years don't necessarily fit together.

" The Veritas acquisition made more sense," Maiwald said, noting its 2004 purchase of the storage software firm, "because storage and security are closely linked."

More on Symantec RSA Security acquired by EMC for $2.1 billion Strategic shift at Symantec leads to 80 layoffs Symantec readies anti-fraud data tool (2nd item) Microsoft still unlocking its security identity

In the last couple of years, he said, Symantec seems to have tried harder to offer more console-based integrated management, yet its efforts largely haven't reached fruition yet. It better happen more quickly, Maiwald added, because Microsoft is looming large in Symantec's rearview mirror.

"I think Symantec sees Microsoft as the big competitor, with Windows Live OneCare. Will OneCare hurt Symantec in the short term? Probably not. But I can see consumers ultimately deciding to go with the Microsoft solution as part of the package. That could hurt Symantec."

Maiwald said it's hard to know for sure if its decision to shift course on appliances is part of a plan to counter Microsoft, or whether it was simply eliminating products that haven't been making money.

"They were not best-of-breed in those product spaces, so I can't imagine that was profitable," he said. "I can see them chopping off network appliances to save money and put resources where they're getting better traction."

@23349 He did note a couple "interesting things" in Symantec's appliance announcement:

"When they said the underlying technology would continue to be supported, I think it means they'll apply that technology to areas that make more sense for them," he said. "But when they said they'd look for another company to make the hardware, it struck me that they didn't name any companies who might do that; which tells me they plan to kill the appliance technology altogether. It looks like they're saying it in a nice way so their customers don't run away."

In an email exchange, a Symantec spokesman refuted the theory that competition with Microsoft was a factor in its decision to kill off some appliances. He added that the company is actually moving more aggressively on product integration and that some of its acquisitions have made more integration possible.

"Symantec has already unified its Enterprise Messaging Management solution by bringing together email and IM security through the acquisitions of Brightmail and IMlogic," he said. "With recent acquisitions of key technologies from Sygate, BindView, and Whole Security, Symantec remains committed to developing complete, end-to-end solutions for our customers."

Symantec declined to make a representative available to SearchSecurity.com for an interview.

Whatever the future holds, Stamford, Conn.-based Gartner Inc. would seem to agree with the other analysts who say Symantec is in need of a course correction. In response to Symantec's announcement on the appliance front, Gartner analysts Greg Young and John Pescatore issued a paper with the following recommendations and observations:

• Do not make any new purchases of Symantec Gateway Security (SGS) or Symantec Network Security (SNS) products, other than to fill out very recent implementations.

• Organizations with SGS and SNS should plan now for replacements. This is not an immediate requirement as the products will continue to be supported by Symantec. Expect no significant improvements to the products.

• Organizations with the Symantec Enterprise Firewall (SEF) product need to consider a replacement firewall soon, since SEF is no longer supported and the SGS is no longer a contender for replacement.

Strategically, if Symantec's path forward is indeed improved integration, Rothman said, it's probably for the best that Symantec didn't acquire RSA.

"EMC is just getting into the security business and they have a lot more flexibility to spend the money," he said, "whereas Symantec is under the gun to fix its core business."

Given Symantec's many other strategic priorities, Rothman added, the price tag to acquire RSA would have been very controversial on the street, and the decision may have been hard to justify to its customers.