ANALYSIS: Check Point Avoiding Check Mate
The grim assessment spelled out in Check Point Software Technologies' 2005 annual report is prophetic: "If we fail to enhance our existing products, develop new and more technologically advanced products or successfully commercialize these products, the results of our operations will suffer."
It's something that many in the industry have been hearing about for years. Check Point rose to great fortunes on its premier product, FireWall-1, and has a strong reputation as having one of the best firewalls and VPN combinations in the market. But as far back as five years ago, financial and technology analysts were calling for Check Point to diversify its portfolio--or risk its 60 percent margins and market-share dominance.
Zone Labs, which Check Point bought in 2003, gave it a viable consumer firewall and many of the components necessary for end-to-end security. And the launch of InterSpect, its first appliance, gave it a play in the proactive intrusion-prevention space.
Nevertheless, competition, consolidation and rivals' innovation have taken their toll on Check Point. And many say the company has stalled under the weight of slow acquisitions, micromanagement, poor field operations and an executive exodus.
"These management and personnel changes affect the attitude of everyone up and downstream, and it gives no consistency to the company's story," says Scott Holcomb, president of Holcomb Enterprises, a solution provider in Mission Viejo, Calif.
Check Point, which brought the first commercially viable firewall to market more than a decade ago, ended 2005 on a strong note with $579 million in gross revenue and $319 in net profit (55 percent). But many inside and outside the company felt momentum slipping, especially since the integration of Zone Labs took longer than anticipated.
In the first quarter, the company made an offer to buy Sourcefire, a pioneer in targeted intrusion prevention based on the open-source Snort sensor. Sourcefire would have given Check Point critical technology to complete its migration from a vendor of perimeter-based products to a provider of end-to-end security solutions. But the $225 million deal quickly went south, taking Check Point's first-quarter financials with it. Officially, regulators' concerns over national security killed the acquisition, but some speculate that it was a convenient excuse for Sourcefire to pull out. The second-quarter results brought no relief, as Check Point's revenue fell 4 percent and profits slid 16 percent.
"The amount of sales and transactions we're doing is about the same, but some of the license renewals came in lower than we expected, and the convoluted transit process they have for them requires more effort on our part," says Lou Rubbo, a principal at DirSec, a Denver-based security integrator. "The newer products also came in lower than expected, and we had to discount some of the older ones."
Performance woes weren't entirely unanticipated. In its annual report, Check Point executives painted a gloomy picture. They acknowledged that "current and potential" competitors have longer operating histories and greater brand recognition, as well as greater financial and market resources.
Although not listing them by name, Check Point warned that competitors such as Cisco Systems, Microsoft, Symantec, Juniper Networks and SonicWall might be able to more quickly adapt technology and grow their product base.
NEXT: Adding to Check Point's woes: brain drain.
Chief marketing officer Ken Fitzpatrick departed less than six months after his arrival from CA. Also gone is vice president of sales Kevin Maloney, who took a post at Network General. And CTO Gregor Freund, a founder of Zone Labs, exited for "new opportunities."
That inconsistency too often results in outright sloppiness on the part of salespeople. "I can't remember the last time I got a call from a sales guy," Holcomb says. "All these new channel programs are a waste of time and effort that could instead be used to put feet in the street and help us sell."
Some partners and analysts blame founder Gil Shwed for many of Check Point's problems, saying he micromanages every aspect of the company's operations.
"There's such an extreme amount of micromanaging going on there that no one is able to do their work in the field," Holcomb says. "As hardware sales have shrunk, the focus of management has been on getting the cream at the top 10 percent of the customer base. Then they neglect the lower-end customers."
Ungerman takes issue with such complaints. He says Check Point has restructured its field operations; sales managers are dealing directly with a specific group of partners rather than geographic territories. This allows salespeople to focus on those accounts more thoroughly than they have in the past. And ensuring strong partner management and support is important for Check Point, which pulls more than 95 percent of its revenue though the channel.
"On a macro level, we've been disappointed in how quickly we've been getting out some of our new initiatives, which is why we're restructuring our programs," Ungerman says. "If people are blaming that on our executives micromanaging things, I'd disagree with that."
Cyndy Privett, a vice president at analyst firm Viewpoint Research, says Check Point's woes are particularly ill-timed. The security industry is going through another shake-out. A private equity firm bought struggling WatchGuard Technologies. Symantec dropped its unified threat management line, a foreshadowing of its intentions to get out of appliances. Cisco continues to expand its security revenue--now more than $1 billion annually. And Microsoft hangs over everyone with its continual string of security acquisitions. While this instability is creating as many opportunities as challenges, Privett says Check Point isn't in a spot to capitalize.
"You can see how Check Point could become an insignificant niche player if they make too many more missteps."