CRN Interview: John Schwarz, Symantec

Symantec shook up the Internet security market last month when it bought managed security provider Riptech, intrusion-detection vendor Recourse Technologies and SecurityFocus, a provider of threat and vulnerability data, for a combined $355 million. Earlier last month, the company also bought Mountain Wave, a maker of security management software and services, for $20 million. Symantec President and COO John Schwarz spoke with West Coast Bureau Chief Marcia Savage about the acquisitions.

CRN: What will these acquisitions mean for Symantec?

SCHWARZ: These four acquisitions are all designed to complement our existing strategy to reach the security buyer in the enterprise. We have a strategy to deliver an integrated set of solutions that address the full security requirements at the desktop level, server level and the gateway, and to deliver a management system that is able to deal with all of the security sensors in the network, wherever they might be and whichever supplier they may have been acquired from.

CRN: How are you going to integrate the Riptech and Recourse channel programs?

SCHWARZ: Both of these contribute to the Symantec strategy to upgrade and beef up our VAR channel. We have been focused in the enterprise space in building up our VAR channel, so having the additional highly focused security partners that Riptech and Recourse bring to the table is very welcome. Riptech has a very powerful distribution channel. They had 70 VAR partners reselling this service around the world. We intend to plug into this and not just deliver managed security, but also our products, through this channel.

CRN: Will you be maintaining Bugtraq, SecurityFocus' online mailing list?

SCHWARZ: There are concerns we might somehow be less neutral in the Bugtraq system than SecurityFocus had been. That's absolutely not so. We're going to publish an editorial policy maintaining the neutrality of not just the Bugtraq database, but also the SecurityFocus portal, which is a great information vehicle for customers. We will let the editorial team be truly independent in their publications. We will continue to provide service to everybody who is a current customer of Bugtraq, including our competitors, without interference.

CRN: Some say that Symantec appears to be going the way Network Associates did a few years ago, in terms of building through acquisitions. Network Associates has since dropped the security suite strategy. How do you respond?

SCHWARZ: Symantec has had a history of acquiring businesses. We acquired some 30 businesses over our history, all [of which were integrated very successfully, so we know how to do this.

Second, we have a strategy for delivering a security solution based on true market requirements as defined by our largest customers. Therefore, we're not putting together suites of products for the purpose of bundling them for simplicity of sale. We're developing new solutions that are integrated from technology components that either exist or we're developing from scratch. We're not on the same strategy as NAI was, bundling products for sale. We're on a strategy of delivering a managed, integrated, enterprise-focused security offering.

CRN: Will the executives from the acquired companies join Symantec?

SCHWARZ: They are all staying on board and are all being integrated into our management team. Arthur Wong, the CEO of SecurityFocus, will become the executive responsible for security response businesses for Symantec. Frank Huerta, CEO of Recourse, will become the business and technology manger responsible for the entire intrusion-detection system at Symantec. The Riptech team will become responsible for the operations of our [managed security services business worldwide [and will be led by Amit Yoran, Riptech CEO.

Photography by Eddie Milla for CRN.