FireEye, which is on the cusp of an initial public offering and increasingly gaining the attention of information security professionals for its ability to detect malware that easily gets past antivirus, could be a big win for channel partners looking for long-term services opportunities, according to the company's new channel chief.
The technology can appeal to firms with experts in position to not only deploy and maintain the FireEye appliances but also conduct malware assessments, security audits and incident response activities, said Steve Pataky, who was named vice president of worldwide channels and alliances on Aug. 26.
"I see a huge market opportunity here for security practitioners to reach a broad range of customers," Pataky told CRN. "There are various industries that demand the kind of security skills and solutions that our partners have to offer, and that demand exists across the board."
Pataky, a 25-year channel veteran, has experience in building out fledgling programs. He served in channel sales and development roles at 3Com, Vertical Networks and NetScreen. When NetScreen was acquired by Juniper Networks in 2004, Pataky said he was responsible for architecting Juniper's Partner Advantage Program, building it from the ground up.
FireEye sells appliances that provide deep behavioral analysis of suspicious files. The company's system replicates the different platforms that exist inside a business and then detonates a suspicious file and monitors its behavior to determine if its activity signals malware. The approach is being heralded by security experts for its ability to detect custom malware and zero-day exploits used in targeted attacks. Company engineers are said to be working on a SaaS-based version of the malware protection system, but currently the appliances must be set up in the company's data center.
FireEye's current program for solution providers is built on three tiers and requires resellers to market, sell, deliver and service the malware protection platform. Pataky said he will initially look at the reward structure in place and develop a framework to help initial partners see the benefits of bringing in net new sales. The good news is that FireEye already has partner advisory councils and has built its program by incorporating the advice of solution providers, Pataky said.
"There's a strong foundation, a great nucleus and great partnerships already in place, so I'll be architecting things to scale the program," he said. "FireEye has a well thought-out strategy for VARs, security integrators and two-tiered distribution and well thought-out strategy for alliances."
A recent survey from the Enterprise Strategy Group found a high number of firms testing or implementing security technologies that use sandboxing technology, virtual environments where files are analyzed before being passed on to the end user. Deployments of FireEye appliances are seen as costly and sometimes lengthy projects requiring network configuration expertise, security experts tell CRN. But, partners will not be left on their own. FireEye's direct touch sales representatives help partners with opportunities and remain involved throughout the sales cycle, Pataky said.
A heavy focus will also be placed on enablement activities, he said, providing training, marketing materials and documentation to help partners reach the right clients. Training and certifications are being customized for the various roles needed to deploy the appliances from presales training to certified sales engineers responsible for design to system architects involved with deployment and implementation and support engineers to handle system maintenance and threat response.
NEXT: FireEye Faces Strong Competition With Antimalware ApproachFireEye is getting competition with its sandboxing approach from a variety of security firms, including Lastline, Sourcefire, recently acquired by Cisco Systems, Palo Alto Networks, Zscaler and other vendors that incorporate file detonation technology in a virtual sandbox to help detect advanced malware. The behavioral analysis is being incorporated into Web gateway appliances, intrusion prevention systems and next-generation firewalls, but FireEye's Rob Rachwald said the company's differentiator is its ability to mirror the exact platforms used by a business to trick custom malware that attempts to detect whether it is being tested by antimalware technology.
"We're not using VMware here; we've created a proprietary, purpose-built virtual machine, and that gives us the ability to see the different malware callbacks, improving our detection," said Rachwald, FireEye's senior director of research. "We've built something that is differentiated in the market and proven to be successful."
The technology deserves a look, but it may not bode well with companies attempting to narrow their offerings to make their managed services practice more efficient and profitable, said Eric Hart, co-owner and operations manager at Network Performance Inc., a South Burlington, Vt., provider of networking and security technologies. As a technologist, the sandboxing technology that enables behavioral analysis of suspicious files appeals to Hart, but small and midsize businesses that rely heavily on channel providers may not be ready to invest the time and money it takes to deploy a technology offered in a new appliance, he said.
"We continue to have low-grade irritation with malware, but I don't know that many of our customers would pay for an advanced technology to address it," Hart said. "They would like to see this kind of technology built into their existing firewall."
PUBLISHED SEPT. 12, 2013