11 Burning Questions From RSA 2008

RSA 2008 just didn't have the same buzz it has had in previous years, which isn't probably surprising in light of the looming recession and IT spending slowdown. And while all the big guns of the industry were in attendance, all of them face varying degrees of uncertainty with regard to how their security strategies will play out in the future. In this slide show, ChannelWeb asks the burning questions that have been swirling around 11 of the channel's most recognizable security vendors.

Is The IT Industry Ready To Buy Security From Microsoft?

It's the question for solution providers to ponder now that Microsoft has rolled out the first public beta of the next version of its Forefront security platform, code-named 'Stirling.'

Craig Mundie, Microsoft's chief research and strategy officer (pictured left giving a keynote speech at RSA) revealed that the final version is due sometime in the first half of next year. Microsoft also stepped up efforts to position its consumer focused Windows Live OneCare security suite as a viable option for small businesses. Microsoft's security story is finally beginning to come together, and those who've laughingly discounted the software giant's commitment to building a security platform to compete with established vendors would be wise to starting paying attention to the software giant's moves in this space.

What Are Google's Designs In Security?

Google showed off its recently introduced Google Message Discovery service, which is based on the technology the Mountain View, Calif.-based search giant picked up in its July 2007 acquisition of Postini, which had an active channel program with more than 1700 partners.

Google, which has been slowly building its security portfolio as a way to make its hosted applications suite more attractive to enterprises, in February unveiled a set of "Powered by Postini" hosted email and messaging services. Last May, Google bought Mountain View, Calif.-based security vendor GreenBorder Technologies.

The big question is: In light of Google's reluctance to invest in building and maintaining a channel program, what future opportunities will exist for former Postini partners?

Can eEye Digital Security Find New Leadership?

Executives from eEye Digital Security, which last year parted ways with CEO Ross Brown and Marc Maiffret, CTO and co-founder, remain optimistic about the vendor's future prospects.

eEye, based in Aliso Viejo, Calif., at RSA showed off its new Retina 651 appliance, which scans networks and identifies malicious traffic. But given the intensifying competition for market share in the SMB segment, the executive shakeup couldn't have come at a worse time. Will eEye be able to right the ship and overcome the loss of Maiffret, one of the security industry's most recognizable public figures?

What's Going On With Symantec?

Recent unexplained restructuring and another round of layoffs which were announced this week does not bode well for the beleaguered company. Ironically, the corporate game of musical chairs came after CEO John Thompson (pictured above giving a keynote speech at RSA) asserted earlier this year that the company would not undergo any more restructuring.

Meanwhile, Symantec discreetly revealed Wednesday that it signed a definitive agreement to purchase application streaming company AppStream. Symantec's foray into the DLP space is a development that might sustain them in the industry for a while. However, it seems like the company is once again trying to find itself.

Whither Network Access Control?

Mirage Networks, Forescout Technologies, and Bradford Networks were among just a smattering of vendors pushing NAC, which last year was one of the dominant themes of the RSA show. Clearly, the flameouts of Caymas Networks and Lockdown Networks, and Vernier Networks' decision to shift focus away from NAC, have been like a bucket of ice water thrown onto this once red hot segment of the market.

Add in the fact that Microsoft's launch of Windows Server 2008 has set in motion the wheels of its NAC-like Network Access Protection, and you're looking at a market that appears destined for some serious shrinkage.

Will Websense Ever Dominate?

San Diego-based Websense has taken bold steps to diversify its portfolio in recent years, splashed out for data leakage prevention vendor PortAuthority in 2006, and last year picking up the remnants of SurfControl and its BlackSpider managed services assets. Websense has also rebuilt a channel program that was in shambles two years ago, bringing in Dave Roberts, one of the most popular and influential channel executives the space has ever seen.

However, while Websense isn't in any serious near term trouble, the question has to be asked: Where is the market dominance that some industry experts (and solution providers) expected would result from these bold moves? Websense still faces fierce competition from vendors that sell integrated appliance-based security solutions and services, and that doesn't look to change anytime soon.

The real question here might be: Are the significant, daring investments that Websense has made simply the price of treading water in a saturated market with tons of competition?

How Will McAfee Handle Encryption?

When McAfee announced its $350 million acquisition of encryption vendor SafeBoot last October, some solution providers marveled at the amount of money McAfee was willing to pay for its second chance to tap into the market for encryption solutions.

McAfee (then known as Network Associates) in 1997 acquired the staff and assets of PGP, makers of the Pretty Good Privacy line of encryption products. But after PGP founder Phil Zimmerman left the company in 2001, Network Associates in 2002 sold off most of the PGP product line to an independent firm, which eventually became PGP Corporation.

As McAfee prepares to add SafeBoot encryption to its ePolicy Orchestrator security management tool, channel partners are wondering: Will McAfee will get encryption right this time around?

Are CA Security Partners Seeing More Opportunities?

CA formed a new security unit late last year and inked a deal to hand over all development, research and quality assurance of its antivirus, antispyware, antispam, firewall, integrated threat manager, host-based intrusion prevention system, and secure content management products to India outsourcing giant HCL.

Last November, 26-year CA veteran and former CA Channel Chief George Kafkarkou, who heads the security unit, insisted that the HCL pact wasn't an outsourcing deal, but rather a new, aggressive investment to drive market-share gains for CA and its security channel partners.

But after CA placed dead last in VARBusiness' 2007 Annual Report Card ranking of security companies, has Kafkarkou been able to turn the tide and help CA security channel partners win more business?

Is Cisco's Self Defending Network Paying Off For The Channel?

Last year at Cisco's annual partner conference in Las Vegas, some solution providers told ChannelWeb that Cisco's messaging around security was too point-product-oriented and didn't really build on a complete end-to-end security strategy. But several others said that Cisco had been making great progress on this front.

For its part, Cisco has spent the last year articulating the value of its Self Defending Network vision by enabling more high-level integration between its product lines. Have channel partners made the necessary changes to their business models to fully take advantage of the opportunities around Cisco's security portfolio?

Is The All Channel Model Working For Sophos?

Sophos last May moved to a 100 percent channel model and began to attract the attention of VARs who for years hadn't given the UK-based security vendor much thought. Nearly a year later, solution providers are still buzzing about the bold move and say the vendor has lived up to the promises it made to the channel.

Sophos finds itself in the enviable position of being the target of a groundswell of channel interest. The only question is, will its popularity eventually create the same sort of overpopulation issues that have affected other popular vendor channel programs?

What Is A Lumension?

Patch management vendor Patchlink faced the difficult challenge of spreading brand awareness in its first RSA conference since changing its name to Lumension last September.

Patchlink decided to change its name after acquiring Luxembourg-based SecureWave last June, and reportedly chose Lumension because it's a combination of 'luminescence' and 'new dimension'.

The nuances may have been lost to many RSA 2008 attendees, however, since neither Patchlink nor SecureWave have ever occupied the upper echelons of security brand recognition.