10 Ways Sophos Intends To Disrupt UTM, Endpoint Security Markets

Sophos Network-Endpoint Linkage Builds Contextual Awareness

Partners tell CRN that brand recognition needs to be Sophos CEO Kris Hagerman's top priority. However, Hagerman tells CRN he is knee-deep in efforts to establish a cohesive security platform. Engineers are building out Project Galileo, a cloud-based management console that integrates its unified threat management platform with its endpoint and server software to bolster detection and protection. It also is integrating its acquisition of Cyberoam and plans to adopt much of the UTM maker's code-base in version 10 of the software. The firm has a 100 percent channel strategy led by Michael Valentine, a channel veteran and former Fortinet executive. In this exclusive interview with CRN, Hagerman said the company sees opportunity at the endpoint, while Symantec attempts its turnaround with impressive gains in networking against WatchGuard and Dell SonicWall.

1. Focus on SMB Firms, Pragmatic Companies

Hagerman said the company is heavily focusing on companies with less than 5,000 employees. The company also is seeing opportunity with larger firms it calls "pragmatic enterprises," which are securing multiple networks in satellite offices. "They run IT as a collection of almost small and medium size enterprises," Hagerman said. "It's not just a number of employees but the context in how a business runs its IT."

2. Cloud Business Growing, Says Hagerman

The first component of Sophos Cloud, the company's cloud-based management console, was launched in October to provide endpoint security software. Hagerman said there are currently more than 1,000 customers using the cloud-based endpoint security software and it is growing at 30 percent to 40 percent a month. Customers have initially been primarily small businesses, but the company is seeing midsize firms using it as well, he said.

3. Engineers Working On Project Galileo

Sophos Cloud currently supports managing the company's endpoint security software, but it is being built out into a fully integrated cloud-based management console that an IT administrator can use to manage all of the company's security components, Hagerman said. The components also will be linked to establish protection across the network and endpoint layers and build contextual awareness on security issues down to individual users.

The products also will run very well by themselves, but businesses will be able to simply plug in multiple components to establish more of a fully designed platform, Hagerman said.

4. Hagerman: Cyberoam Central To Product Road Map

UTM appliance maker Cyberoam Technologies helped Sophos bolster its engineering team from 100 to 350 engineers. It is moving from its Astaro code base over to new UTM software designed to support a wide variety of integration and threat protection capabilities, according to Hagerman.

"For us, the Cyberoam acquisition was fundamentally about technology and engineering scale," Hagerman said. "What we can now deliver on our road maps is far beyond what we could have done on our own."

5. Keep it Simple, Less Complex

Security is typically very poorly deployed and maintained at small and midsize businesses because they are using siloed products that are complex, and hard to manage and deploy. Sophos' message is that small and midsize businesses can easily deploy and manage its security components and simply upgrade the software over time. The company also simplified its licensing strategy to keep it simple. A best practice for decreasing the risk of successful attacks against the corporate network is to reduce system complexity, which results in configuration weaknesses and poorly maintained systems that help criminals gain a foothold, Hagerman said. Businesses with no or limited IT resources need the ability to plug in new security systems when they are necessary with a minimal amount of fine-tuning, he said.

6. Encryption, Mobile Control

Small businesses shy away from encryption and have no mobile control on their employees' smartphones typically teaming with corporate data, Hagerman said. Sophos launched SafeGuard 6.1 to manage Mac FileVault and Microsoft BitLocker encryption in one console. Support was recently added for Windows 8 and 8.1, and full file and disk encryption is supported on Macs. Sophos Mobile Control also was recently launched with both SaaS-based and on-premise versions. A single license supports multiple user devices. The company's capabilities stretch across device and application management, email and device encryption.

7. Fully Support The Channel Strategy

Hagerman said Sophos is fully backing a 100 percent channel strategy to drive sales of its products in the U.S. and overseas. The company has added personnel, regional channel reps and is boosting its training to get more partners certified across the portfolio. Partners will never have deals pulled into direct sales, Hagerman said. The company’s channel team includes Michael Valentine and Kendra Krause, two respected channel veterans from rival Fortinet. Valentine leads global channel efforts. Krause is Americas channel chief. Dell SonicWall executive John Keenan was hired as vice president of sales for North America and is helping bolster distribution relationships. "We are betting completely on the channel," Hagerman said. "We view the channel as an extension of our team."

8. Symantec Lacks A Coherent Strategy, Hagerman said

Sophos can take advantage of the Symantec turmoil. Hagerman, formerly an executive vice president at storage and server management vendor Veritas Software, also served from 2005 to 2007 as group president in Symantec's data center management business following the company's acquisition of Veritas. "The combination of Veritas and security hasn't worked, and it has caused enormous complexity and confusion within the company," Hagerman said. "We don't see Symantec as a highly relevant forward-looking player. They are casting about for a strategy that is going to work for them. The company is in disarray," Hagerman added. "The turmoil that has come over the last CEO changes and the secondary effects of entire layers of teams being removed or leaving is shocking to me."

9. WatchGuard Presence In UTM Market Declining, Says Hagerman

Sophos hopes to convince WatchGuard users into embracing its plan to create a highly integrated security platform in which endpoint and networking components communicate between each other. Hagerman dismissed WatchGuard's strategy of using other vendor security technology in its UTM appliances. Its approach where you try to take components from other vendors and then stitch them together has no real meaningful interaction between those components, Hagerman said. If you don't own any of the key IP, I think there is a question to how valuable and relevant that platform is for the future.

10. Barracuda Winning Backup, Fortinet Fighting Enterprise Battle, Says Hagerman

Sophos has no real fight to pick against Barracuda Networks or Fortinet, two firms focusing on different strategies, Hagerman said. "Barracuda is a sales and marketing engine to SMBs and they are promoting at Symantec's detriment a cloud-based backup solution that really works and is going right after Symantec Backup Exec," Hagerman said. "That is being effective for them. There aren't any real integration points between the security offerings of Barracuda and the backup, and that is just fine for them."

Fortinet has a fine channel strategy, but the company is fighting more battles with Cisco and Palo Alto Networks in the large enterprise network security market, Hagerman said. Sophos is appealing to small and midmarket businesses with its message of simplicity, he said.