On Monday, I posted a blog entry on Microsoft's acquisition of Whale Communications. I've followed Microsoft's security ambitions for many years, and I know Whale--an SSL VPN vendor--very well. The intent of the blog was to illustrate how Microsoft's true security ambitions continue to unfold, and then to speculate on what Microsoft needs to fill the gaps in its portfolio.

Now, I remember Whale when it was called an "air-gap" vendor. Some may recall that technology fell flat; you have a physical or virtual disconnect in the Internet-facing connection, then mirror traffic to the internal network. You could set up the air gap to pass only what was legitimate or complied with policy. Whale transmuted itself into an SSL VPN vendor when the market dried up for air gaps.

In writing the blog, I noted that Microsoft would probably incorporate Whale's SSL VPN technology into its Internet Security and Acceleration (ISA) Server. And I made note that ISA is not an enterprise-class perimeter firewall and did not have stateful-inspection capabilities. I was wrong about that, mostly since I was using faulty information to write the blog. That was my fault, and I should have been more diligent.

Since Monday, I have received numerous e-mails chastising me for the error; I welcome anyone pointing out my mistakes. However, I do take issue with the assertions that ISA is a proven firewall and worthy of an enterprise-class designation given its certifications. ICSA Labs hasn't certified ISA Server 2004, but had certified the 2000 version in 2002. And EAL4+ rating is an impressive achievement, and allows entry into the government market. But does this translate into sales, revenue and market share--which is of particular interest to the channel? Despite the many improvements in performance and manageability, it's not threatening the established firewalls vendors as yet.

In talking with some insiders, the day may not be too far off when Microsoft is as much of a security powerhouse as Cisco Systems, Check Point or Juniper. The addition of Whale's SSL VPN technology will only enhance the ISA offering. And, after speaking with Microsoft and others, I will now say that Microsoft needs to think beyond software if it wants to be a security player. Hardware is the key to the enterprise market, and Microsoft cannot sit behind its hardware vendors forever to bring that form factor to market. Even Check Point, the stalwart of the software firewalls, and Trend Micro relented and started building security appliances.

From a channel perspective, a vendor can have the best technology in the world, but it doesn't make a difference if there isn't a market for it. The product--firewall, business software, networking gear, etc.--has to sell if the channel is going to adopt it. Whale, for instance, abandoned its air-gap technology not because it didn't work, but because no one was buying it.

For Microsoft to be a full-fledge security vendor among its channel partners, it must expand further to the perimeter and into enterprise-class (or larger midmarket) products. That means hardware and advanced technologies (intrusion prevention, endpoint security, high-end firewalls, etc.).

That was my point, and I'm sticking to it.