CRN Interview: Symantec CEO John Thompson
In an exclusive interview with CRN West Coast Bureau Chief Marcia Savage at this week's Symantec Enterprise Partner Summit in Chicago, Symantec Chairman and CEO John Thompson talked about Microsoft's move into the antivirus market, his own company's channel and product plans, and consolidation in the security market.
CRN: Is there a main message you hope partners take away from this summit?
Thompson: The key theme for us in dealing with our partners has always been about consistency. They can expect Symantec to be consistent in our respect for them, our desire to work with them, the way we reward and incent them to do things around our products. So success here will be them walking away with a sense that nothing has changed. While they have in fact expanded their product portfolio, their focus is every bit as balanced as it's always been with leveraging our capabilities as a channel partner with their products and services. If they walk away with that, we should feel like it was a home run.
CRN: Is there anything new with your channel strategy this year? Any new goals?
Thompson: Again, consistency is the critical issue. We must work to develop a stronger value-added reseller channel, particularly for our high-end security products. We would expect a lot of the investments we've made in the last six to 12 months will start to bear some fruit for us and those partners: the change we made in our certification program, the change we made in our educational approach, and the structure of the various levels of participation of partners in our program.
All those things have been done to make sure we attract the right kinds of partners to feel like they can build a profitable business around Symantec's products and services. There's more to be done to educate our partners better about the notion of integrated security technologies, which have been a focal point in the market for a year or more now.
I met with a partner team this morning. They said, "We get it, but we have a hard time conceptually getting our customers to get it." So we need to provide our partners more marketing materials in addition to more education. Those are things clearly in our plan and things we expect to execute on continuously over the course of the next year.
CRN: Did partners explain why they encounter some difficulty with the integrated message?
Thompson: The message resonates. The question is, is the product--in their mind-- priced right? Is it structured the right way? Are there ways to change the offering that will in fact make it easier to sell it and increment a customer's way into an integrated solution? I think some enhancements we will make this year in our product offerings will facilitate that approach.
CRN: Can you talk about those enhancements?
Thompson: I'd rather not stop sales this quarter [laughter]. One of the issues is that customers would like to be able to select which of the security functions they turn on and off at the gateway. In the first release of the [Gateway Security] product, we gave it all to them. Now we'll offer a selectable option. It will still be integrated, but they won't have to use all the integrated components. That's one of the key differences. We'll focus a lot more on performance, where the performance of the new gateway product will be substantially better than the performance of version one of the product.
And there are a number of additional integration enhancements that makes the seams between the various functions--content filtering, intrusion detection--less visible. We'll incorporate the ManHunt engine from our Recourse acquisition, so we get to the point where we have common IDS [intrusion-detection system] engines now across the whole product line. So there are some significant enhancements from a packaging and integration point of view as well as technology capability and functionality.
CRN: What do you think about Microsoft and its acquisition of an antivirus company?
Thompson: I think, at least at the moment, it's much ado about nothing. GeCAD is a small early stage player primarily focused in the Linux marketplace. I doubt that will be their focus moving forward. Microsoft has acquired some technology that they will ultimately put into the marketplace as they say in a fee-based offering. Until they have an offering in the marketplace, until we know what it is targeted toward, we're not going to run around doing high-speed hand wringing at Symantec.
I think the pragmatic side of security suggests that antivirus alone is not sufficient to deal with today's blended threats. We've been on that theme for two years or more now. You need a sophisticated collection of technologies integrated at each tier of a customer's network architecture--the network tier, the application tier, the client or desktop tier--to do an adequate job of protecting today's environments. The fact Microsoft now has antivirus is interesting, but until they do something with it in a way that allows it to truly solve the threat problems of today is nothing more than a hollow promise to the marketplace.
CRN: Computer Associates has been making a big push in security too.
Thompson: I wish I had their ad budget. They need our products, and we need their ad budget.
They're doing a great job of advertising. They do have a strong position in mainframe security with their Top Secret product. We don't see them as often in the distributed security space with the likes of IDS, firewall and vulnerability assessment solutions. So they are building a strong brand for themselves. They need to perhaps focus on building some products that go along with that.
CRN: Who do you see as your top competitor?
Thompson: We see the same point product players across the spectrum--Network Associates and Trend Micro in the AV [antivirus] space, ISS in the intrusion detection space, Cisco and Check Point in the firewall space. What we're starting to see, however, is each of them--or at least some of them--starting to espouse the notion of integrated technologies, the need for multiple sensor types to deal with today's blended threats. We find that interesting, given that many of them asserted that the strategy we embarked upon two and a half years ago was foolhardy. Now all of the sudden, they find themselves needing to emulate that if they're going to deal with today's threat spectrum. We'll see who's able to run faster.
Longer term, there are potential threats on the horizon from the likes of Microsoft, obviously, and the desires of IBM or Cisco to have a stronger presence in helping customers solve what has become a truly daunting problem. It's going to be interesting to see how customers deal with the issues of choosing a security services and software provider.
We would argue there are issues around corporate governance that come into play when your network provider is also the person who secures your network. The auditors are going to have some real issues with that as they think about implementation of rule 404 under Sarbanes-Oxley. It will be interesting to see if a company like Cisco, which is a networking company, can muster enough of the software and response and services capability to really be a true integrated security player. I respect all of them a great deal, but at the same time we're not running scared from them because we think we have a slight lead in the collection of technologies and the integrated strategy we've had in place for some time now.
CRN: Do you still run into the perception that Symantec is a consumer products company?
Thompson: Oh, sure. We euphemistically said we would move from a yellow box retail company to a yellow box appliance company. While it was clever, I don't think was helpful in furthering the change of the perception of who we are and what we are.
But let us be clear, I don't ever want not to be an effective provider of security technologies to consumers or enterprises. One of the wonderful strengths of our company is we have the breadth of customers that we do. Do we need to do more to improve the marketing around our enterprise products? Absolutely. And that's why we hired a new chief marketing officer to help us raise the consciousness and awareness that the public has about all the things we're capable of doing. Janice [Chaffin] joined us from HP, where she'd been very strong contributor to HP's enterprise initiatives.
CRN: Any thoughts on what Network Associates is doing and their acquisition of a couple of intrusion-detection companies?
Thompson: It's clear they at least are starting to arrive at a point of reality about today's threat spectrum--that you need more than [anti-virus] to solve the problems of your customers. I applaud them for the awakening they've experienced. The question becomes, do they move to integrate the technologies in a way that creates an effective solution for customers, or do they continue on their theme of point product solutions, which thrust the integration task onto the desks of our customers? That's one of the problems we've tried to address in our strategy.
The actions of the last couple years would suggest to all of us that the security sector is ripe for consolidation. In the latter half of the '90s and in early 2000 period, many security companies were spawned with fairly free-flowing venture capital money. As the problems have become more complex, as customers have started to demand a more holistic or integrated approach, the little point products that have sprung up like dandelions aren't going to find an easy route to market if they're not a part of a bigger solution set.
It's inevitable that there will be a number of additional deals that will happen in this sector, or some companies will just find that they can't get to market and therefore have to close their doors. Channel partners need to be cautious about who they align themselves with to make sure they don't end up stranding themselves and their customers in what is an inevitable consolidation trend that's going on across this industry.
There are lots of attributes you want to look for in a partner. Obviously, product depth has something do with that. The broader the product portfolio, the easier it is for you to build a business around that. There's something to be said for the degree to which there's a long-standing relationship, there's something to be said about the financial strength of a company and on and on. The smarter partners are starting to come to that realization--because it costs them money to manage relationships with us--if they can build a business around one or two companies in the industry, that's better than trying to build a business around four or five.
CRN: With all these security startups, is there anything that Symantec sees out there that it's interested in?
Thompson: Every day, I get an e-mail from somebody that's got something cool. We think our portfolio is in pretty good shape for at least the areas of the security marketplace that we play in today. I don't see us in the marketplace for technology. If there were an opportunity to capture customers in that space and migrate them to a common technology platform, that would be of some interest to us. We're always looking. We're an acquisitive company, and we've done quite a few deals since I've been here and we're likely to do more.
CRN: What's your take on Gartner's proclamation that IDS is essentially dead? (Editor's Note: Market-research firm Gartner last month stated that intrusion-detection systems were a costly failure that would become obsolete by 2005.)
Thompson: I think they also proclaimed the mainframe was dead too, once upon a time. I don't take kindly to grand proclamations like that; I just don't think that's helpful to customers or the marketplace in general. [Gartner has] some valid points about first-generation IDS--that it did not deliver on the promise that it made to customers and hence more needs to be done to improve the capability of gateway-based sensors, be they firewalls or IDS sensors or antivirus filters, to deal with those kinds of problems.
CRN: What are you seeing in your customer base regarding IDS?
Thompson: Customers who bought first-generation IDS technology were disappointed, particularly network-based IDS technology because it created an enormous amount of work for them with limited value-add. Gartner's proclamation says that IDS and firewalls need to work more closely together. Well, damn, we've been saying that for two years now, hence our Symantec Gateway Security strategy, which was launched last spring.
CRN: What are you seeing in terms of driving security? Any effect from California's security breach law?
Thompson: No. I'm sure there will be over time. But let's face it, we've all been expecting a lot more spending coming out of the U.S. government. And so while there's certainly incremental interest, incremental interest hasn't translated to significantly increased spending yet.
CRN: Things haven't changed with federal spending? Is a lot of it still on hold?
Thompson: I wouldn't say it's on hold. What I call incidental buys--things they can't avoid such as antivirus, firewalls--they are doing those. As more of them deal with the report cards they got from the GAO, they're sitting back now and saying, 'I need a better plan, and that requires an investment, time and energy with a true solution provider, an integrator, to take a look at what I'm doing across my enterprise and build a plan for how I'm going to secure it better.' Not just how do I buy AV, firewalls or intrusion detection. But what are the security policies of our organization? How are we going to implement those policies in products and services, and once we've implemented the technologies, how are we going to manage the ongoing operation?
There is an enormous amount of interest in managed security services within the federal government and a growing level of interest for that at the state level. That bodes well for how we have our company positioned. It bodes well for our partners because we want them to help us sell managed security services.
CRN: Can you provide an update on your managed security services?
Thompson: It had a wonderful growth spurt last year and grew almost 200 percent. Part of that was through acquisition of Riptech, the other part was organic by investments we made prior to that. Our forecast is it will grow not at 200 percent, but in a range of 60-plus percent, which is pretty healthy growth.
The interest level around the world is phenomenal, but people have to get over the emotional chasm of outsourcing security, just like they had many years ago get over the emotional chasm of outsourcing the IT operation, or help desk, or application development. This is a logical evolution of customers looking at applying their skills in areas that are most beneficial to their companies and relying on trusted partners to do those things that they would themselves prefer not to.