McAfee Channel Chief: Midmarket Business Ready To Shine

Alex Thurber, senior vice president of worldwide channel operations at McAfee, in a wide-ranging interview with CRN Security Editor Stefanie Hoffman, said the company has big plans for 2011, including implementation of initiatives to energize its midmarket segment and to improve ease of doing business for its partners. In addition, Thurber said McAfee will operate separately for the time being from Intel, which acquired the security vendor last month.

What follows are edited excerpts of the interview.

Let's talk about the Intel acquisition of McAfee. What does McAfee's product roadmap look like in the future? McAfee has said that they will be a separate entity, but others speculate that Intel will integrate endpoint security into the chip.

It's business as usual, before and after close. The idea is we'll run as a separate subsidiary and that things will not change. Everything we know is that we'll stay a separate entity. I've called just about every major partner we have after the acquisition, and everybody's very positive. Channel partners are very positive about it.

Sponsored post

McAfee has a variety of very strategic partnerships -- Verizon and Adobe to name a few. Did those partnerships make McAfee a stronger acquisition target?

We have a partnership with Intel too that is completely separate and apart from the acquisition.

Those are mostly made by our strategic alliance team. We have about 107 companies right now who have written their solutions to integrate with EPO (ePolicy Orchestrator) so they can communicate or pass alerts back and forth.

We've not done as good a job helping the channel understand and monetize them as we should have, so that is something that we're going to focus on. But it really ties into our whole model. If you really think about this whole idea of end-to-end security, that's relatively easy to do. So you build it in at the endpoint, you build in some network solutions, you build servers, then you add a few more products.

What really sets us aside, and something that I think our partners really get, is this whole idea of GTI, global threat intelligence. And that's something that has about 150 million sensors feeding this data into our labs and then in real time leading it into our systems around the world. So if something new pops up, we alert all the systems. Or if the systems see something that they don't understand, then it goes into our own private cloud. And that's really the secret sauce.

What's your strategy for your networking business going forward? Are you still going to focus on that going forward or is that going to go by the wayside?

As we transition a company, not only as a purely endpoint company and then transition into being a hardware company, we're transitioning every element that is moving the channel. And I think everyone would admit that the Secure (Computing) acquisition, the early phases of that wasn't as strong as it should have been. So we are spending a lot of time on that. We've done a lot of development work on the product. And I think that certainly our IPS solution is world-renowned. So that's something that's been selling very well. We brought out a new version of our firewall this spring, the V8, which is very powerful and we're now working with the channel on enablement and marketing and all the rest. That is a market that is very competitive. You look at a Cisco or a CheckPoint or Juniper, there's a lot there.

Going forward, what does McAfee's cloud strategy look like? With all of the recent channel rollouts, do the changes incorporate a cloud channel or comprehensive cloud strategy?

We acquired MXLogic. And one of the things we liked about MXLogic was its channel program was best in class. Everyone really likes it. So our goal was how do we integrate it without breaking it? What we're going to really focus on at FOCUS is how we're going to integrate a SaaS model into the regular channel. Because it is different. Once you get into that monthly recurring revenue stream, it's very effective, it's very powerful for the channel. What's exciting is that you sell it once and then the renewal rates are almost 100 percent. It's easy to renew. But how to sell it is different, so that's what we're doing, we're going to look at continuing to focus the Denver team on doing that because that's where they came in from.

So you're still in the process of integrating the MX Logic channel. How's that going?

What we've learned is that you can integrate too fast, and you can integrate too slow. We’ve been running a pilot for about three months and we've learned a lot from it. And we're definitely moving forward very aggressively on it. We will talk about that more very soon. The one thing is it's really SaaS, not just MXLogic. We provide our endpoint as a SaaS product as well.

So what does that pilot look like?

One of the unique things about the MXLogic model is this whole sales-on-demand model. It's 100 percent channel, but they have teams in Denver focused on helping the partners learn how to sell it. Again, the selling model is different. It's not just delivering a box or downloading a license. The idea is that we have a channel team that goes out and works with partners who want to be involved. And it really is a mentoring relationship. Those first few sales calls -- they're done in conjunction with the partner.

It's retraining in a way. What about the existing MXLogic partners? Are they part of that mentoring program?

They certainly have access to sales on demand, of course, because they're part of the program. But usually we find out that three to five sales -- that's what it takes. And we have access to different levels of partners, depending on if they sell or if they bill or if they provision. We have all the provisioning and the support side, depending on the level of the partner. So we've had very good success at retaining them. And we're now working to integrate them. What they're psyched about is their opportunity to sell the rest of the McAfee product line.

So it's kind of a retooling of both channels.

It's certainly integrating them so they have a broader portfolio on both sides. And you know SaaS is not applicable to everybody. It depends on the market. It's great in the SMB market. There are some large customers that would like to use it. To be honest, that's more limited. So if you're a partner interested and focused on the SMB market, you definitely need to know how to sell SaaS.

Are you trying to get that across?

Absolutely. That’s a key part of our SMB strategy.

How many of your SMB partners are making that jump?

We haven't categorized partners in the past as SMB. We have about 2,500 current MXLogic partners, so that's kind of a good base number. The idea is that they're active, even if they sell one license, they're billing every month, so they're still making money.

Next: Thurber Looks At The Midmarket

Your role as SVP of Worldwide Channel Operations at McAfee recently expanded to include heading McAfee's midmarket organization. What does your new position entail?

I'm now responsible for the midmarket, with the idea being that there's actual linkage to the channel. If anything should lead that business, it's the channel. There's a natural interconnect to bring that together. So, you know, McAfee has three primary segmentations. We have our large enterprise business, which includes global. Then we have our corporate business, which is that next tier of companies, and below that is we call the midmarket all the way down to consumer. And then obviously consumer is its own whole world.

Typically the midmarket is like the middle class -- it's one of those areas that is undefinable. And because it's undefinable, it gets neglected. Does that happen to be the case at McAfee and what are you doing to breathe more life into the midmarket space?

I'd hate to say it's neglected. If you look at our three primary businesses, consumer business is very strong, it's growing very quickly. We have our enterprise business, which has our direct sales force. It's where Mike DeCesare has put all of his efforts when he came on board to build out the direct sales force to drive with the large companies. And then we have -- DeWalt calls it the barbell -- in the middle we have the midmarket. So we've got big, big and small. The idea is to spend some real focused time there. So the midmarket will be one of our key initiatives in 2011 just to energize that non-named business and get it moving.

How are you going to do that?

Well the first thing we're really going to do is link the channel to the inside sales centers. Next year we will refine our segmentation to make it clearer as to which accounts are in which set. There's going to be a much more complete segmentation, which will help better define things for everybody. But our primary route to market is the channel, working with our inside sales centers. But that link has been broken in the past. Our inside team has spent a lot of time developing the deals, and then working at the end to fulfill through the channel. So they've been acting like mini large-scale account managers, which of course doesn't work. It doesn't build the scale and doesn't build up the trust with the channel.

So we have a whole effort around getting inside sales to the channel, getting the deal to the channel earlier, and then (the inside sales team) is there to support, monitor, help manage the McAfee side but really the channel will drive the deal, as they should, which drives the trusted advisor status and all those other pieces that make it effective.

You said earlier this year that McAfee was striving to increase business delivered through the channel. Is that still the plan?

(McAfee's channel business) is at about 83 or 84 percent right now. The goal is to take it up to 90.

Is increasing channel business part of that initiative to revive the midmarket?

I think in way it is. Right now I would say all of that business -- and I might be off by 1 percent -- I would say all that midmarket business today goes through the channel. But again it goes primarily in a fulfillment model. That's not the path to great success for growth. So by getting our partners engaged earlier, and allowing our inside sales reps to scale using the channel instead of trying to manage every deal on their own, that's how we plan to grow that non-named business and thus get rid of the barbell. Get our partners engaged, the more they can add value to the customer, the more they'll be able to support their margin in the end. And it will scale our inside teams so they can work five deals instead of just one.

You've been at McAfee about a year. What are some of the highlights over the last 12 months?

If you were to ask our channel partners, they would barely recognize McAfee today from a channel perspective from 18 months ago. We've put out an entire new channel program. It's live. The team had started working on the broad brush before I came on board. We got it announced, made it real, went live May 3. It's pretty much fully implemented. There are a couple partners who are still working through the new certifications. We want it to be fair and for them to use this as an investment. We are enforcing all the rules, not like the old McAfee. If it says you have to do this, you have to do it. So exceptions really are an exception. That's the normal course of business. That's kind of the biggest piece. That's the huge umbrella that we've worked under. The key part of that was profitability. The whole idea is being able to make more money with us. It's that investment model. So they invest in us, we invest in them. We have all the different programs behind them that we've rolled out to support that profitability.

So by enforcing the new rules and the new channel model, have you lost partners along the way who were used to the way it was? Are partners on board with the changes you've made?

Within the partner program, you have key partners, and then you have a lot of transactional partners. The partners who do one or two deals a year, we love them, but we're not going to spend a lot of time on them if they're not going to spend a lot of time on us. It's more of an opportunistic sale.

But in terms of the partners that we're really focused on, the elite and the premier partners, to them (the changes) are positive. A couple of them have grumbled 'what do you mean I have to make more investment where I bring on an additional person to do this?' But that was primarily helping them understand the difference between the new "elite" program and the "premier" program. In the old program, we didn’t' really enforce it so it doesn't really matter, but certainly with some of our acquiring partners, with the acquisitions, someone (might have) come in from Secure (Computing) and thought 'wait a minute, I had four people trained and now I have to train 12 people.' It's like, 'no, you don't have to do that. That's if you want to be "elite." To be elite means you want to sell across the whole breadth of the product lines. Or maybe that's something you drive to at some point in the future. But today, you want to be "premier" because you want to focus on network security (for example.)

Were there a lot of partners that were demoted?

I don't think demote is probably the right word. There were some partners that we helped decide if they wanted to focus on one technology versus many. But that's kind of typical. A partner has to decide how much can they and if they want to invest. How far in do they want to be? But I think in general, people are pretty positive about the new program. The one thing about the channel is it's complicated. When you really look at every element from product development through marketing and resale, those are a lot of pieces.

Next: Thurber's Channel Refinements

So going forward, are these channel rollouts going to stay in place?

Absolutely. We're going to develop the program, and we'll be announcing some new things at FOCUS -- refinements and new areas that McAfee is moving into, partly because of the midmarket, tighter linkage between the midmarket and the channel. We're really continuing to focus on the margin. The overall profitability programs, what we call margin advantage, so that's deal registration, which granted, everybody has. Ours is pretty rich but everybody has it. We have deal protection, which is pretty unusual. That's where we protect the end user discount to only one partner, which is a bit of a risk for us. If the end user says 'Hey, we want to go with this other partner,' we can say 'Okay, but you're not going to get your special pricing.' So, we're taking a risk in the channel, as we should. And then one of the [initiatives] we're really working hard on is the launch of our McAfee Rewards program. And that's our end-user points, and account manager program. It's the idea of the preloaded credit card. We've had that, and it was very successful. We relaunched it this summer and expanded what you could do with the points. The biggest thing I'm excited about is that we've added a charitable option, so you can actually donate using points to charitable causes.

The biggest thing we have next year, in addition to adjusting the program, is really focusing on the ease of doing business. Because that's the one that probably takes the longest. We're doing baby steps, but the one thing that's given me the most frustration over the year is that it's taking longer than I'd hoped it would.

Why is that?

Partly, I think it's just the complexities of all the different pieces. If you look at the value chain, moving a product from being manufactured or software being developed, then going through distribution, special pricing and all the different elements, even setting up tiered pricing -- all of those different areas. It's a process involved, even if it comes down to making changes to our IT systems. It just takes a while.

In the wake of the DAT file disaster, what have you learned?

They say great things come out of challenges or out of crisis. What I'm really proud of, is the way the company handled that. We did not lose a single tracked renewal that came up during Q2 of an impacted customer. I can't guarantee that every renewal happened. But the ones we tracked, the ones who were impacted -- customers who had Q2 renewals -- all renewed. So that just shows you this issue, this mistake, that took down networks, and because of the way we responded, they continued to do business with the company. So that was very gratifying. We did use partners. For the larger customers, we used our own response. It was an all hands on deck. Everybody we could find, went out. But we did a lot of scanning. We went out and helped partners figure out using partners to figure out what the best practices were, and help them recover. What we learned from this, because of the file that was a false positive, it took down the work station. We couldn't remotely bring it back up. It had to be touched, because it was a critical system file that lost the network.

What happened there? It seems that it was a quality assurance issue. Did you eventually trace it back?

We know exactly what happened. It was actually one of those cases of trying to do good and an unintended consequence. So we were working on a specific issue for a national agency, dealing with a virus that they had seen that was incredibly destructive. And so it was kind of an emergency response. We had to change our test bed, and I don't know exactly why we had to, but we had to change the test bed in order to run the testing. And they didn’t change it back.

We caught it in the wild about half an hour after it hit. One of our researchers suddenly saw it happen, but at that point, it took a while to pull it back down again. And so we have now implemented a large numbers of policies and procedures, including who can make a change to a test bed. And we're rolling out a number of new models to make sure this doesn't happen again. It will no longer just go through one test chain, it has to go through two. At this point, I think we have the strongest testing program in the industry to make sure this never happens again. What we did with our impacted customers, besides bring them back up again, is that we worked through with them what happened. The biggest thing is that our impacted customers want to know -- because everybody makes mistakes -- was how did it happen? So we went back and did the failure analysis, and then what are we going to do to make sure this doesn't happen again? We walked them through some of the changes that we've implemented.