Cyberoam Technology Gaining Foothold In Sophos UTM Portfolio

Sophos is moving rapidly to integrate its recently acquired Cyberoam technology into both the hardware and software elements of its unified threat management appliance portfolio.

A major revision of the Sophos UTM software expected as early as summer 2015 will likely add a significant amount of Cyberoam code to its current foundation, the company said. The U.K.-based security vendor said the undertaking is being prompted by Project Galileo, a significant overhaul of the product line that merges its network and endpoint capabilities

For solution providers that don't want to wait that long, Sophos last week said it is now opening Cyberoam technology to its MSP partners, making available to them within a few weeks a Cyberoam appliance that brings new features to the Sophos portfolio for managing large numbers of managed services deployments.

Cyberoam technology will play a significant role in advancing Project Galileo, the company's plan to tightly integrate its cloud, endpoint and network security products into a threat detection and response platform for midsize businesses.

Sponsored post

The Sophos SG Series UTMs launched in April run the current 9.2 version and will run forthcoming updates when they are available. The hardware itself, based on Intel processors, will likely be updated within two to four years to incorporate new technology as Intel updates is own portfolio, Sophos executives said.

Sophos' channel team is still ironing out the details about how the transition to incorporate more Cyberoam technology into the program ultimately will take place, said Michael Valentine, Sophos' senior vice president of worldwide sales. Over time, company executives believe both Sophos and Cyberoam appliances will be morphed into an integrated platform.

"We'll ride both lines simultaneously as we [build an] integrated line," Valentine said. "We think [an] integrated line will be the preferred one, but there should be no fear because we'll continue to provide support to [both]."

[Related: Sophos CEO To Partners: We're Poised To Disrupt The Network Security Market]

Sophos CEO Kris Hagerman told CRN the aggressive product road map will intensify its battle to capture a larger share of the midmarket with the retooled networking appliances. The Cyberoam acquisition in February helped Sophos expand from 100 to 350 engineers to accomplish the project, Hagerman said.

"We had these broad ambitions to become a significant player in network security and we had a really high-quality team with Astaro, but it was about a hundred engineers and we couldn't get to all of the opportunities that we wanted to deliver on," he said.

Hagerman and other executives described the security company's vision to hundreds of partners last week at the Sophos Partner Connections 2014 conference in Las Vegas. The three-day event included sales strategy sessions, a technical overview of the current product line and a description of the product road map. The company is trying to grab midmarket share from Fortinet, McAfee, Check Point Software Technologies and other vendors that are focused on moving into the upper midmarket and large enterprises.

The new security and data protection capabilities resulting from the undertaking will be integrated into a robust management interface that bridges communication between Sophos server software, mobile device management and endpoint security software with cloud-based security services. The company is adding suspicious file analysis capabilities to capture advanced threats and pulling together its data loss prevention and encryption products to enable IT managers to drill down and address policies on a single user and all of his or her devices.

Sophos soon begin offering the Cyberoam UTM appliance to MSPs because of its centralized management, its reporting capabilities and its versatility, said Jason Clark, director of sales engineering at Sophos. It is capable of supporting large-scale management and policy integration associated with complex environments and can be integrated with third-party IT management system software popular with MSPs, he said.

"This is not a new product that we're starting from scratch; it's been in a lot of MSP environments and has been very successful," Clark said. "It was built from the ground up as a solid MSP platform."

NEXT: Partners Optimistic About Changes Despite Steep Transition

Partners are enthusiastic about the company's plans. Training and other requirements associated with the rollout of the new line may favor larger MSPs over smaller ones, said Bob Coppedge, CEO of Hudson, Ohio-based MSP Simplex-IT. Despite the concerns, Coppedge said he is optimistic about Sophos' strategy and the channel management team's ability to handle the transition and continue to provide flexibility under the company's MSP model. The added security functionality brings technology that is mainly adopted by enterprises into the midmarket, Coppedge said.

"I think you have companies in the SMB market that are recognizing the fact that security is no longer simply having a firewall and antivirus software," Coppedge said. "We are still getting that message out."

Customers like the increased visibility and security they get with the Sophos line, said Brian Hess, president of Gibsonia, Pa.-based service provider TEQ Guys.

"For whatever reason, we don't get a lot of turnover with Sophos," Hess said. "The plans look ambitious, but the added functionality will be helpful in showing the value of the security services they acquire."

Sophos aims to increase functionality without adding complexity to its product line or its capabilities, targeting the larger end of the midmarket, said Lawrence Pingree, a research director at Gartner.

The research firm is projecting strong growth in the UTM market, which grew from $1.3 billion to $1.5 billion from 2012 to 2013, according to Pingree. According to Gartner, most growth in the UTM space was in China, Latin America and Asia-Pacific. Fortinet is the global market leader in the market with a 24 percent share, followed by Check Point, Dell SonicWall and Cisco Systems. Huawei, meanwhile, is an emerging contender that is quickly gaining ground, Pingree said.

Security vendors are increasingly merging endpoint and network functions and the trend could impact the sales channel, Pingree said. Palo Alto Networks acquired Cyvera for endpoint visibility and FireEye acquired Mandiant, which has endpoint security software. In the midmarket, Sophos moved in the opposite direction, acquiring Astaro to gain network visibility. McAfee was one of first endpoint protection vendors to enter the UTM space heavily and maintain a focus on it, Pingree said.

"The blending occurring between the network and the endpoint requires the sales force to engage with multiple buyers," Pingree said. "An organization's endpoint person may not be the same as the networking person."