Symantec CEO Has 3 Words: Integration, Reputation and Management

Symantec CEO Enrique Salem has three things at the tip of his tongue here at the annual RSA Conference: integration, reputation and systems management.

“We’re not tied to [specific] hardware platforms,” Salem said during a closed meeting with the media. “Our goal is to work across all of them. We want to secure your information independent of whom you use.”

The company’s multipronged approach is part of his vision of “operationalizing security.” In short, enterprises need to automate and extend protection, visibility and management capabilities throughout the enterprise infrastructure. As he put it in his keynote, IT administrators are tired of having to be “systems integrators.” 

“I dealt with a very large company in the Chicago area who said to me, ‘Enrique, you know what we want Symantec to do—to help us commoditize the infrastructure,” he explained during the press briefing. “We basically want you to be in there and say, if I want to be an EMC array, or I want to buy a NetApp filer … let me do that, but let me drive prices down for the people who buy that infrastructure by you having a common software layer that works across all of them.”

Symantec just shipped a new version of its systems management platform, Notification Server 7.0, in February. Security and systems management have to come together, Salem said. But the key to managing the entire IT infrastructure involves interoperability, which means partnering with vendors in other areas.

“I think partners and some of the folks we’re working with right now are starting to find their own custom integrations … and so they’re building custom workflows with our technology. A partner in my opinion should be creating their own intellectual property because that’s how they can drive differentiation. So if they could use our tools to do that, that’s good for both of us.”

The hope, of course, is all this will help users keep up with malware. In a recent report, Symantec noted that 1.6 million new signatures were created in 2008. Salem, like many others, noted that the traditional way of fighting malware through signatures alone is no longer feasible. Instead, Symantec is shifting more toward reputation-based security technologies.

Reputation technology, on the other hand, can give administrators the opportunity to set policies that deny applications based on factors like their age and how many people use them, Salem said.

“The idea is that we can do a few of these things that allow us to change the model,” he said.

While whitelisting and blacklisting are often discussed as alternatives to a signature-based approach, the CEO said during his keynote that both have their shortcomings. The company has already included reputation technology in its consumer products, and is now looking to build it into Symantec Endpoint Protection, Salem told members of the media.

Predicting Symantec's software-as-service offerings will constitute 15 to 20 percent of its business over the next five years, Salem said one of his goals is to reconcile the company's storage, security and systems management portfolios.

“I think sometimes people are saying, so who is Symantec? Are they the company in the data center? Are they the company that does anti-virus? Are they the company that does systems management? Part of my opportunity is to make it very clear who we are.”