Looking to solidify the companys place at the top of the security heap, Symantec Corp. executives are considering a new pricing model in which enterprises using Symantecs managed services would pay a single price for all the products and services they purchase from the company.
The pricing plan, which has been under consideration since before Symantecs recent acquisition of storage company Veritas Software Corp., would position Symantec as a true one-stop shop for an enterprises security needs, company officials said. With one of the broader portfolios of security software, hardware and managed services offerings in the industry, the new model could give Symantec a leg up on other vendors and allow the company to gain even more market share and awareness at minimal cost.
"Were moving toward a model of one price for all of our services, products and monitoring," said Grant Geyer, vice president of global managed security services at Symantec, in Cupertino, Calif. "We wont necessarily own the infrastructure, but well do the monitoring, provide the devices and the software. Its certainly part of our capability."
Currently, enterprises pay a monthly fee for managed security and monitoring services. However, like most vendors, Symantec sells its software on an annual license basis. This sales structure dictates that Symantec must essentially resell to customers every year by encouraging them to renew their licenses. Changing that model to one in which customers simply pay one fee for all their security needs would reduce costs and complexity for users while establishing a more predictable revenue stream and greater customer loyalty for Symantec, Geyer said.
"That makes perfect sense. This is a very important issue. There are only a few companies that could do it," said Ariel Silverstone, chief information security officer at Temple University, in Philadelphia. "Symantec has a lot of tools across a broad range of categories. Theyre gaining at least more customer loyalty and more stability. If its configured right, customers could add or redact offerings a la carte. It could also let you delay the costs of upgrades and have access to one support team that knows your account well."
Most MSSPs (managed security service providers) are simply service providers and manage whatever devices and software customers already have. But because Symantec is also a software and hardware developer, the company has a vested interest in having customers choose its offerings.
Symantecs plan is not unlike Microsoft Corp.s push to get enterprises to sign so-called site licenses, or volume licenses, which are good for a year and allow the organizations greater flexibility in installing software on multiple PCs. The idea behind both plans is the same: to keep customers attached to the vendors product.
The pricing change is part of a larger shift inside Symantec, especially in the managed security services area. Through expansion and acquisitions—most notably @Stake Inc. and Riptech Inc.—Symantec has built a large managed services organization that provides security monitoring as well as services such as vulnerability assessment, virus protection and device management.
Symantec is not alone. Other vendors, including VeriSign Inc. and IBM, are becoming active in the market, and, as such, Symantec officials said there are areas where the company will look to partners for help in solidifying its offerings.
"I see lot of strong partnering to fill in the gaps and weaknesses," Geyer said. "We are looking to partner. [Other] providers would have you believe that theyre the silver bullet. Theres breadth there but no depth. Id look to see them partner with the pure-play MSSPs because they dont know how to provide support for our devices or [other vendors] devices."
We Can Manage
Symantecs security offerings
* Managed firewall
* Managed IDS (intrusion detection system)
* Vulnerability assessment
* Managed virus protection