As Network Associates Inc. struggles to absorb yet another strategic realignment, the security industry is poised for a shakeout that could mark the beginning of the end for all-in-one security vendors.
NAI, in Santa Clara, Calif., and Symantec Corp. have long been the go-to vendors for IT managers looking for everything from anti-virus software to enterprise-class firewalls.
But now, as the companies rationalize their product lines and reassess their priorities, some longtime NAI and Symantec customers increasingly are looking to other vendors and security service providers for more of their security needs.
"When we go to buy a new security product, McAfee is generally first on the list," said Joseph Dalessio, network administrator at Major League Soccer LLC, in New York, referring to one of NAIs three remaining divisions. "But we have moved to some other products lately, and we use an MSP [management service provider] for our enterprise firewall. Its much easier."
That attitude has opened the door for companies such as RedSiren Technologies Inc., a Pittsburgh boutique security service provider that specializes in managed firewalls, VPNs (virtual private networks) and vulnerability assessments. Last week, it acquired high-end security consultant AtomicTangerine Inc. The combined company enjoys a long list of Fortune 1000 customers and partners.
NAIs recent decision to dissolve its PGP Security division, roll some of PGPs products into McAfee and put the remaining ones on the auction block was more than just another of the companys many restructuring moves; it was a tacit admission that a large, diverse product line—even one that includes the unparalleled name recognition of PGP—can be a liability.
And that may not be the end of the realignment. Sources said the company has considered selling its Magic Help Desk division as well.
"Magic is a cool product line and has good growth," said Gene Hodges, president of McAfee. "But if someone walks through the door with an offer, Id have to listen."
In addition, some customers said they wouldnt be surprised to see NAI soon move toward managed services.
"Managed services certainly make things easier, especially with large deployments and enterprise firewalls," said one NAI customer who now uses an MSP to manage his companys Cisco Systems Inc. firewall.
However, NAI officials said theyre content to sell products through ASPs (application service providers) and let them handle the management.
"Our focus is on the low-end ASPs and not becoming an MSP," Hodges said. "Managed service isnt a strategic business for us."
Symantec, of Cupertino, Calif., meanwhile, has been offering its own managed firewall, vulnerability assessment and intrusion detection services since it acquired Axent Technologies Inc. last year.