Security Watch: Acquisitions Aplenty

Opinion: It seems that Symantec would rather gobble up companies than compete with them or develop similar products.

Last week, the number of independent companies in the security space decreased again as Symantec gobbled up Bindview, and Checkpoint ate Sourcefire, maker of the Snort open-source Intrusion Detection System.

Symantec has been on a buying rage since it underwent a $13.5 billion merger with storage leader Veritas in February.

That merger changed Symantec from a PC security-focused company to one with multiple capabilities in multiple areas.

Not just an "anti-virus" company any more, Symantec has, through its merger, become a front-runner in backup, recovery and utility computing as well.

Since the Veritas merger, Symantec has bought outright the network security player Sygate Inc. and the anti-phishing software vendor Whole Security, Inc.

And not that long ago, Symantec bought Brightmail Inc., TurnTide Inc., @Stake Inc., Liric Associates Ltd. and Platform Logic.

It seems that Symantec looks for whomever has some focused technology that appears to actually do the job; and, rather than compete with them or develop similar products, just drops a ton of money on top of the target and runs away with them tucked under their ever-increasing corporate arm.

Bindview markets an agentless policy compliance solution for businesses looking to enforce security policies while demonstrating "compliance."

Compliance in this kind of corpspeak means that it satisfies the Sarbanes-Oxley provisions for policy compliance that is a demonstrable process, not just blithely assumed to be present and active.

Symantec even says that agentless and agent-based offerings will allow clients to define and create policies based on the regulations, frameworks and standards that are relevant for specific industries.

/zimages/5/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

That sure sounds to me like SarbOx-talk, though it could include the Federal Information Security Management Act in the United States, or the Basel II financial regulations in Europe.

By buying the company, Symantec ends up with an existing out-of-the-box solution it can market right now to its big customers.

Besides, deals like this turn attention away from the (since-patched) buffer overflow flaw that showed up last week in the Symantec Antivirus Scan Engine that could let remote attackers run code on vulnerable machines.

Snort, on the other hand, has been the small players friend since it was introduced in 1998 by Martin Roesch as an open-source product.

Sourcefire was the monetarization of Snort in 2001 by the VCs.

What they did is provide a more sophisticated interface as well as reporting capabilities, all on top Snorts underlying functionality.

Theyve managed to make some decent money from those licenses, too.

But CheckPoint has all this money lying around from being first into the firewall space, and must see that the combination of the software to detect along with the hardware to affect is a natural.

Firewalls are turning into commodity boxes, just like computers.

Snort could help CP differentiate their own boxes from the rest. It sounds like a plan to me.

So, it seems that rather than these acquisitions being an example of RapaciousCapitalismGoneAmokEliminatingCompetition, both of these two deals bring a needed product into the acquirers fold in order to round out their product lines. Business as usual.

/zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.