The software-as-a-service trend is forcing many vendors to come up with news ways of delivering products on-demand. In the last part of an in-depth interview with ARN's Nadia Cameron, Symantec managing director and vice-president Pacific region, David Sykes, touched on the challenges of on-demand backup recovery as well as future consolidation in the security market.
How does software-as-a-service fit into Symantec's product mix?
It's coming but I remain a little bit of a cynic. Everyone talks about software-as-a-service (SaaS) going out to the SMB. The problem is if you're establishing this kind of infrastructure, and what the go-to-market cost is, it's usually a bit higher than what SMBs are willing to pay. You've also got to have deep enough pockets to build up your critical mass so you have infrastructure costs covered. Then you can really go to market on your marginal costs and drive upwards.
There's been a couple of applications that have worked quite well. I'm not sure how many of them kicked off doing little SMB sales so much as nailed a couple of big watersheds, established their critical mass and were then able to spin down. Some have been clever about their product and been able to strip it back so they have offerings they can market at a more effective price point. I see that more around mail and exchange. But when you move to areas such as ours - backup, protection, security - they are more ingrained and don't lend themselves so easily to being trimmed and managed. It's definitely a space we are in and will continue to get into, but how we establish our core infrastructure and what markets we start with are still big decisions I think as we go forward.
It seems to me the opportunity lies in commoditised things like backup and managed desktop. You know your costs very well, there's 3-4 good players out there, and it's not so much about backup anymore as recovery management. We can back it up but then that's only half the answer. When the mud hits the fan, how am I going to recover this guy? And what if the customer doesn't want all of that, just one bit? We're doing managed desktop and that's been very successful for us and I think the Altris acquisition will be a significant contributor in bringing our marginal and infrastructure costs down. Managed backup is out there and we've got a significant investment coming in that space further down the track. Again, I suspect you'll see us trialling within the consumer space first, and there's always very large named accounts you can do a value proposition for but that's a deal by deal thing.
Recently, McAfee's CEO, Dave DeWalt, said "every major market segment goes through a consolidation period where you go from best of breed to best of suite, and the little six go down to the big three". Where are we in terms of the security market and who's going to last?
Security is still an incredibly fragmented market and it surprises me. Having run Asia-Pacific, I've seen people out there still buying individual antivirus solutions. In Australia, I think we're very well progressed on the integration curve. That isn't much of a prediction - integration is the natural evolution of all technology. I used to sell a general ledger system. Who buys just a general ledger system anymore? You buy a financial systems or ERP package.
I think Symantec will set the stage in a couple of areas - our new endpoint security solution, Project Hamlet, will change that category significantly. But it's not just about integrating security components: it's going to make a big step towards integrating recovery as well. But it has surprised me how long some of the security point players have held out, let alone the new players that have come into the spaces like antivirus. This just goes to show there is still a baseline need out there.
You'll see more consolidation at the endpoint. We've already seen it at gateway to a certain extent with appliances with the Fortinet's and Juniper's, and, again, it's interesting to see telco router capability in security stuff. The endpoint and what we're doing with project Hamlet and Symantec Client Security strips [this technology] down to a high-performance agent with broader functionality and a single console and gets smack on top of the management of it.
But we've still got a fair way to go. The thing I watch and when it's really going to heat up is when Cisco acquires an antivirus company. When that happens, that's the sign that it's all on big time.
Is it only a matter of time before Cisco acquires an AV vendor?
I just think it's inevitable for them. Their security portfolio is almost as broad as ours, but right now the telco router/hub/switching business is still a hot driver. But when they turn their focus to security in a big way ... and it's just a matter of time before we see security-enabled telco devices. The integration of these may not be as we think - it may not be the demise of all the firewall and antivirus companies, it could just be these are subsumed into more intelligent devices. I think what Juniper and Cisco are doing shows where these various components might come together. But it isn't necessarily the security stove pipes. It's bits of availability, bits of WAN-type functionality.
Australia has got to the point where nobody just buys antivirus anymore. They might still renew it, but nobody goes out and buys it. They want a fully integrated, three-tier security model which ideally includes AV, firewall, intrusion detection and vulnerability assessment. And if it's got some kind of recovery in it, that's good too. If you were going to buy a firewall today, you wouldn't just buy a Check Point firewall, you would buy a multifunction security device, a big carrier-grade gateway you can put a lot of grunt through. They are the signs of security consolidation I watch.
- For Part 1 of this interview click here
- For Part 2 of this interview click here
- For Part 3 of this interview click here