It’s been a busy summer for Intel’s security business, McAfee, which it picked up back in 2011 for $7 billion and change. The company started off by finalizing its Stonesoft Oyj acquisition at the start of July, saw its public sector CTO get nabbed by the Department of Homeland Security for its top cybersecurity job, released more scary threat statistics a week later, and capped it all off with the cyber equivalent of riding shotgun for VMware’s NSX network virtualization platform, formally announced last week at VMworld.
IT Trends & Analysis recently spoke with McAfee’s VP of Product Management, Matt Glenn, about the Stonesoft acquisition and where does the company go from here. The first move is to capture a bigger share of the enterprise network firewall market.
This market, currently dominated by the likes of Check Point Software Technologies, Cisco Systems, Fortinet, Juniper Networks, and Palo Alto Networks, is expected to see modest growth (a CAGR of 0.68%) between 2012-16, according to a new report from TechNavio. Both Stonesoft and McAfee made the other vendor list, which also included Barracuda Networks, Hewlett-Packard, Huawei Technologies, Dell SonicWALL, Meraki, and WatchGuard Technologies.
Overall, the enterprise network security equipment market is forecast to outgrow that by 11X (7% CAGR) during the next five years and reach $11.4 billion by 2017, according to Gartner. The integration of the Finish-based company’s next-generation firewall technology will give McAfee one of the most complete and effective network security portfolios in the industry, it said.
If you look at our product portfolio, there really was a gaping hole in enterprise security, said Glenn. “We really couldn’t address the stateful firewall market.”
It was an issue that had to be addressed. “We were hearing very loudly from our customers that they wanted one, and they really wanted one from McAfee.”
So the company, which had made no significant acquisitions since being acquired by Intel, did a careful examination of the vendors already out there. “We took a pretty long look at the market…looked at different players, and there was this one company that kept cropping up… it was called greatest technology you’ve never heard of.”
Stonesoft’s firewall has very strong NGFW functionality, and he’s also been impressed with the engineering and security chops of the team, wrote Jon Oltsik, an Enterprise Strategy Group senior principal analyst, in a blog after the announcement that McAfee intended to buy Stonesoft. While McAfee already has a good firewall offering, Sidewinder, he said sales are pretty much limited to the U.S. Federal market.
The fact that Stonesoft has 6,500 customers globally, but virtually none in the US, made the $389-million sticker price, about 7.5x revenue, a lot more palatable. On the one hand, McAfee addresses a significant customer pain point – and sales opportunity both in the US and abroad, and on the other, it now has 6,500 other customers to sell its product portfolio to.
“The North American sales team is very interested in this,” said Glenn. “Shortly after the announcement, we heard from a number of customers who said they had been looking at it but hadn’t bought Stonesoft because it did not have a North American presence.”
Integrated network and host-based security is the wave of the future, and McAfee, along with Check Point, Cisco, and IBM, are the security vendors in the best position to take advantage of this, wrote Oltsik a couple of weeks ago. Enterprises are starting to realize this and are slowly replacing disconnected point tools with integrated security architecture solutions that cover policy, enforcement, and monitoring across hosts, networks, and even the cloud, and he predicts that demand for integrated host/network security solutions will grow precipitously over the next few years.
“In my mind McAfee has the best coverage here – especially after its Stonesoft acquisition. McAfee is also working on product integration and architecture with its Security Connected initiative. McAfee’s biggest challenge is learning to sell enterprise solutions rather than a potpourri of products.”
Several other analysts expressed similar views on the acquisition:
“With the Stonesoft acquisition, McAfee is in a position to exploit a host of potential synergies not only between its proxy-based firewall and Stonesoft’s respected stateful inspection firewall, but across its broad security products and services portfolio as well as its global footprint and channel sales presence,” said Paula Musich, senior analyst, enterprise security at Current Analysis.
“In actuality however, this move has enormous upside for McAfee with relatively few risks both on the product and services side,” said Christina Richmond, program director for IDC’s Infrastructure Security Services research practise.
Better known for its consumer security, the Stonesoft acquisition was proof that the enterprise network security market is an important segment for McAfee and Intel, said Glenn. He said as part of the McAfee’s enterprise strategy, it will move from a “company that builds and ships products to a company that builds solutions – integrated products horizontally and vertically to make them solutions to big problems. The network security business at McAfee has been very healthy for a long time.”
ESG’s Oltsik is bullish about the future. “By 2014, McAfee should be pushing a unified next-generation network security architecture targeting large enterprise and service provider networks. All the while, McAfee will improve its “security connected” value proposition to go after end-to-end large enterprise deals.”
While Stonesoft isn’t a security silver bullet, he said it just made McAfee’s overall strategy and success metrics a lot more plausible.