StillSecure, After All These Years

Those wild and crazy guys over at CFIUS have kept intact their undefeated season, forcing Bain, Huawei and 3Com to withdraw their joint filling for a mitigation agreement. As I wrote about last week, 3Com and company had offered to spin off Tipping Point to remove any potentially sensitive technology from the deal.  I guess that wasn't enough for those free trade dudes at CFIUS.  So the 3Com-Bain deal joins the Checkpoint-Sourcefire deal as being shut down by the government.  3Com's stock took a beating on the news.

My feeling is does any security company have a chance of being acquired by a foreign owned company? If not how seriously does this effect the value of US based security companies?  Will the rest of the world retaliate?   Will this set off a cold war in the security market? Would Mitt Romney let this happen if he were President?  Where does this leave 3Com? Generally I am a fan of lowering barriers and free trade. If Tipping Point was going to be spun off, why not let this deal go through.  Cisco could use the competition. I think that this type of heavy handed intervention by the government will come back to haunt us in the future. 

and Sears ain't no Microsoft and Yahoo! ain't KMart. Robert tries to make an analogy of Microsoft's bid for Yahoo and Sears buying KMart.  First off Robert, you should no that the Sears/Kmart deal was not so much about retail shopping and more about the real estate that both organizations owned. That was the reason for the high stock value.  But lets be clear Robert, though Google may own the search business, neither Microsoft nor Yahoo were exactly hurting.  In fact Google at best has an uphill climb to knock Microsoft down from anywhere.  Anyone who has used Google Apps can tell you that. 

Yes search is a cash cow for Google, but they have to use that cash to take on Microsoft on Microsoft's own turf - applications, OS, etc.  In the meantime Microsoft is into everything from game consoles to set top boxes and automobile software. Google in the meantime has not proved that it can monetize anything beyond search. But to be fair search is a part of this. By taking Yahoo's search business and combining it with MSN it puts pressure on Google to keep innovating in search. it pins Google down on that and could de-focus them from competing with Microsoft on other fronts.  Also, base on Google's latest financial s and stock price maybe we have seen the peak of paid search? Not to say Google is hurting either.  You are talking about an online war of behemoths in which search is one small part of the eyeball game.

It will be interesting to see how it plays out and whether Microsoft can in fact absorb an acquisition the size of Yahoo.  They have not done one this big before.  But lets be clear and lets not kid ourselves. Microsoft/Yahoo is a far, far cry from Sears/Kmart.  Now in the meantime, let me go look for the bluelight special.

Thought it was more than coincidental that yesterday we saw news that Sun was acquiring MySQL for a billion dollars (the largest ever deal for an open source company) to get into the database business, while at the same time database giant Oracle was buying application vendor BEA for 8.5 Billion.  I guess that puts the 1 billion price in perspective.  The Wall Street Journal has a good article on whether this will kick off a wave of deals in Silicon Valley. With all of the dire predictions of the economic bad times ahead, maybe this is just what the doctor ordered.  In the meantime remember that every time you think the big fish ate the little fish, there is always another fish out there that is bigger.

I was reading Andy Dornan (a past guest on our podcast) article on the recent acquisition by Aruba of AirWave Technology. Andy questions whether Aruba was interested in AirWave's technology that allows it to manage multiple vendor WAPs or was it interested in having access to AirWaves existing customers.  Putting aside for the moment that I think many pure play wireless companies will continue to be sold for disappointing returns to investors, I was reminded of a conversation I had with the CEO of public company a while back.  An MBA professor's view on M&A.  It actually makes some sense and I wanted to share it with you.

In the diagram to the right, the top left box is your present situation before acquiring. You have your present customers using your present products. In the top box on the right, you are going to do the acquisition to sell your existing products to new customers.  This is adding to the customer base and is considered a good bet.  On the bottom left you have selling your existing customers new product.  Many think this is the best acquisition type. You already have a pipe into your customer base and now you can put more "content" into the pipe.  On the bottom right is the failure box.  That is doing an acquisition to sell new products to new customers.  Generally that is just too big a leap and acquisitions that follow this strategy are doomed to failure.

So in the article by Andy the issue of whether Aruba wants to sell their technology to AirWave customers or AirWave technology to Aruba customers is somewhat immaterial, it still bodes well for the deal.  If however Aruba wanted to sell AirWave technology to new customers was the driving factor in the deal, I would say it is headed for trouble.

Well it is looking pretty clear now that if Bain and the Huawei folks want 3Com they can't have Tipping Point as part of it.  According to this article in VNUnet.com, the authorities in Washington, DC have made their feelings pretty well known.  Now the Gartner people have come out with a report that says the same thing that many of us in the blogosphere said when this deal was first announced. I personally think the buyers would rather not spin off Tipping Point for no reason other than that it represents a sizable chunk of revenue.  Hey, my attitude is if they wouldn't let Check Point buy Sourcefire, there is no way they can let Huawei buy Tipping Point.

I also wonder how this would be different if Mitt Romney were President, given that his Bain connections.  I guess we will have to wait and see.  Easy for most of us to say, but what about if you are a Tipping Point customer (especially in the US government)? 

Saw the announcement today on Sourcefire buying ClamAV.  My first thought was why and how.  How do you buy an open source project.  But that became obvious reading the press release.  All of the copyright holders of the ClamAV project agreed to sell their rights in the software to Sourcefire.  You have to admit that it is a different kind of acquisition.  I did not bother doing the math, so do not know how much Sourcefire paid. 

For those who do not know ClamAV is an open source gateway AV project.  It is very widely used within many UTM solutions and MSSP offerings.  So how does Sourcefire monetize this?  What does this mean for ClamAV's customers.  If you are an individual or corporation using ClamAV as a stand alone product, it means you will still probably have free use of the AV engine.  However, any AV is only as good as its latest update.  We will see similar to what was done with Snort, a VRT certified, pay for AV signature update feed?  Will people not paying for the feed get updated AV signatures on a delayed basis?  What about all of these people using ClamAV in their UTMs?  Will we see a "clarification" to the ClamAV license that says they can't use it as part of UTMs?  Will Sourcefire now seek to commercially license the product to all of these UTM and MSSP vendors?  I don't know, but it seems likely, based upon their past moves.

AV is not exactly a cutting edge technology but it can be a cash cow.  There are lots of options in the AV market.  If I was a UTM provider or MSSP using ClamAV right now, I would be exploring my options, waiting for the other shoe to drop here. I think this once again shows that if you are incorporating open source tools into your technology as a vendor, unless you own the copyrights, do so at your own risk.

Back in late June I commented on the OEM agreement between Senforce Technology and Novell.  The folks over at Senforce are partners of ours and I was happy to see them get a great OEM deal.  Today comes word that Novell has taken the next step here and actually acquired Senforce!  Truth be told, I had heard something about this but was waiting until official word came out to say anything.

I think this is a great deal for both of these Utah based companies.  Senforce has a home for their award winning endpoint security and Novell picks up some much needed security expertise.  I don't know anything further about details on price, etc., but do know that most of the Senforce team will remain in place.  Again congratulations to Mike Hall, Nolan Rosen, Ed McGarr, Scott Richards and all of the folks at Senforce.  It will be interesting to see what further steps Novell makes in the security space.

With all of the open source and and gossiping yesterday, I did not get a chance to comment on what I think was actually the big news story of the day.  Dell acquiring SilverBack Technologies is a strategic move for the Round Rock crusaders which further defines the new dude from Dell. First it was selling PC's in Walmart of all places. Now in one fell swoop they make a bold statement about services and the channel.

Dell tried to get into services once before.  Back when I was at Interliant we actually performed some services for Dell and their Dell Host brand.  Back then though, Dell looked at hosting services as a great way to sell more boxes. I think now the game has changed though. They realize that they need service revenue to compete with HP (their arch enemy) and IBM.

What is brilliant about the SilverBack buy is that it not only gets them into services, it gets them into managed services.  Not just a people /consultant play but a managed services play. This is a great play for high margin revenue.  Also it plays right into Dell's model. The managed services market has gotten big enough to move the needle on Dell's revenue.  They will come into the market and try to capture a large % of market on great pricing and then upsell additional services and products.

This opportunity in managed services is something that was a factor in our Cobia business model. We think a product like Cobia is a great solution for MSP's. They can drop a box into customers location and provide networking, security, VOIP and wireless and manage it centrally from a NOC/SOC.  Would love to talk to Dell/SilverBack about that!

One thing different about SilverBack in the MSP market is that they actually sell through the channel more than directly.  This could be good for Dell if they can hold on to the channel customers and not turn them off.  They wanted to move beyond selling directly and this is a great chance if they play their cards right.

A year from now we should see how important this actually becomes to the new Dell.  One thing for sure this ain't the dude from Dell of old.

Dell to Acquire MSP Platform Provider SilverBack

So Mitchell and the Hoff-meister both disagree with me on Googles intentions with the Postini deal.  They say no doubt about it, this is clearly a shot at Microsoft.  Well anytime Mitchell and Chris get together in an axis of evil without me, you have to ask why.  I did and actually commented on Christofer's article about it.  So let me take a quick moment and clarify what I said, so even Mitchell and Chris understand.

I am not saying that this is not going to put Google in competition with Microsoft or that this does not give Google a "foot-in-the-door".  I am also not saying that email is not a killer app (Mitchell, email a killer app?  That is so 1998).  What I am saying is that this is not as much about Google versus Microsoft, as it is software as a service versus traditional software.  This is equally a shot against any software vendor who delivers software the traditional way.  It just so happens that Microsoft is the dominant player in the traditional software world.

The fact is though that Microsoft itself is also moving into the SaaS world with their Windows Live line of SaaS. Microsoft agrees with Google that SaaS seems to be rising tide.  That is where the real Google vs. Microsoft battle will take place.

I am out here in Boulder this week for the StillSecure sales kick-off meetings so blogging will be slow this week.  I wanted to comment yesterday on the Google-Postini deal but just didn't get time.  However, we did record a great podcast with Steve Hanna of TCG/TNC and Amith Krishnan of Microsoft/NAP and you can look for it soon.

First a little history, I have known about Postini for well over 7 years now.  Back when I was the VP of business development at Interliant, I used to hold monthly or bi-monthly business development days, where I would invite companies that wanted to partner with us in to present to a select group of executives at Interliant.  One day the founders of Postini came in and I was struck by the passion they had for their vision, the company and product.  We had investors in common and I tried very hard to make a partnership work there.  Since that time I have watched their progress very closely and they certainly made great strides!  Congratulations to Scott and the other folks there!

I do not think that Google's acquisition of Postini is a shot across the bow of Microsoft.  I think Google goes about its business of delivering on its vision.  I think its vision is rather simple really.  Google believes that the future belongs to Software as a Service (SaaS).  As part of their SaaS strategy, they need to secure their web based apps, as well as offer security as a service.  This is not really much different than Microsofts "Live" program, also a Software as a Service play.  That is where the competition is.

Ultimately both of these large companies believe that the future belongs to software being hosted and delivered over the web.  Actually not that different than Interliant was trying to do 10 years ago with hosted Lotus Notes, Peoplesoft, Oracle, etc.  Back then we called it Application Service Provider.  Along with companies like Salesforce.com, this model of SaaS is changing the way we are going to use computers and applications in the future.

I have been busy this past week with travel and stuff so have not had a chance to comment, but wanted to put my 2 cents in on the recent bottom feeding in the security market.  Though I am happy for Aventail finding a home at SonicWall, I think the 25 million dollar price was a shock to some.  It represents a small fraction of what I understand was put into Aventail over the years and does not represent a great return on investment.  I also disagree with Tim Greene over at Network World that this will lead to a new NAC product line.  SSL VPN mash ups do not a NAC make and Tim knows better.

By itself the SonicWall-Aventail deal could be chalked up to Aventail being the last SSL VPN player standing in a game of musical chairs and they got the short stick.  However, quickly on the heels of this comes the Patchlink-SecureWave merger.  Lets face it, calling this a merger is just another way of saying Patchlink was not going to pay any cash for this baby.  Instead they authorized some more shares I would bet and just gave out more pieces in a bigger pie of stock. 

I think Rothman is right on in his analysis on this one. This is right out of the Pat Clawson play book.  Bottom feed on technology plays short on cash and pick them up on the cheap.  Pile it all up together to package to sell and move on to the next one, leaving someone else to clean it up.

The question for me is: Is anyone going to pay real value for security plays anymore?  Will everyone wait for firesales?  The answer is, the cream always rises to the top. People will always pay for value.  We may not see the heyday of 3Com's 17x revenue of Tipping Point, but quality still counts.  These deals that have gone for bargain basement numbers represent people salvaging something before going out with nothing, ala Caymas (and don't tell me Citrix paid anything more than a song for the "assets" they bought from Caymas)

Was just reading on Christofer Hoff's blog (you see I can spell your name), where he clued me in to the fact that Aventail was acquired by SonicWall for about 25 million in cash.  We had spoken to the Aventail folks a few months ago and new that something strategic was being looked at, either acquisitions by them or of them. Congrats to all of the folks there, as well as to the SonicWall people.

So is there any SSL VPN's not acquired?  It would seem that SSL VPN has made the full transition to feature from product.  They have all been gobbled up by Microsoft, Juniper, etc. and know part of remote access solutions.  Does that mean less choice and innovation for the end user. Perhaps.

I know some thing it is not, but the consolidation of the security market continues.  The latest victim acquisition is Watchfire by IBM.  The deal estimated at about 80 million by the 451 Group according to this story in Dark Reading.  Congratulations to all of the folks at Watchfire.

I had a sneaking suspicion by what I was not hearing from people about this, but today it is official, Google has cornered the feed burning market by acquiring FeedBurner.  Congratulations to Dick, Matt and the team and to Brad Feld and Fred Wilson, two of the VC's behind FeedBurner. I haven't heard price yet, but will do a little digging, still may not be able to tell you though. 

So in one week Google does at least two acquisitions. I think this one is a great one for them.  I just hope it doesn't bring any changes to FeedBurner accounts.

Interesting article by Dan Frommer in Forbes magazine. It seems one of the worst kept secrets on the street is that Avaya is in play.  Frommer's Forbes article speculates that the most likely buyer is a private equity group, such as Silver Lake Partners. Another possible suitor is Nortel.  Between them they control a good chunk of the phone equipment business. But Nortel might have too much baggage to undertake such a large acquisition.  Another possibility is Cisco.  Though there is lots of overlap in equipment, it would give them instant market share. Not really a Cisco type of play though.  The most intriguing potential buyer for me though was Juniper. 

Juniper is already a big Avaya partner, so there is a close relationship between the companies.  A big time presence in the phone equipment business would be just what the doctor ordered to re-energize Juniper's sometime lumpy revenue.  It would also allow them to go toe-to-toe with Cisco in a market where Cisco does not have an inherent first movers advantage.  I think Juniper would be viewed as being dynamic and a real player with this move. 

A question that raises is what would become of Avaya's other close partner in the networking business, Extreme Networks.  Would this put them in play as well?  Would it leave them out in the cold?  Any strategic moves on Avaya's part could have a big impact on the purple people. 

Other potential buyers mentioned were HP and Motorola. I don't think either of those are real buyers here though.  No matter how it turns out, Avaya could be a domino that starts a chain reaction in the network world of more consolidation and mergers.

Saw an article this morning about Google acquiring GreenBorder. For those who are not familar, GreenBorder puts your browsing into sort of a sandbox that is deleted when you are done browsing.  Everything you do while browsing including running active-x, java and other downloads is kept in a virtual machine, so as to not harm your computer.  GreenBorder refers to the green border around your browser while using the program to show you are protected. 

I remember playing with GreenBorder back when it first came out.  My concern was would you be able to do everything you normally do while browsing and would it slow down your browsing.  In any event, I would imagine as the article I read said, that Google will offer this for free now.  This could be just the first step by Google into security.  It will be interesting to see how they use this and where they go from here. Maybe now we know why they started a security blog ;-) What will be even more interesting is how the established security vendors react to Google coming onto their turf.  Security is increasingly becoming a game for the big boys, but it is smaller companies like GreenBorder that fuel innovation.

I guess Steve Ballmer wasn't joking about wanting to possibly do a large acquisition.  While it is not quite buying Yahoo!, Microsoft tired of being outbid by Google, today announced they were buying Aquantive, a digital marketing technology provider for 6 billion dollars, all cash!  This is an 85% premium over Aquantive's closing price Thursday.  That is not like Microsoft to do such a big acquisition and pay such a premium, but I guess the cash was burning a hole in Steve's pocket. Anyway, some folks are going to make out pretty good on this one.

Just saw where Websense bid 400m for SurfControl.  I guess the filtering business is alive and well.  Back in December there was an announcement that SurfControl had received an offer.  But the bid which appears to have the approval of both boards, represents a 40% premium over SurfControl's closing price today.  That is a nice payoff.

The companies say this will give the combined entity the breadth and depth to compete with the large global security companies (Symantec and McAfee).  While I think both companies have done a great job of bringing in revenue, I don't think that this gives them the same footprint as the big boys.  But it is another brick in the wall of security consolidation.

Reading the story of Google buying DoubleClick for 3.1 billion cash today made me reminisce back to the early days of the commercial internet, the height of the Web, the money and the companies back then.  I remember thinking back then on a particular day where my .com stocks were rocking, business was booming and I really thought we were in a new paradigm, that one day I would look back at that time as "the good old days".  How right I was. 

I remember when DoubleClick was out pioneering the on line advertising model. The argument went back and forth, do you pay CPM or per click. No matter what DC made money.  I remember the heady days down in Silicon Alley where Agency.com, Razorfish and others seemed to be major companies on the rise.  My own web hosting company, TriStar Web was based down at 55 John St..  We had a small data center there with 2 or 3 T-1 lines.  The rest of our stuff was housed out at LI.net in Smithtown.  Our competition was HiWay Hosting down in Florida, Verio (who was doing a major roll up in hosting), Value Web and the rest.  We all tried to get in good with the folks at Network Solutions who ran the domain game.  Verisign had not bought them yet. Our major marketing was by buying on line ads on thewebhostinglist.com. We only wanted to deal directly with them, figuring the DoubleClicks of the world were just middlemen who would never last (another prophetic business judgment, which is why I still have to work). 

Thinking about Google, it didn't exist.  Yahoo was still a plain page with a grey background.  No My Yahoo and stuff like that.  Their competition in search was Alta Vista (we thought they had the best technology), InfoSeek, Excite (before they were bought by @home).  IE was an up an comer trying to knock Netscape off of the throne.  My God, where did the years go? Can you believe I am still here? Where did all of these companies go? All those people I worked and partied with during those heady days. Well at least one of them really did cash out for billions after all this time.  Congratulations to the folks at DoubleClick. It has been a long strange trip.  Also, congratulations to Google, they have truly acquired one of the blue bloods of the old net.  Now lets see them continue to grow and make the business relevant in Web 2.0 and beyond.

A few months ago I heard rumors of a HP buying Symantec.  It was around the time IBM bought ISS.  Shortly after I heard that discussions had in fact been had but that the deal was not going to happen.  Now comes this article in the PC Advisor by David Margulius suggesting the deal may be back on.  Granted the reason for Margulius gives for this is receiving an unintended blackberry email to that effect.  Sounds like a another stock touting spam to me.  But he then goes into an analysis about what HP would do with Symantec's product line. Obviously, Veritas would go with the OpenView and storage business.  He also talks about Norton helping to give HP and edge over Dell in the PC business. What I think is interesting is that he does not mention what HP would do with Symantec's enterprise security business.  Is the Symantec enterprise security business not core to Symantec?  It is, but I think it is just not performing to the point where an HP type deal would not pivot around it.

Margulius thinks this deal will happen but is unclear as to when.  I think the only way this deal happens is if Symantec continues to stumble on execution and the street spanks them, driving their price downward. If it gets cheap enough, HP could find itself in a bidding war for Symantec.

Saw the announcement about Cisco buying WebEx for 3.2 billion, a 23% premium over what the stock was trading at.  Cisco claims that "as collaboration in the workplace becomes increasingly important, companies are looking for rich communications tools to help them work more effectively."  I just don't see the fit here, but I am probably missing it.  Does Cisco have something else up their sleeve?  If you have an idea on this let me know.

Sourcefire is going today and they have priced their stock at 15 dollars a share.  This is at the high end of the range they have picked.  That means they have had good response from the street and there is strong demand.  I heard the offering was oversubscribed.  With the problems that Wall Street has had these past few weeks, that is very impressive.  We should know more at the end of the day today.  Good luck, we will all be watching. their

A couple of "experts" over at ZDNet have a "get a clue" blog posting up asking if Sourcefire can monetize Snort.  I would have no problem if they would debate the finer points of Sourcefire's VRT certified rules strategy or do they think we will see a dual licensed Snort in the future.  However, that is not the case here.  Reading the article I get the impression these guys have never heard of Sourcefire before, never heard of Snort before and don't know a darn thing about open source.  All of their information is pulled directly from the IPO filing papers from Sourefire.  Can they look at any other open source companies who have been successful (there is one with the name Red in it, to give you a hint).

Anyone who has been involved in an IPO or has read one of these before knows that you have to put down every possible downside to your business plan to protect yourself from shareholder suits in case things don't go well and people say you did not warn them of the risks.  I guess I just expect more out of these tech journalists.  Another case of if you don't expect anything you won't be disappointed.

Patchlink announced today that they had taken Harris STAT off of the hands of Harris Corporation.  This is pretty much in line with their CEO Pat Clawson's plan to do acquisitions and fits the mold of acquisitions he has done in the past at other companies.  What is Harris STAT you ask.  It is a vulnerability scanner.  About 2 years ago they did an OEM deal with Patchlink, where Patchlink was integrated into their product.

If you are not active in the government market you may have never heard of STAT or Harris even.  Harris is huge in the federal market. They make a lot of advanced communications gear for the DoD.  STAT was always out of their sweet spot I thought, but with the Harris machine pushing it, it was widely used within in the various defense department networks.  I say was, not is though.  About 2 or 3 years ago DISA did a DoD wide deal with eEye and Citadel for the Retina scanner and Hercules patch manager.  Since that time STAT has basically been a dead man walking. In the 5 years we have sold vulnerability management products, we have never seen STAT outside of the government space.  The Hercules contract (now owned by McAfee) is also the reason why Patchlink has not been able to break into the DoD.  I would imagine that with this background and it not really being in its sweet spot, Harris was only too happy to offload STAT and Patchlink probably got a sweet (read cheap) deal.

Now the question is, what does Patchlink do with this?  They talk about it advancing their strategy for Unified End Point Security Management Framework.  Sounds to me like they would like to take on Big Fix from that. Not really sure this deal gets them there though. Frankly, I think they might find buying a vulnerability scanner and keeping it up to snuff in this hyper competitive market may be a bigger bite then they were looking to chew.

One of the things that strikes me with all of the consolidation in the security industry, is that some of the products being snapped up by other companies at fire sales were frankly crappy technology and crappy solutions before they were bought in the fire sale.  Now just because they have another name attached to them, are we to believe that this technology that failed before and was rejected by the market, is now transformed from the frog to the prince?  I think not.  Recent deals such as Checkpoint-NFR and Sophos-Endforce are examples where technology that the market rejected is being retreaded under a new name by the new vendor.  My take is that if it sucked then, it sucks now, regardless of whose name is on it. 

The latest example of this is the recently announced 3Com NAC solution (lets stop calling them Tipping Point, that is the name of their product, they were bought and paid for by 3Com and should wear the name proudly).  I have it on good authority that much of the "fine grained control" and other features of their recently announced NAC solution came from a yet unannounced acquisition by 3Com of a near bankrupt wireless security/NAC firm whose technology was 3rd rate at best and not great for NAC at all.  The company this came from shopped it all around town, we actually had a chance to take a good look at it and passed. So now the bottom feeders over at 3Com, without announcing the origins of this technology (the fact that they have not announced it, leads me to believe even they are ashamed of it), touts how they marry it to IPS and abracadabra, they have NAC.  I think the market is going to see right through this charade.  Putting the 3Com name on this failed technology doesn't do it.  Also, the old Tipping Point IPS technology that 3Com sells is certainly a good IPS, it takes more than that to have a real NAC proudct.  Lets stop the bandwagon jumping.

I fired off my post on the Symantec/Altiris deal early this morning, on my way out the door to my son Bradley's pre-school for special guy day. I figured by the time I got back the blogosphere would be full of commentary and I was not disappointed. I think the general consensus is that if Symantec can buck the trend and actually make this integration work, it could be a big thing for Symantec. However, most folks seem to think that Symantec will bungle the integration and wind up with a bigger pile then they do right now, rather than the endpoint stack they want. It also surprised me that people treated the size of the deal at just under a billion as rather ho-hum.  But make no mistake about it some people definitely have an angle to play here and you have to figure that into the equation.  Before I dive in, let me say that I often express my views about StillSecure competitors and have been called on it.  That is fine, you can take what I say with a grain of salt and you should take some of this with a grain of salt as well.  So here goes:

Amrit Williams, CTO of BigFix - "Symantec had a weakness in systems management, and although Altiris provides them these functions, Altiris patch management, software distribution and other capabilities were not best of breed. Although Symantec gains some capabilities it was unable to deliver to market on their own, they have a terrible track record of integrating acquired technologies, and Altiris was still in process on integrating in its own acquisitions, such as pedestal.

So big, slow moving Symantec buys a smaller systems management company  a poor architecture, and now owns three security configuration management companies in Bindview, Altiris (Pedestal) and their own ESM line - their chance of integration success is 0 and the market should be very leery of making any technology acquisition until Symantec can provide proof of execution."

Keep in mind, as part of Bix Fix's metamorphosis from mere patch management to systems management, Altiris was probably a formidable competitor. I am sure the folks at BigFix hope there is a fumble on the hand-off.  If Amrit were still at Gartner, I think more people would heed his advice.  Now, in spite of his unimpeachable reputation and morals, many look at this and have to discount the analysis.

Next up is my friend Ross Brown, CEO of eEye (Amrit is a friend too by the way).  Ross makes no bones about the fact that an Altiris/Symantec merger is competitive to the eEye/BMC partnership. After reviewing some less than stellar Altiris numbers, Ross points out the HP/Dell angle as a potential problem. He also says, "The hard part for them comes next - to make this work, they will need to rapidly integrate the products into Symantec's line (not a great track record) and then reduce redundant costs.   Integrating this into their overall architecture is going to distract an already distracted team who is busy trying to get Hamlet and Norton 360 out the door." Ross then ends with a left handed compliment, "Personally, I think it's great, ...Nothing makes me happier than press interest in a topic, but a distracted competitor..."  Again like Amrit, I don't think anything Ross says is not valid or a distinct possibility.  However, again because of the competitive angle, you may look at this and say it could be sour grapes.

So, next look at on its face a truly impartial 3rd party, Mitchell Ashley, CTO of StillSecure.  Mitchell says, "When you've got cash to burn and the core AV business hasn't gone south yet, that's a laudable strategy. And very difficult to pull off." Mitchell says Cisco has done this well, but it remains to be seen what Symantec can do.  My take on this, is like me, Mitchell has an ax to grind here.  The last thing he or I want is to see Symantec have a stronger endpoint platform that will make their NAC offering better.  So again, no dispute with the facts, but is it unbiased?

One more, view comes from Jeff Boles, analyst with Taneja Group and ComputerWorld Blogger.  Jeff's view is summed up here, "This seems like a killer deal for Symantec.  If innovatively integrated (make sure you listen to those Altiris guys Symantec), this could redefine how Symantec's whole product portfolio is glued together and in a huge way re-establish Symantec's leadership in the OS deployment and management space." Again I don't disagree with Jeff, I just think that if one had to handicap the likelihood of Symantec pulling that off, the odds would be against them.

So this is why they let the horses run the race.  All the handicappers and pundits have made their predictions.  This is more fun than waiting to see who wins, the Bears or the Colts.  It is clear that if Symantec can execute, this could be huge.  It is equally as clear that based on their track record, this is a task easier said than done. 

I am going to open the line at 2 to 1, that the integration is fumbled. John Thompson and Symantec have already bet near a billion dollars. Anyone else want to bet? We can come back in 12 to 18 months and see if you won.  Of course who are we going to believe to make the call?

Symantec continues its march down the security supermarket, tossing Altiris into the cart for 830m.  This is a 22% premium over Altiris's closing price on Friday.  Not to rich I guess, but that is a lot of Norton subscriptions right there!

When this deal is done it will give Symantec a much stronger presence in the endpoint/configuration management arena, as well as host based vulnerability management.  If they can make it work with Sygate, they would have a good NAC product potentially too.  I think this move was to counter McAfee's EPO product line and all of the acquisitions into this.  The real question to me though is how does the acquisition go. Frankly, some of the recent acquisitions appear to have not gone so well.  You also have to ask, is this a knee jerk to recent disappointing numbers over there.  In any event the march towards consolidation moves on.