Anti-malware Vendors Stare Down Microsoft ThreatBy Matt Hines | Posted 2006-03-28 Email Print
How Real-World Numbers Make the Case for SSDs in the Data Center REGISTER >
News Analysis: While some experts have predicted that the arrival of Microsoft's Vista, along with several stand-alone security products, will threaten independent security vendors, many malware fighters say they aren't worried.Microsoft disappointed investors and other market watchers the week of March 20 when it announced that its next-generation Vista operating system would be delayed until 2007, but one group of companiesthose that produce security applications used to defend desktop computers and the networks they run onmay have breathed a temporary sigh of relief.
Vista will hit the market primarily as a desktop operating system upgrade, an area where Microsoft's market position has remained dominant over the last decade.
However, the software also represents Microsoft's most aggressive effort to date at spiriting away some of the money its customers spend on security applications meant to protect earlier versions of Windows.
Most industry watchers concede that it will be hard for Microsoft to easily displace the enterprise security businesses of leading vendors such as Symantec, McAfee and Trend Micro, which market integrated packages of applications to companies wishing to solve long lists of problems.
However, for firms that are focused on only one of those problem areas, analysts said, Vista and the other Microsoft security products could pose a significant threat.
"Vista itself is going to have a moderate impact on the security market in the short term, with people like independent anti-spyware vendors feeling the most pressure, and companies like Symantec more worried about their future plans," said Andrew Jaquith, an analyst with Boston-based Yankee Group. "I don't think we'll see enterprises putting off security decisions to wait for Vista, but Microsoft does enter the market as a top-tier vendor based on its size and distribution channel."
Even more so than by Vista, Jaquith said, security vendors are already threatened by the software giant's stand-alone security products, including the Microsoft Client Protection package, which aims to fight many different types of malware.
Next Page: Independent vendors say they still have the edge.
Jaquith, who pegs today's Windows security software aftermarket at roughly $3.6 billion, said companies are increasingly looking for integrated defense applications that address multiple forms of malicious code, which will give Client Protection an advantage and challenge some of its rivals.
One company likely to be caught in the crossfire will be Webroot Software, which markets applications for battling threats such as spyware, browser-borne pop-ups and e-mail spam to large companies such as ISPs.
Jaquith and other analysts said Microsoft is likely to drive down the price for such applications with its security efforts, cutting at the heart of the rival firm's business.
David Moll, chief executive at Webroot, in Boulder, Colo., said he is amazed at how quickly experts are ready to believe that Microsoft's malware-fighting tools will be strong enough to serve the needs of business customers.
As many of the problems addressed by his company's products are often blamed on flawed design of Windows software, the CEO expressed skepticism that people will trust Microsoft's security products right away.
"It would be foolhardy for us to think that Microsoft won't affect the market, but less so than those who are saying [Microsoft] will be able to solve all the problems we fight on a daily basis in keeping up with new attacks," Moll said.
"People don't acquire an anti-spyware solution to save money, they do it to solve problems; to the degree that Microsoft is incapable of addressing those problems, the market for products like ours will remain strong," he said.
Moll concedes that for sales to consumers, many of whom buy shrink-wrapped security software at retail stores, Vista and the other Microsoft security products will increase competition and erode pricing. But among enterprises, he said, it seems unlikely that companies battling vulnerabilities in Windows today will be ready to put their faith in the software giant.
One of the fundamental challenges Moll said he sees in Microsoft's attempts to fight something like spywaremalicious programs secretly loaded onto computers to capture Web usage information and personal datais that the effort will demand that the company devote significant time and resources to the business, and will require that the firm respond quickly to newly emerging threats. Speed to market, as evidenced by the Vista delay, hasn't been one of Microsoft's strong suits.
"It's a big question whether or not Microsoft can operate at the stopwatch times that the security industry demands; the nature of the business is very different from supporting other types of software, and they haven't been forced to operate like this in the past," Moll said. "And if security companies who are 100 percent focused on these sorts of threats are struggling with all of this, how does a more broadly focused software company do a better job?"
Next Page: Symantec says specialization means protection.
Symantec, based in Cupertino, Calif., is one of Microsoft's largest partners and the firm widely considered the leader of the anti-virus software market.
Symantec executives said Vista and the other Microsoft security products may help prevent some of the problems experienced in the past by Windows users, but contended that the ever more sophisticated nature of viruses and other IT attacks will keep Symantec busy for many years to come.
At the end of the day, said Enrique Salem, a senior vice president in Symantec's Consumer Products and Solutions business, Microsoft isn't as concerned with jumping into the security applications business as it is interested in selling more copies of its operating system.
"In the enterprise specifically, the security agent that protects the endpoint is important, but administrators will still want new capabilities, better reporting and more centralized tools for outbreak protection, and that's not what Microsoft is talking about doing," Salem said.
"Customers want to have layers of protection, and Microsoft is adding a new one, but security isn't all about the operating system, and most companies run a lot of other devices that are not on Windows anyway; there will always be new problems for companies like Symantec to solve."
Salem pointed to the fact that many types of software companies, including segment leaders such as EMC in the storage market and Cisco in the networking space, are adding security features to their products in order to help appease customer demands for better protection. Those tools may help address certain known issues, but that doesn't equate to the same level of protection as having a huge company like Symantec focused on looking out for new problems, he said.
Other security vendors are taking a similar approach. Steve Orenberg, president of anti-virus specialists Kaspersky Labs, in Woburn, Mass., said that for every problem Microsoft addresses with Vista and its other security products, there are likely to be new issues that will demand attention from companies such as his.
Vista might do a good job of blocking the types of spam e-mail that people have been deluged by over the last several years, Orenberg said, but the rapid maturation of viruses and other threats will require more attention than Microsoft is capable of giving them.
"The level of sophistication has greatly increased and no matter what defenses are out there, ultimately there have been people finding ways around existing protections, so you'll always need independent anti-virus providers," Orenberg said. "We'll be the ones developing the new anti-virus technologies, and staying ahead of the curve so that companies like Microsoft can continue to market their products even as the new threats mount."
Unsurprisingly, some security experts roll their eyes at the very mention of Microsoft and security in the same breath, as so much of the work done in the industry over the last decade has been aimed at plugging holes in Windows. Richard Stiennon, chief researcher at IT-Harvest, in Birmingham, Mich., expressed doubt as to Microsoft's ability to launch security products that have any real impact on customers' overall IT safety.
"We've seen how experts like Symantec and McAfee have screwed up in the past, so you really have to wonder what Microsoft can do based on its own history with Windows and numerous vulnerabilities," Stiennon said. "If any enterprises out there are waiting for Vista to help them, that's a huge mistake, because if they're fed up with Symantec and the others, I think they'll be even more disappointed by what Vista offers."
Check out eWEEK.com's for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.