After closing out a year of nearly twofold growth, dark horse security
vendor NitroSecurity is looking to kick off another strong 12 months with an
updated and more tightly integrated security information and event management
(SIEM) and log management package that it hopes will further engage the channel
and draw recognition for its integrated suite of security products.
A relative unknown compared with the Symantecs and McAfees of the security
world, Nitro has been steadily growing momentum with its SIEM, log management,
database activity monitoring, application data monitoring and intrusion
prevention offerings. The company has grown revenue 80 percent to 90 percent
for the last four years running, including in 2009, when it shot up by 85
percent. It has a number of high-profile customers, such as NASA and Coca-Cola.
And it is slam dunking in the sales department largely with the help of
partners—last year partner sales made up 60 percent of revenue, and Jerry
Skurla, executive vice president of marketing, says he hopes to increase that
percentage by the end of 2010.
The value proposition for partners is the integration of its monitoring
products, all of which feed into its SIEM dashboard.
"If you look at the portfolio of products that we have here, we’re
able to track a user from the very first moment that they log into a network—the
five-product suite that we have lets us do all of it within a single solution,
within a single GUI interface," Skurla says.
"One of the reasons we’ve integrated all of these together and one of the
reasons VARs like to work with us is no other vendor has integrated these
products together,” he adds. “What we find with our VARs is that it lets them
concentrate on high value-add professional services and then optimization
services as well, so that they can help someone figure out better correlation
rules, better ways to generate compliance reports, better understanding of what
types of threats, and better threat analysis and threat prevention they might
take a look at."
Nitro is building onto its unique platform with Version 8.4 of NitroView
Enterprise Security Manager (ESM) and Enterprise Log Manager (ELM), which
offers even tighter integration between the logs and the SIEM GUI. This unified
workflow and "single pane of glass" interface between the two offers a
distinct advantage over the way most SIEM and log management integrations do
it, which typically only point a user to a source log file and require
extensive work by security personnel to get to the bottom of event anomalies.
For security VARs, the benefits of logs have long been offset by the
complicated nature of actually making that information useful, says Greg Smith,
vice president of sales for BorderLAN Security, a NitroSecurity partner based
in San Diego.
"It’s just the nature of the business, but integrating network logs into
one appliance and making sense of that information is a very complex
process," Smith says. "What we keep seeing so far is that Nitro has
the ability to support all of the necessary systems that they have already,
right out of the box, without having to have an onsite engineer living there
billing them for services like many of the others do. That’s the main
difference that we see—their product can actually stand on its own without as
many of the services as others require."
As a high-end security partner, BorderLAN, according to Smith, keeps a very
tight focus on its strengths and as such only sells about eight to 10 products
into its customer environments. Nitro made the cut after extensive testing.
"We have a team of myself and some engineers, and we evaluate different
products, basically doing like our own little internal Gartner evaluation and
we come out with what we feel is the best leader not only technologywise, but
what the best value is for customers," Smith says. "Whether or not
they’re on the magic quadrant, we say, ‘This is what you should be paying
attention to today.’ And Nitro is who we have chosen as a company in this space
of compliance log management and SIEM. It has the enterprise features of
ArcSight and of the big guys that require hundreds of thousands of dollars of
implementation. It has those features and capabilities, and it’s priced very
well "
Smith believes security channel partners would do well to consider smaller
niche players such as Nitro for several reasons, first and foremost being the
technological advantages.
"Our take on what’s been going on in technology for the last umpteen years
is that customers only decide to buy the brand name solutions, which, when you
dig into it, are solutions that are typically acquisitions of a product that
never really made it on its own," he explains. "And so in almost
every scenario, they go into these new big companies with the brand name and
they don’t put sufficient R&D into it and they were never good at that
specific technology and they just sell the brand name."
The effects of this then trickle into the channel, which he believes doesn’t do
enough to buffer customers from the trouble that such a scenario can present to
their operations.
"The big integrators and resellers sell the brand names, and the customers
are sold something that doesn’t really represent the best product for what they
need," he says. "So I believe that the smaller vendors who actually
can specialize and make it on their own in the vertical probably have the best
product. That’s my feeling, and its proven true from a customer
perspective."
Choosing the right smaller vendor can also add significant advantage because
those such as Nitro may be more willing to work with their partners to assure
everyone’s success.
"We have had the pleasure—or the unfortunate experience, depending on how
you look at it—of working with a few other log management vendors, and we
haven’t seen anyone that’s as supportive as Nitro," Smith says.
"They’re channel friendly; they offer all of the things that we need in
order to invest our time and energy into making their business successful."