Looking Back: Top 10 Security Stories of 2009

By Ericka Chickowski

McAfee Reinvigorates the Rivalry with Symantec

This year Symantec and McAfee reignited their old rivalry to levels not seen since pre-Veritas days. One only need look at Symantec's sneaky tactic in Vegas during McAfee's annual Focus Security Conference to see where this was going.  Symantec painted the town yellow in anticipation of wooing away McAfee's partners and customers--and probably to stick it to a newly recharged competitor.

On the product side, McAfee's July purchase of MX Logic for $170 million helped the company solidify its security SaaS model and laid the groundwork for new opportunities for the channel to offer a wider base of products with that all-important recurring revenue model, putting greater pressure on Symantec. And from a strategy perspective, it brought on some heavyweights to help guide its channel strategy: Fernando Quintero as vice president of channels for the Americas and Alex Thurber as senior vice president of global channel sales

Barracuda expands SaaS with PureWire

Barracuda should be set to tangle with Websense and Blue Coat in a big way in 2010, as the company sees the fruits of its labors from the October pick-up of PureWire. With considerable momentum behind it after just an 18-month existence, cloud-based PureWire offers Barracuda a technological boost in URL filtering, malicious-code detection and application controls for Web-based applications. Known best for its less-channel-friendly appliance-based security model, Barracuda will be able to leverage PureWire's SaaS to give channel partners more ways to deliver content security.

"This will not just leverage a particular menu of appliances or cloud, but a hybrid model, which we'll make available in a matter of months," Stephen Pao, vice president of product management at Barracuda, said in October.

Additionally, the acquisition brings Mike Van Bruinisse, a long-time security pro and former founder of PureWire to Barracuda to help lead the company's enterprise sales strategy.

Cisco buys ScanSafe

Cisco's announcement of the $183-million purchase of ScanSafe followed hot on the heels of the Barracuda-PureWire deal, further confirming the relevance of content security as companies. But while the Barracuda purchase promised to offer the channel more choices in how to sell content security, Cisco's snagging of ScanSafe could well completely shift the paradigm of enterprise content security altogether.

Upon close of the deal this month, Cisco announced that it would integrate ScanSafe directly into its network infrastructure, pointing to the future of such protections.

However, this still won't likely make standalone web security completely irrelevant. There are still plenty of non-Cisco shops around and new threats crop up each day.

Webroot Clawing Its Way Back Into Relevance

Webroot is finding its way again after losing sight of its identity over the past several years. Suffering a bit from jack-of-all-trades syndrome, Webroot was expending considerable energy trying to figure out if it was an enterprise security or a consumer security company. It dedicated a lot of resources to its consumer retail push, only to find its enterprise practice floundering.

2009 was the year for the company to turn the ship around and reinvest in its enterprise roots. This year saw  the installment of a new CEO and the launch of a hybrid SaaS product set. Webroot also brought on Jerry Jalaba, the experienced channel chief who built up Postini prior to its acquisition to Google, to reengage its channel partners.

Microsoft launches new version of ForeFront

Microsoft picked up steam in its battle for relevance and legitimacy in the enterprise security market this year. The company reported that participation in the security competency within the Microsoft Partner Network increased by over 20 percent this year, with considerable channel pickup for the enterprise flagship, Microsoft Forefront. The company hopes to continue the trend with a refresh to Forefront Threat Management Gateway 2010 and Unified Access Gateway.

Microsoft also sweetened the pot for channel partners selling Forefront with the 2009 introduction of its Security Software Advisor (SSA) program, designed to reward security VARs for selling Forefront and packaging up the sale with other related Microsoft products.

The Great Security Giveaway of 2009

In a year with an economic climate that has demanded IT departments perform more miracles with fewer resources, many vendors have been scrambling to provide ways for customers to do more with less. On the security front, 2009 has been the year of the "F-word": free.

In September, Microsoft rolled out its free Microsoft Security Essentials antivirus offering. Sophos and HP partnered to give away free server antivirus to HP Integrity customers. Sophos also offered free DLP with its network-based antivirus.

Meanwhile, Panda Security continued to give away free basic antivirus applications and services in order to develop leads for its partners and inside sales teams. And Astaro decided to take the same tack in November by offering up its Astaro Security Gateway Essential Firewall for free.

All of these perks, products and feature offered gratis have provided partners with a quick and easy way to offer their security customers greater value on more deals--even if some of the giveaways were more gimmicky than others.

Managed Security Comes of Age

After a big wave of consolidation in the managed security service provider (MSSP) market in recent years, the numbers from 2009 seem to bear out the fact that the MSSP marketplace has finally matured into a great opportunity for the channel. According to a report released by Infonetics in June, the revenue service providers derive from managed security services is forecast to grow 78% from 2008 to 2013 worldwide.

"Despite the global economic meltdown, the security services market is strong and growing," said Jeff Wilson,  Infonetics Research’s principal analyst for network security, in June, "driven by increasing global demand from organizations of all sizes due to the proliferation of threats of all types, the complexity of current security solutions, and the desire of many service providers to add revenue and improve margins. "

Some may say, in fact, that MSSP's maturation did not blossom in spite of the recession, but perhaps because of hard times. Customers who may have once been resistant to giving up internal control of the security infrastructure have become much more amenable to talking seriously with solution providers who have built out their offerings considerably in recent years and are all-too-ready to add value to these customers' operations.

Perhaps none so ready as SecureWorks and its cadre of channel partners who use the SecureWorks platform to white-label its service offerings. The company continued its growth considerably in 2009 with two big acquisitions: a July $45-million purchase of VeriSign's managed services division and the most recent December buy of UK-based dns Limited.

IBM Validates Database Security

Where better to protect the data than in the main repository for most corporate information: the database? This has been the rallying cry for several years now among security analysts and proponents for the database activity monitoring (DAM) market.

Clearly, their declarations have gained traction within the enterprise and the security market in general. The biggest sign of this shined through earlier this month with a $225-million IBM acquisition of the largest standalone DAM in the market, Guardium. Analysts proclaimed the price tag was a huge validation of the importance of database security in general

What the purchase itself means for Guardium partners and the IBM channel at large still remains to be seen, though some of Guardium's competitors remain skeptical of its ability to properly support and integrate the technology within the IBM schema.

Fortinet IPO

Even without the name recognition or clout of some of the larger security and networking players, Sunnyvale, Calif.-based Fortinet managed to make a big splash with its IPO in October. The fourth-biggest IPO of the year, Fortinet's share increased by 33 percent during the IPO.

As Channel  Insider's Larry Walsh explained in his analysis at the time, "the successful Fortinet IPO shows confidence in the security appliance market, even as the world migrates to the cloud. Investors are signaling their belief that companies large and small will continue to spend on on-premises security solutions, which means continued opportunity for vendors and solution providers."

Not only that, but Channel Insider expects 2010 to see Fortinet to make a post-IPO marketing push to improve its market share and grow its customer base. That could mean very good things for partners and potential new partners.

ConSentry Closes Its Doors

The final nail in the coffin of what was once the standalone network access control (NAC) market, ConSentry Networks announced in August that it was turning the lights off on an operation that at one point was heralded as one of the biggest up-and-comers network security. Unfortunately for ConSentry (and its partners), pure-play NAC never quite sold the IT buyers the way it did the analysts and industry sycophants. The ConSentry shut-down followed in the footsteps of other NAC vendor failures, most notably Lockdown Networks and Caymas, after many of the big players either started building NAC functionality into endpoint security products or directly into networking infrastructure.

Leaving existing customers and partners up the proverbial creek, the sunk ConSentry offers a valuable lesson to the channel about the niche security companies.

Sometimes the brightest niche players can't survive with the best of technologies if it's going to force customers to rip and replace. It usually pays to hitch with more established player that has slightly less secure but more deployable technology, along with vastly more resources to help you sell it.

This article was originally published on 2009-12-18