Feeds

Symantec hedges bets with large stake in hosted security

MessageLabs deal pilots security giant into cloud computing

Secure remote control for conventional and virtual desktops

Instead Symantec talks about making increased use of the whitelisting of known "good" applications and behaviour-based malware detection instead of the wisdom of crowds. It hopes these changes, prominent in its 2009 line-up of security software, will help it deal with the twin challenges of performance issues and the increasing rate of malware production by the bad guys. Meanwhile competitors are moving towards a more distributed (cloud-based) architecture for detecting and responding to threats.

Raimund Genes, Trend Micro's anti-malware CTO, told El Reg: "While other vendors have been active in cloud computing, Symantec has been consumed by by Veritas. Maybe it has woken up and decide to do more in the cloud.

"I consider Symantec to be more of a distributor of security products than a developer. It's good at acquiring and integrating firms, with the possible exception of Veritas. MessageLabs has been successful in the UK and the USA, but in other countries it has less presence."

Speaking before the MessageLabs deal was announced, Thompson denied accusations that it failed to innovate. "We spend 15 per cent of our budget on research and development. Either our people are producing a whole lot of stuff or we are wasting money," he said.

Although MessageLabs has a strong customer base, including the UK government and financial services firms, Genes reckons security as a service is most attractive to small to medium-size firms of less than 250 people.

He also notes issues for MessageLabs in keeping its technology suppliers on-side. MesageLabs uses antivirus engines from several traditional vendors as a first line of defence on messages it later passes through its in-house Skeptic engine, the technology that detected and blocked the fast-spreading Love Bug worm hours before traditional anti-virus vendors released signature definitions.

The three anti-virus engines MessageLabs uses alongside Skeptic are not something the firm likes to talk about, though it was much more open in the past. The last we heard, it used anti-virus engines from Kaspersky and Sophos. One of the three could be replaced by Symantec but to loose all of them might create headaches. Symantec uses Brightmail technology for first-line email filtering.

Genes also criticised MessageLabs as being focused on email malware at a time when drive-by downloads from contaminated websites are on the rise. This is more than a little unfair, since MessageLabs has had a range of web and IM security services, as well as partnership with web scanning firm ScanSafe, stretching back for some years. More recently MessageLabs has been among the first firms to tie together intelligence from web, IM and email security threats.

Gone Shopping

Symantec, like many of the world's largest software firms, is a serial buyer. The firm has acquired 40 firms in the 10 years Thompson has been with the firm. But Symantec has sometimes paid a hefty price. It paid $695m for MessageLabs, a firm that brought in revenue of $120m in the year to July 2008.

Google paid $625m for Postini, MessageLabs' main competitor, in July 2007. BlackSpider (another prominent hosted security firm) was bought by SurfControl for around $42m in July 2006, prior to its own $400m purchase by WebSense in April 2007.

Messagelabs gets two thirds of its revenue in Europe and around a quarter from North America, sales Symantec hopes to replicate elsewhere. Through this approach - and delivering more of its technologies as hosted services - Symantec hopes to more than recover its sizeable investment. ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.