Intel: 'We ate McAfee to slip security into silicon'

Down below the kernel where it belongs

Beginner's guide to SSL certificates

Chip maker and now software player Intel tried on Tuesday to explain the finer points of its $7.7bn acquisition of security software maker McAfee, which closed at the end of February after jumping some European Commission regulatory hurdles.

In a conference call with Wall Street analysts, Renée James, an Intel senior vice president and general manager of the Software and Services Group, and Dave DeWalt, president of the now–wholly owned but independently standing McAfee subsidiary, did their best to explain the rationalization of the biggest acquisition that the 40-year-old chipmaker has ever done.

James said that Intel has made over 20 software acquisitions in the past three years, and many of them are of companies so small that you probably never heard of them. In September 2007, for example, Intel snapped up Havok, a gaming company with 120 employees who specialize in creating the physics engines in virtual worlds that the chip maker. Those 120 experts, who understand where gaming is and where it's going, are experts on graphics and media, and according to James they were instrumental in helping Intel come up with the feature set for the Sandy Bridge family of PC, workstation, and server chips.

She said of the 20 deals that Intel has done – gobbling 19 small software companies and one large one – the company has retained more than 90 per cent of the acquired companies' employees. What's more, Chipzilla has gained access to valuable intellectual property.

To expand into the embedded systems space, James admitted that Intel need to do "something bigger," and hence they paid $884m for embedded operating system and application development provider Wind River back in June 2009. This was a lot of money for Intel to shell out – but peanuts compared to what it paid for McAfee – to get broader and deeper access to the embedded systems market (where it wants to sell systems on a chip and other products) and to bolster its software business at the same time.

Intel, admitted James, could have bought a bunch of small companies to build up its security capabilities in a piecemeal fashion. There are thousands of vendors that together generate something on the order of $23bn in revenues (based on DeWalt saying that McAfee, with its 9 per cent of the market and generating around $2.1bn in revenues per year at its current run-rate), and Intel could have spent a lot less dough and built up a security business.

"It became clear to us that security was going to be a very important feature to help us differentiate our silicon," explains James, adding that she personally believed that the "security market will consolidate because there will be a step-function change in how security is delivered."

She said that when Intel looked at what it wanted to do to add security features to chips that coordinate with products such as the antivirus, firewalls, and other security services offered by McAfee, it became clear to Intel that it didn't just need some software, but what is in essence a security service cloud. "You need a platform to scale," James said, and McAfee had already spent five years building it.

DeWalt said that five years ago, McAfee was selling antivirus software, but has expanded into firewalls, intrusion prevention, servers, storage, and endpoint security for mobile devices, which is either embedded in the device or sold by the carriers who don't want unsecured devices on their networks.

McAfee just entered the mobile security market five months ago, DeWalt said, but in the fourth quarter alone it added 1.25 million users. Another 246 large enterprises deployed McAfee's software on their own mobile devices and internal networks. So the company has the bulk of the Fortune 500 (94 per cent) using its code to secure their PCs, mobile devices, and servers.

DeWalt trotted out the US government as an example, which is using McAfee products on 67 server clusters and 5.3 million endpoints. All told, McAfee has an installed base of over 300 million endpoints, and has amassed 500 patents as it built its products and the systems that keep its security products in step with malware.

"Malware is blowing off the charts," explains DeWalt. "I've never seen anything like it. And on top of this, the number of devices is exploding."

McAfee's products watch what is going on in real-time on the PCs, smartphones, and servers they are protecting, constantly comparing notes with the back-end security systems operated by McAfee. A year ago, McAfee was processing a million messages a day from its subscribers' systems. But with the proliferation of devices and malware – DeWalt said there are 48 million pieces of malware out there on the Intertubes – the company is now processing 6 billion messages a day from the devices that its back-end systems are protecting.

Intel spent $7.7bn on McAfee because it would take too much time and a lot of money to build what McAfee already had.

And now, because Intel owns Atom, Core, and Xeon chips, Wind River's embedded operating systems and development tools, and McAfee's security software and the back-end systems that keep it up to date, Chipzilla can start working with customers using embedded computers in all kinds of devices - printers, automated teller machines, televisions, cars, you name it - and bake the security right into the device. Wind River has 200 OEM partners, and they crank out about a billion new devices a year. That's a lot of McAfee licenses, if Intel can convert even a modest percentage from having no security to using the M shield.

While James and DeWalt were a little vague about how this will happen, the plan is to provide more security-assisting features on Intel's future chips, not only to help run McAfee software faster, but better. At the moment, security runs as a layer on top of the operating system, but Intel wants to push it down below the OS. "About 80 per cent of the malware is in the user space, but 80 per cent of the problem is in the kernel," DeWalt says. And so Intel wants to use features already in its chips – the VT virtualization and TXT trusted execution features, to name two – to do a better job securing computers of all kinds, and in the long run to push security down below the operating system kernel, where it belongs.

The important thing, as far as government regulators are concerned, is that Intel will be opening up whatever technologies it develops to help McAfee run better and more securely on devices so its competitors can take advantage of those features.

McAfee is, of course, exactly the kind of software company that HP's new CEO, Leo Apotheker, wants to buy. But McAfee would have probably been too pricey even for HP, and besides, Intel beat Apotheker & Co to the punch. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.