From: Greg Jensen (MKT-US)
Sent: Friday, August 20, 2010 1:53:27 AM
To: Dan Reis (MKT-US)
Cc: Rik Ferguson (SOS-EMEA); Edgardo Diaz (AV-US); Juan Castro (SAL-LA);
Subject: RE: NEWSBANK :: Intel-McAfee: Horseless Carriage Vendor Buys Buggy-Whips [FORRESTER]
Auto forwarded by a Rule
Intel better acquire a "Flash Mgmt" firm, and start working up messaging to their enterprise customers who will say "We only allow hardware flashing on scheduled downtime of our enterprise servers every other month". LOL Reality is… customers don't stay on top of hardware ROM updates any better than software. Far worse in fact. SO to think that enterprises will allow them to flash something, force a reboot, and possibly impact other aspects of the ROM code that could cripple the server….. I think Intel is dreaming.
The other aspect is, I just don't see how you can fully "embed" all of this on the chip. There will always be some kind of hook to the OS required through an agent or driver. So how much do they continue to weigh down the OS with this agent? How much are they really off-loading.
Is an enterprise really going to buy all new hardware at every point? What do they do about AMD boxes in the network? They still will need protection for these devices.
This smells like Cisco NAC all over again. When corporations realize the massive investment involved just to get something as simple as anti-malware protection, I think Intel will wake up to some realities.
Now, when reality hits, I do think this will be an interesting investment. Best thing they could do is to follow the HP model (Tipping Point) and allow them to operate on their own. Fund them for growth, but don't mess with them. I think that is the more realistic thing. I feel Intel may look to ways they can hook some security into the chip, but not all of it. I know those guys well and they would never sell themselves off into oblivion unless they saw a model that increased software sales, not decrease it. Intel should look for ways to leverage their security expertise, but the McAfee team will most certainly wake Intel up to some realities, if they haven't done so already. I will be more skeptical of this, once I hear McAfee themselves, talk about embedding on the chip. If THEY say it…then I know both Intel and McAfee have lost it. J
I agree with you, whether it's pattern file, the engine, whatever, it is not trivial to fix issues with embedded software, particularly in this instance when it could be pervasive across millions of devices…what if there is a problem with the update (a deleted executable by mistake…aka McAfee), what would they do then? And what do you do if this is all embedded in medical devices? I think I would prefer the flexibility of our solution as any ripple effect of a mistake can be caught and remedied much quicker and more easily.
I think the bigger question is not so much pattern files, but the engine itself. What if advancements are needed? How does intel update the "engine inside"? What if there is a flaw or vulnerability discovered? Do they ask 20 million pc owners to do a hardware flash? For what....an incremental boost in performance over the 8-core device it underpins. Intel has roadmaps that include 48 core processors over the next several years. Do the really feel customers are gonna buy the performance argument of security on the chip then?
On Aug 19, 2010, at 12:08 PM, "Dan Reis (MKT-US)" <firstname.lastname@example.org> wrote:
Also, there is a history of companies trying create security systems using ASIC, etc. and it has a lot of inherent problems, such as updating, what do you do, re-flash your firmware every time you want to update your pattern file? What does that do to the rest of your settings….
And another thing :) (I have to keep pulling over to type this stuff)
The idea of embedding security in mobile devices may sound like a good idea in theory. When you consider though, that security can be resource intensive and battery power is a finite resource, then surely the right place for the lion's share of mobile security processing is actually *off* device, into the cloud, right where we already have it :)
Sent from my mobile, excuse fingers.
On 19 Aug 2010, at 17:02, "Rik Ferguson (SOS-EMEA)" <email@example.com> wrote:
To my mind the key message here is one that our sales folks across the globe should be grabbing with both hands and embracing.
Go and talk to all the McAfee customers you know, ask them how well the message of marrying security to hardware resonates in a world that is increasingly virtualising, remind them about LANdesk and then offer them a license buyback.
Trend Micro is now the biggest pure play security vendor on the planet. Let's make sure people know that.
Sent from my mobile, excuse fingers.
On 19 Aug 2010, at 16:41, "Edgardo Diaz (AV-US)" <firstname.lastname@example.org> wrote:
[Thinking out loud]
So what's the possible effect to trend? Or better yet trend's possible move?
Will cisco acquire trend? Or google acquire trend? Or ibm acquire trend? hehehe
Intel-McAfee: Horseless Carriage Vendor Buys Buggy-Whips
This morning Intel announced plans to buy security vendor McAfee for $7.7 billion, valuing the company at a 60% premium over their market cap as of closing-time yesterday. The valuation is about 5 times the last trailing four quarters' revenues, which is about typical for M&A deals in the security industry, and it suggests that both parties negotiated well. The price is not so high that it makes Intel look like Daddy Warbucks, but not so low that it looks like McAfee was desperate to sell.
But of course "a not so high price" is all relative. Nearly $8 billion is a lot of money. What on earth does Intel expect to get for all of the money it is spending on McAfee? I've been scratching my head over this, and despite McAfee CTO's George Kurtz' helpful blog post, I am still struggling to figure this one out. Let's look at some of the stated rationales for the deal:
· Intel wants in on the mobile market. According to the coverage of the deal in Bloomberg, the McAfee acquisition is about mobility. Raymond James analyst Hans Mosesmann argues that "[Intel's] ability to be successful in the non-PC market, and even in the PC market, is going to depend more on system solutions, and security is becoming a really big deal." Intel apparently agrees, telling the BBC that "today's security approach did not fully address the billions of new internet-ready devices, including mobile and wireless devices, TVs, cars, medical devices and cash machines."
· Security wants to be embedded in silicon. George Kurtz argues that the threat landscape has become so deadly that hardware-based solutions are needed: "Given the current challenges in dealing with the proliferation of virulent malware, bringing software closer to silicon will provide a real advantage for consumers and businesses. Beating back the tide of malware proliferation by changing the game on the bad guys is an exciting proposition."
· Intel moves closer to becoming a systems supplier, not just a chipmaker. New York Times reporter Ashlee Vance notes that "Intel builds a variety of security functions directly into its chips and has offered its customers ways to tap into the tools. The McAfee technology would sit a couple layers above Intel's existing technology and perform a much wider array of functions."
These arguments have their merits. Everyone agrees that mobility is huge, and that the Post-PC market will eventually eclipse today's PC market. Indeed, Forrester data shows that the crossover point is this year. Intel knows this, so it wants to plant a flag in the mobile security space it believes will be necessary to protect these new devices. Moreover, I can understand why Intel feels it ought to be baking more capabilities into silicon: it helps differentiate its chips against rivals AMD and ARM (via its licensees). Adding more functionality to core offerings as a way to entice buyers to upgrade to their platform is a classic strategy that Intel's acquisition target (McAfee) has been perfecting for years with its desktop anti-malware suite. That product started as a humble virus scanner. Today it includes anti-spyware, a host firewall, data leak prevention, host intrusion prevention and much more. What McAfee has done on the desktop, Intel intends to do "inside," on its silicon.
But I see four problems with Intel's strategy (at least as much as I can glean, so far):
· Neither Intel nor McAfee are serious players in the mobility market, and this deal doesn't improve their prospects. In the mobile market, Intel has had its lunch eaten by ARM Holdings, a company whose energy-effiicient designs have underpinned the chips of choice on mobile devices like Apples iPad. And for McAfee, it has recently acquired two mobile security companies — Trust Digital and TenCube. McAfee's also (earlier) bought SolidCore for the embedded market, a move that looks savvy in hindsight. But speaking charitably, neither of these most recent two acquisitions will be (as the equity analysts like to put it) "accretive to earnings or revenues" in the short to medium term. That is to say, mobile security won't be much more than a few percentage points of McAfee's overall revenues. McAfee deserves credit for thinking outside the PC box, but its execution in this area is, at best, in the early stages.
· Intel's hardware platform strategy will not work. Most enterprises take the least-common-denominator approach to managing their computing assets. This is largely because refresh cycles cause hardware platforms stick around much longer than software-based ones: it is easier to push down a software update than to pull a motherboard. I am not convinced that a hardware-based strategy for security will resonate with enterprise buyers. If you need convincing, ask yourself: how many of the PCs in your organization run Intel vPro-capable hardware? Don't know the answer? Right: this is exactly my point. Despite Intel's efforts to add more differentiating "professional" features on and around their core processor silicon, these are seen as a bonus, rather than the centerpiece of enterprise management strategies. It is hard to see how "McAfee Inside" would work out any differently.
· Intel doesn't understand software. Perhaps the most troubling part of the McAfee deal is the prospect that they will mismanage their new division into irrelevance. Intel's track record with deals further up the stack are patchy at best. In 2005, Intel bought Sarvega, a hardware-and-software play in the XML processing segment. Today, it is irrelevant. In 1991, Intel bought LANDesk as the centerpiece of its DMTF strategy. Remember what DMTF stood for? (No penalty for not remembering: it stands for Desktop Management Task Force.) LANDesk was sold at the height of the dot-com boom, and it has been bought, spun off or sold three times again. Now Intel wants to get back in the software game again. Again, how will this be any different?
· The security aftermarket will be very different on Post-PC devices. PC devices, and by this I mean those running Windows, have long needed third-party security vendors to help secure the platform. Early versions of Windows, and even current ones, were not designed with security in mind. Even though Windows 7 is much improved compared to Windows XP, 95 or 2000, the core OS is still based on the Win32 foundation, a twenty-year-old legacy that was designed to run on "everything." Contrast that with the highly sandboxed, compartmentalized, digitally signed "apps" model of the BlackBerry OS and Apple's iOS. With these two operating systems, you don't need on-board anti-virus, or HIPS, or anything else — and if you do, it is because Apple or RIM have screwed up. Both of these vendors are taking responsibility for their platforms in totality in ways that Microsoft never did, or could have. Neither iOS or BlackBerry OS depend in any way on hardware capabilities Intel or anybody else could bring to the table, other than the root-of-trust embedded in the handset; all of the security differentiation is is in the OS. And that, frankly, is where it belongs.
All of which leads me to conclude that while Intel's stated rationales for doing the McAfee deal are very forward-looking, its likely actual revenues are mostly about the past. If Intel wants to grow the franchise for protecting PC platforms, the McAfee deal is a great acquisition. But if you view today's security aftermarket as something that ought to be better left in the ashbin of history, where security is baked into operating systems, this deal is more of a head-scratcher. In this light, Intel's purchase of McAfee is a lot like a horseless-carriage vendor buying a leading supplier of buggy-whips.
What does this mean for Forrester customers? Given the risks associated with this deal, enterprise customers should be wary of making long-term commitments to McAfee until Intel's intentions are more clear. It would be best if McAfee was left to manage itself, largely as a stand-alone company. That said, Forrester has spoken to many McAfee customers in the last several months that have been upset with McAfee's handling of the DAT file problem from April, which caused widespread service outages. We expect that customers that have already been angling to jump ship will use this deal as an excuse to accelerate those plans.