June 22, 2006 12:29 PM PDT
Microsoft swims upstream on security
- Related Stories
Microsoft shakes up security frayJune 7, 2006
Microsoft puts its stamp on e-mail securityJune 6, 2006
Beware the Microsoft 'monoculture'May 18, 2006
Microsoft buys VPN specialistMay 18, 2006
Microsoft repackages FrontBridge serviceMarch 29, 2006
Microsoft set to test security softwareOctober 6, 2005
Microsoft to provide security strategy updateOctober 4, 2005
Microsoft to buy e-mail security firm FrontBridgeJuly 20, 2005
Now that it's launched the Windows Live OneCare security service for consumers, Microsoft is ramping up its efforts to convince businesses that it is the solution to, not the source of, their security woes. The Redmond, Wash., company last week unveiled Forefront, a single brand that encompasses updated and upcoming security products aimed at businesses.
The moves are part of Microsoft's attempt to expand its business and tap new revenue sources, analysts said. Last year, security software sales hit $12 billion, according to research firm IDC. On the enterprise side, Yankee Group expects the Windows client security software market to grow to $3.6 billion this year.
"They are in it for the money, of course," said Andrew Jaquith, an analyst at Yankee Group. "Microsoft initially was very mysterious about its security plans. But its steady drumbeat of announcements over the last months shows intent to be a very broad enterprise security player."
Under the Forefront plan, the brand-new Microsoft Client Protection product, now in development, will be sold as Forefront Client Security for PCs and servers. In addition, updates of Antigen for Exchange and Antigen for SharePoint will also carry the Forefront tag, Microsoft said. Antigen for Instant Messaging and the ISA Server firewall and Web caching software are also in the Forefront group.
"We're going to provide a comprehensive set of security technologies for businesses that is integrated with their existing infrastructure, with an emphasis on the deployment, management and ongoing usability," said Steve Brown, the director of product management in the security, access and solutions division at Microsoft.
What's in Forefront?
Microsoft has mapped out the releases for its newly named business security line.
Forefront Client Security
Previous name: Microsoft Client Protection
What does it do?: Guards against spyware, viruses and other attacks on PCs and servers.
Release due: Public tests in fourth quarter 2006. Final release in second quarter 2007.
Forefront Security for Exchange
Current name: Antigen for Exchange
What does it do?: E-mail antivirus and content filtering for Microsoft's Exchange Server 2003 and Exchange 2000 Server.
Update due: Second half of 2006.
Forefront Security for SharePoint
Current name: Antigen for SharePoint
What does it do?: Antivirus, content and file filtering for Microsoft's SharePoint collaboration servers.
Update due: Second half of 2006.
Antigen for Instant Messaging
What does it do?: Antivirus and content filtering for Microsoft Live Communications instant-messaging server.
Update due: No information on Forefront update available.
Internet Security and Acceleration (ISA) Server 2006
What does it do?: Firewall and Web-caching server software. Also sold on appliances.
Update due: Forefront version is planned for release some time in the second half of 2007 or beyond.
As far as motivation goes, Microsoft sees its entry into the security fray as a "very broad opportunity" for itself and for its customers, Brown said. "The primary reason we're doing this is that there is clearly a customer need for this approach," he said.
Companies such as McAfee, Symantec, Trend Micro and Computer Associates have long demonstrated that there's money to be made in protecting Windows systems. For Microsoft, it's simpler to create security add-ons than to build security into its products, an approach that would also make it harder for the company to make extra money, at least one analyst said.
"This is a rather safe play," said Charles Kolodgy, an analyst at IDC. "It is easier than building the security into products and not being able to directly capture revenue. And if their security product line doesn't work, they can leave the market."
Microsoft has gradually built up its security muscle in recent years through numerous acquisitions. It bought antivirus specialist GeCAD, anti-spyware maker Giant Company Software and Sybari Software, maker of the Antigen products. Its lineup also includes hosted e-mail security services, picked up through the takeover of FrontBridge Technologies.
Most recently, the company gobbled up Whale Communications, a specialist in secure remote access and Web application firewalls. Last October, it announced it would sell security software for business PCs and servers. The new product, now called Forefront Client Security, is due for release in the second quarter of next year.
In catch-up mode
While it's bound to attract some business for its new products right away, Microsoft has some work to do to become a formidable competitor in the security area. That's especially true when it comes to enterprise client security, analysts said.
"They will get some market share just for being Microsoft," Burton Group analyst Dan Blum said. "To take a majority position, they need to establish a product that is functionally on par with, or pretty close to, the likes of McAfee and Symantec," he said, adding that this likely won't happen until 2008 or 2009.
Symantec, which provides a range of products aimed at protecting corporate networks and systems, said Thursday that it's ready for any competition from Microsoft.
"With a level playing field, all the vendors in the security space will compete for mind share, based on what enterprise customers believe to be the best product to suit their needs," a representative of the security software maker said. "Symantec has been the leading provider of effective protection against viruses and other malicious threats for more than 15 years."
The main obstacle facing Microsoft is customer distrust. "There are certain customers that don't trust them because of their previous track record," Yankee Group's Jaquith said.
The software maker has invested heavily in security over the past years. Despite this, most malicious software targets Microsoft products, and the company still deals with lots of security holes. Last week, for example, it issued 12 security bulletins with fixes for 21 vulnerabilities--the largest number ever for its monthly "Patch Tuesday" updates.
"You're in one camp or another with them," Jaquith said. Either businesses are very loyal customers and are rooting for Microsoft, or they feel they were burned by the company and simply don't trust it, he said.
54 commentsJoin the conversation! Add your comment