Symantec beats the research drum

(continued from previous page)

None of the projects is ready to be sold as a final product, but the database audit and security appliance is being tested on the networks of real Symantec customers. The system is part of Symantec's "Advanced Concepts" group, which fills a gap between research and actual products. It could be offered as a product when the market is deemed ready.

"The intent of Advanced Concepts is to do projects we feel don't face many hurdles from a technological perspective, but where there is some uncertainty from how this is going to play out in the market," Trilling said.

The database audit and security appliance plugs into a company's network and logs all traffic to databases on that network. The log can aid companies in their audit and compliance programs, but the appliance also flags anomalous queries. These queries could be a sign of an attack or an insider accessing data he should not have access to, Symantec said.

Because it watches traffic going in and out the database, the appliance can alert a user to attacks that conventional security products might not see. "Even with the most robust database protection, a single compromised password can result in a devastating attack," said Gerry Egan, a product manager for Advanced Concepts at Symantec Research Labs.

Researchers in India are working on StarFS, the catchy name for new software that is designed to solve the nightmare of dealing with multiple file servers in different locations. StarFS runs on top of existing file systems and creates a single virtual data store, making many servers appear like a single drive on a user's PC.

"StarFS could provide a new market for Symantec. Traditionally, we are targeting databases, one datacenter, tight clusters and big Oracle systems," said Navin Kabra, the senior principal software engineer at Symantec Research Labs.

Guenter Roeck, an advisory engineer in Symantec's labs, is working on a project called Software Fault Tolerance. The software promises a nearly seamless failover without any data loss in case of an application failure. That includes data on transactions that were in progress when the application failed, Roeck said.

"It is almost like beaming the application from one machine to another from a process perspective," he said. Current clustering and high-availability products start the application on a different machine in case of failure, but transactions that are in progress may be lost and the client may lose the connection, he said.

Both StarFS and Software Fault Tolerance are still in the research stage, but the researchers are talking with the product teams.

With a stronger research group, Symantec can dispel the image of a company that has to rely on acquisitions to innovate. The company's buying spree might have something to do with that. Aside from the Veritas merger, this year's takeovers include antiphishing company WholeSecurity and compliance specialists BindView and Sygate.

"We actually do spend a lot of our time thinking about creating options for the future," CTO Bregman said. "To some extent, there is a perception that Symantec and Veritas are reactive acquirers. I would dispute that."

[lzeltser]

Symantec will continue to rely on acquisitions for innovation

It is a welcome sign that Symantec is increasing its research activities. The company needs to do this to keep up with such research giants as Microsoft and Goggle. However, Symantec will continue to heavily rely on acquisitions to fuel its innovation pipeline.

As my co-author and I discuss in a paper that touches upon this topic, it is natural for security-focused companies as large as Symantec to use their customer reach and channel relationships on marketing tasks. In contrast, security start-ups lack these relationships and budgets, which makes the partnership between Symantec and a small acquisition target particularly attractive. Start-ups will innovate, and Symantec will market.

If you're interested in learning more about such industry trends and dynamics, take a look at:

Essential Trends and Dynamics of the Endpoint Security Industry
http://www.zeltser.com/endpoint-security-trends/

[j_swanson]

good analysis

Yes, Symantec are right up there in leveraging companies they're bought. Good recent example is their purchase and aggressive marketing and support of KVS via their Veritas acquisition, and the way they're dancing with pure compliance players such as Cryoserver and Kroll's technology.

Suddenly, Symantec is ontrack (excuse the pun!)