Q&A: Secure Computing aims for enterprise gateway security

The CEOs of Secure Computing and CipherTrust explain their plans

Earlier this month, San Jose-based Secure Computing Corp. announced plans to acquire privately held messaging security vendor CipherTrust Inc. of Alpharetta, Ga., for $273.6 million in cash and stock. The combined company will sell a range of enterprise gateway security appliances designed to help companies handle threats at the network edge and at the application level. John McNulty, CEO of Secure Computing, and Jay Chaudhry, founder and CEO of CipherTrust, spoke with Computerworld earlier this week about the deal.

Excerpts from that interview follow:

Why did Secure Computing buy CipherTrust?
We just see a great opportunity to establish an enterprise gateway security company. There is no one in a leadership position here today. So this puts us in an ideal position to assume that leadership from the network edge to the desktop. We see a great fit both from the standpoint of the products and the technology. We see the financials are going to be great and we see a great fit for the [management] teams. It's really something that is a welcome relief. The senior team at Secure has been stretched as the company has grown. The last piece is the great opportunity we have in distribution. When we combine our customer base, we have over 18,000 customers in 100-plus countries and 1,700-plus channel partners. We are wildly enthusiastic about the potential this company has.

Chaudhry: One main point I'd like to add is if you look at the security space, there are some 800 security start-ups. Most of them are doing point products, and customers are getting tired of it. These companies bring a lot of innovation because of their focus. But they don't quite have the financial strength or scale to be viable players. CipherTrust and Secure Computing combined will keep the focus and innovation of a start-up, but our size and financial strength is that of a large company.

What exactly is an enterprise gateway security product?
It provides protection across the network and application gateways, including unified threat management [tools] and firewalls, messaging security, Web security and identity management, together with centralized policy and management.

What is the size of the market opportunity?
The area we are focused on is the appliance side. Messaging is about $2.6 billion. The appliance segment of that will be a little over a billion dollars. Similarly, each of the four areas [the combined company will focus on] is over a billion in the appliance segment alone. We can take a big part of it.

What impact is Microsoft having in the security space?
There are about 800 start-ups and about 40 to 50 other companies that dabble in security in North America alone. Microsoft clearly is a huge factor in that space. But Microsoft's expertise is at the desktop. That is not an area we play in. It is where you see the likes of Symantec and McAfee and Trend Micro. That is where Microsoft is going to have the biggest impact. Microsoft doesn't sell appliances. We have grown at a rate of over 20% every year in the face of the big monsters for the last six years. So this is not something that we fear.

It's not just Microsoft, though. Cisco and some major platform vendors are also expanding into the security space. How does that affect pure-play security vendors?
If you look at where the Ciscos of the world are playing, it is at the network level. But if you look at the application gateway level, that is a newly emerging market -- and so is the Web gateway market. Our belief is that with our focus and with our innovation, we are going to be moving forward with some leading-edge solutions.

Gartner recently stated there's going to be less of a need for best-of-breed products over the next few years and that, instead, companies will be looking for integrated products. What do you think?
In the last six or seven years, there has been a debate over best-of-breed vs. integrated products. [Some companies] have been making a big deal about best of breed. I think both approaches have issues. We are seeing customers out there who have 10 to 15 boxes doing just the enterprise e-mail gateway. So they do want an integrated solution, but they are not willing to take chances with second- and third-tier solutions. Where the market is moving is you need the best-of-breed technology. But if you can deliver it in an integrated solution, that is when you win.

How has the threat landscape changed?
The threat is constantly evolving. Most of the things we are intensely worried about today didn't exist 10 years ago. The threat had changed from the kid in the basement trying to impress his friends by defacing a Web site to organized crime and to very competent computer experts trying to steal and to commit crimes. It is happening every day. The FBI's most recent report said that cost of fraud on the Internet to American businesses was $67 billion. That's just the tip of the iceberg, because it is only the amount that people want to own up to. Most importantly, we live in a world where it is all happening in real time. Ten years ago, it took weeks for things to spread across the globe. Five years ago, it was hours. And now it is in minutes. In the future, it is going to spread even faster. Signature-based defenses designed to prevent [trouble] after the horse has escaped the barn is ancient technology.

Copyright © 2006 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon