IDS mailing list archives
Re: Changes in IDS Companies?
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Sat, 26 Oct 2002 11:07:15 -0400
Samuel Cure writes:
Just noticing some changes with some known IDS companies and wanted some feedback [...] Because Marcus Ranum left NFR earlier this year and Ron Gula has left Enterasys Networks, I am questioning the future of some early-on IDS companies. I mentioned some time ago that the IDS market will eventually consolidate and it seems like things are moving in that direction.
It's actually been heading that way for some time. But the fact that guys like Ron and I change interests and move around within the industry isn't related (I don't think, anyhow...) that's more a side-effect of the entrepreneurial mindset. The consolidation is more of a side-effect of the stock market and how VCs have moved into the computer security space. This is just my opinion, from watching how things have gone in the last few years, and how things went in the early years of the firewall "industry" but I'll give a shot at explaining some of it... When a new technology comes on the scene it's usually because of a few guys who look at what the researchers have been doing for a long time already and say "hey! I know people who could USE that!" and start to commercialize it. If it takes off, then the money guys go "oo!" and start building businesses around it. With a technical area like computer security (or maybe software in general?) the ideas that the entrepreneurs have are usually not "big enough" to become multibillion-dollar industries on their own - not things like FedEX or General Electric - stuff like PostScript, Photoshop, etc, etc - neat little solutions of varying sizes, many of which are big enough to build a solid business around but not an empire. So the money guys come in and build an infrastructure around the entrepreneur and build a company and then they figure it's time to cash out. Now, when VCs want to cash out they have 2 options: sell the company (to another company) or sell the company (to the public in the form of an IPO) - and that's what drives market consolidation. If you have a strong enough business and can build a huge "industry" out of it (e.g.: "routers" - Cisco) you can go public and do well. Otherwise what happens is that established players are always hunting to expand their market. Look at ISS: they started with a vulnerability scanner then expanded into services, IDS, etc, etc. Why? Because Tom and Chris were smart enough to realize that you can't fuel public-company style revenue growth by selling just a scanner. You need a "portfolio of products" in VC terms. Public companies are expected (until recently) to exhibit constant growth. Acquisition is the best way to do that fast - on paper. Never mind whether the acquistions make *sense* or improve the portfolio or technology - it looks like growth on paper. That's what fuelled Network Associates' amazing buying spree and collapse: acquiring new companies boosted their stock price because they looked more and more like a 900-lb gorilla (I recall VCs calling them the "Microsoft of computer security"...) and as the stock prices got boosted they could afford to buy more companies, etc, etc, etc. It's a cool cycle if you can pull it off, but if you buy things that don't fit together well, or you have a sales-force that can't learn how to sell the new stuff you acquire, you make a huge ugly crater. So that's what drives market consolidation: often it has little or nothing to do with what makes sense and mostly to do with what makes money. ;) In some rare cases you get acquisitions that really are strategically very good. Like ISS' buying Network ICE. They got a good IDS engine to build a new RealSecure on, and a host agent as well. But generally it's a mixed bag. Then you've got the entrepreneurs. They're a mixed bag, too. I know most of the entrepreneurs in security pretty well, and most of them are no-bulls*&t kinda guys who think like engineers and customers simultaneously. Most of them are smart enough or lucky enough to hook up with businessmen who can handle the process of growing the business, managing sales, marketing, etc, etc. If you know Ron, Marty, Chris, myself, etc, you'll find we tend to be unhappy about sitting in lengthy meetings when we could be designing cool stuff, or a bit out of place in a suit and tie talking about quarter-over-quarter growth projections. So you'll find that as an industry "matures" the early entrepreneurs either get rich and re-invent themselves, or stay within the companies they started and re-invent themselves, or go on to something else. Some of us are more financially savvy about it than others. ;) If you think back, I got sick of working at TIS (too much growth brought too much politics and too many meetings) and left - about 4 months before an IPO that might have made me millions of dollars had I been patient and mature enough to stick it out. I left NFR not because the company was failing or had bad technology or anything like that, but because if I had to spend one more hour in a meeting with empty suits and marketing diots I was going to go postal. ;) I don't know what Ron's experience at Enterasys was like but I bet it was similar. Imagine that you're an IDS guru who gets acquired by a network hub maker? How many times are you going to be able to explain IDS to a marketing idiot who only knows hubs/switches before your brain ruptures? ;) There are some things that just aren't worth _any_ amount of money! :) With respect to NFR - I think it's still a going concern and will do just fine. I just wasn't enjoying it anymore. I still own a big chunk of the company and obviously I hope it'll do great and make me a ton of money. :) The economy right now is terrible for security companies and the venture guys are running scared because their financial model has been to assume that everything was going to always grow - so they've been encouraging companies to spend money in line with revenues 2 years out - instead of in line with what they're bringing in. I think every company in the security space is suffering. That's going to further drive consolidation as companies look for other places to grow their businessess by combining operations.
To further enforce my point, word on the street is TippingPoint is now seeking for someone to buy them out. Does anyone else have anything that could help validate this or these types of trends in IDS companies?
There are a jillion companies looking to get bought out. Either because they established their business on a model of constant growth (and the growth hasn't materialized) or because their exit strategy was always a sale. If I had a dollar for every company I've talked to that their PLAN was to get bought by Cisco and become rich, I'd be able to retire. A down economy just makes all these things tougher because suddenly customers like you start to ask "Hey!? are these guys going to be there tomorrow?" which makes it even HARDER for them to survive - it's a vicious circle. So, in short, I don't think that guys like me and Ron moving around in the industry is worth raising a red flag over. What's worth raising a red flag over is that the party is over. The economic downturn is making everyone re-assess how they do business. It'll sort itself out in a year or two and turn into something new. Hopefully better, but certainly new. :) mjr. --- Marcus J. Ranum http://www.ranum.com Computer and Communications Security mjr () ranum com
Current thread:
- Re: Changes in IDS Companies?, (continued)
- Re: Changes in IDS Companies? Proxy Administrator (Oct 25)
- Re: Changes in IDS Companies? Aaron Turner (Oct 25)
- Re: Changes in IDS Companies? A.S.Rajendran (Oct 25)
- Re: Changes in IDS Companies? Aaron Turner (Oct 25)
- Re: Changes in IDS Companies? Matt Harris (Oct 28)
- Re: Changes in IDS Companies? Aaron Turner (Oct 28)
- Re: Changes in IDS Companies? Matt Harris (Oct 29)
- Re: Changes in IDS Companies? Aaron Turner (Oct 29)
- Re: Changes in IDS Companies? Matt Harris (Oct 31)
- Re: Changes in IDS Companies? J. Foobar (Oct 31)
- Re: Changes in IDS Companies? Proxy Administrator (Oct 25)
- Re: Changes in IDS Companies? Martin Roesch (Oct 31)