Archive for the ‘Symantec’ Category

This week, Symantec launched their new “Internet Threat Meter” site; the “Internet Threat Meter” is basically a portal where Joe Average can go to see aggregated information about the “state of the Internet” – there are “traffic lights” (green/yellow/red lights) on the site that correspond to the overall “safety level” associated with PC usage at the current time. In case you haven’t seen it, here’s the link.

Just for the record, although they look similar, do not confuse the “Symantec Threat Meter” with the “Symantec Threat-Con” which is entirely different. Whereas the ThreatCon has four levels, the Threat-Meter has only three (probably to make it more accessible to the average user.) And while the colors for the Threat-Meter are green, yellow, and red, the Threat-Con colors are green, yellow, ORANGE, red (they’ve weeded out the overly-technical “orange” level.) Obviously, I’m being sarcastic.

What strikes me about this is not just the similarity (and competition) with the existing tool, but the similarity with Windows OneCare. From a user interface perspective, this new “Threat Meter” is very close to Microsoft Windows OneCare Live – both in terms of what’s available on the interface but also the way that the controls/tools are categorized, made available, installed, etc. Of course, this begs the question: is Symantec feeling the pain from OneCare already? Is the beta cutting into their sales enough that they are responding ad-hoc in a way that competes with rather than compliments investments they’ve already made?

Here’s my thinking… Symantec will never say this flat out, but they make their money from consumer AV. Judging by what we can infer (the way they break down the numbers is less than transparent), their reliance on consumer AV is anywhere from 50% to 80% of overall yearly revenue. How can we tell? Read between the lines – in Symantec’s 2005 Annual Report for example, they tell us that the consumer segment is their strongest sector (the “star performer” they call it.) They also tell us that their top selling software category is “security solutions.” Now, take the union of where “security software” intersects “consumer segment” – and compare that with what’s in their product line. See what I mean? They’re talking about consumer AV. You can actually line up the numbers in the report to make guesses about percentage of revenue (why I say between 50 and 80 percent – 80 is more of a historic number while the current report points to more like 50.)

Which means that Symantec is in for a world of hurt when those sales start to dry up – and dry up they will. Here’s the deal – when Microsoft starts selling something, competitors tend to go away. If we look at it logically, Microsoft can own the consumer AV market whenever it wants: they can ship their AV or anti-spyware with Windows. They can make OneCare free. In fact, I’ll bet you dollars to donuts that Microsoft giving away the free AV beta is already impacting Symantec’s sales. I’m not sure how much we can read into what SYMC’s up to, but I for one will be interested to see where this goes.

Remember that movie “Harold and Kumar Go to White Castle?” If you haven’t seen it (and I recommend that you do), the movie is about two stoners who spend one very long night driving around New Jersey looking for “the perfect food” (which is none other than 30 sliders and a coke.) Basically, it’s a movie about two dudes driving around in a drug-induced fog.

Well, Symantec has apparently taken a cue from H&K and has decided to drive around aimlessly looking for “what they crave” – in this case, wireless access points. While I’m not entirely sure how this relates to SYMC’s business model, I’m glad somebody’s putting out numbers about this kind of thing. So, if you see a bunch of dudes in yellow driving around with laptops… maybe it’s Symantec on the drift.

Has anybody else noticed that the Symantec ThreatCon on the Enterprise page is green and the ThreatCon on the main site is yellow? Looks like someone over there forgot to update the link…

It’s that time again. With the approach of the new year inevitably comes the storm of new year’s prognostications designed to give infosec practitioners a head-start on what’s to come in aught-six. It’s time to sum up the old and forecast the new; and kicking off that effort is none other than John “Punxsutawney” Thompson himself telling us all what’s to come in the new year. OK, that’s not exactly true; John Thompson didn’t make the forecasts himself – Vincent Weafer over at SYMC was the actual individual tasked with making the predictions (even Punxsutawney Phil has a handler you know.)

So, what does SYMC say we have queued up for 2006? Surprisingly, it’s low-volume fraud-based attacks like spyware and phishing. And according to Symantec, “there is apathy and a general lack of interest about it.” (It’s been a long time since I’ve been called “apathetic”; high school was the last time, I think.) Of course, someone might point out that this is more or less the same as 2004 analyst predictions for aught-five and 2003 analyst predictions for aught-four, but that would spoil the fun.

Wow. Symantec puts a stake in the ground saying open source is part of the reason for slower patches. That’s not going to engender any popularity… let the ranting begin.

Symantec patents scanning for malware?

Reading the patent, wouldn’t “grep” constitute “prior art”? (just kidding) In all seriousness, though, I’m wondering if anybody else implementing “heuristic scanning” is a bit nervous by this patent; the methodology seems pretty specific to me, but I’m not a lawyer so maybe it’s more general than it appears to a humble technologist like myself.

These folks have a SOHO/SMB line of VPN/Firewall appliances and NAPT (Network Address & Port Translation) technology designed to get around some of the problems with NATting on VPNs.

Interesting that Symantec has acquired a smaller mid-tier aimed player since they’ve been very concentrated on gaining traction in the large enterprise space. On the other hand, the companies have had a licensing deal for a while, with SYMC using some of the Nexland technology in their VPN/Firewall line.