Check Point wants to be the last pure-play security vendor

Check Point may have made big bucks selling firewalls in its early days, but it is struggling to live up to its CEO's vision in today's rapidly shifting security market.
Written by Patrick Gray, Contributor
commentary Check Point may have made big bucks selling firewalls in its early days, but it is struggling to live up to its CEO's vision in today's rapidly shifting security market.

It wants to be the last big "pure-play" security vendor in the business, offering a wide range of solutions to the enterprise and even small- to medium-sized businesses (SMBs). But with 70 percent of Check Point's sales coming from one, core product -- VPN and firewall perimeter software -- can the Israel-based company pull it off?

Check Point rode the gravy train in the 1990s selling firewalls to every company possible. It was a boom time for basic security kit, and Check Point had good gear. But times have changed, and so has the market. It's a new world for security vendors, with many of the established names having been acquired or themselves diversifying into other areas. Check Point wants to buck that trend, focusing entirely on security.

One of Check Point's most direct competitors, Netscreen, was acquired by router-maker Juniper Networks in 2004. The move hasn't done its share price any favours, and Check Point's Vice Chairman, Board of Directors, Jerry Ungerman, thinks he knows why. "When you talk about Juniper, they got security to help sell routers and switches, not to become a security company," he told ZDNet Australia. "I don't think they've been as successful as they'd envisioned."

It may seem like competitor bashing, but Ungerman's right in this case. Juniper flew press and analysts from all over the globe to its California headquarters to hype the acquisition in late 2004, and this correspondent was invited. Company management were open about it -- the Netscreen acquisition was all about Juniper's move into the enterprise market, a source of revenue it couldn't tap from its telco heartland.

Through Netscreen, they'd acquired some snappy technology, a tonne of customers, and a sales channel into the enterprise. Previously, Juniper did the majority of its dealings directly with telcos. This was its big move against Cisco, in a David versus Goliath-style battle. Unfortunately for David, the big guy is still looking healthier than its smaller rival, despite Juniper offering excellent products.

Three months earlier, Check Point had announced its first big acquisition. It snapped up consumer security technology company Zone Labs for US$205 million, with the vision of bringing endpoint security to the enterprise.

Security outfits are still attractive targets, it seems. Storage vendor EMC acquired RSA Security for US$2.1 billion this year; a reverse-play of Symantec's US$13.5 billion acquisition of storage infrastructure outfit Veritas last year.

The pairing of security companies with storage vendors strikes some analysts and commentators as odd. In the case of EMC acquiring RSA, offering security tokens with storage solutions is like putting chocolate on hamburgers -- it's not criminal, but it is strange. And EMC is no dummy when it comes to buying good technology. VMWare, which the company bought in 2003, is now one of the fastest growing software companies in the world, which just makes its seemingly bizarre play for RSA seem more, well, bizarre.

"We also don't get it," Gil Shwed, the founder, CEO and Chairman of Check Point, told ZDNet Australia. He built the company on software he wrote himself, and he's a technologist to the core. If there are synergies between RSA and EMC, he doesn't see them.

Ungerman, his right-hand, is more philosophical. "I think they're defensive plays. I've worked in this business for a long time and you don't make money selling disk drives. You don't," Ungerman says. "There're big players in there that make very little money and EMC is one of the big ones. They're trying to build up their software business."

Check Point, too, has attempted to expand through acquisition. Sick of being known as a one-trick company that makes a good firewall, it announced its intention to buy US-based security outfit Sourcefire for US$225 million this year, its first big move since Zone Labs in 2003.

As a company that now defines itself as the last significant vendor left that focuses solely on security, it was a good move. Sourcefire has great technology, more good will than you can poke a stick at, and a fairly impressive list of clients.

Unfortunately, at around about the same time, a firm from the United Arab Emirates was looking to buy some United States port infrastructure. US President George W Bush killed the UAE deal when word got out through the press, a decision that may have impacted Check Point's chances of purchasing Sourcefire.

Many privately say it was this political situation that made US federal regulatory approval of the purchase by the Israel-based Check Point politically impossible. They simply couldn't say no to the Arabs and yes to the Israelis.

Eventually, US regulators scuttled the deal.

"I think it was the circumstances that were a little bit complicated. There was a political issue, especially with the deal with the UAE that was on the table," Shwed says. "There were multiple factors -- one of them was the political situation at the time, but the big one was the fact that the US government wants to make sure that certain technology that they're using heavily won't be under any kind of foreign ownership."

Sourcefire makes arguably the best network-based intrusion detection system that's ever existed, and it's used on some very sensitive networks by the US Government. Handing control of the company that develops and maintains that software to foreign interests seemed a little too much for the feds. "I think Sourcefire is a great company I think they had good things and I think I would be happy tohave them as a part of Check Point. But I don't think that there are no alternatives to that technology," Shwed says.

Check Point will either form an OEM relationship with Sourcefire, or simply buy another company that owns a similar technology, he added. The roadmap stays the same, he insists.

It was telling that yesterday in Bangkok, at Check Point's annual regional customer and partner event, Shwed delivered his keynote speech, outlining his vision of his company as a pure-play security vendor that will provide a "security architecture" and an "independent security layer", not a mish-mash of loosely related technologies.

The elephant in the corner, of course, was Sourcefire. The doomed acquisition bid was not mentioned once.

After his speech, ZDNet Australia asked Shwed about growth in other areas, like the endpoint security software the company acquired when it purchased Zone Labs. "Well I do hope that five years from now we will see a much, much higher growth in the number of endpoint agents we sell," he says. "I don't think it's growing as fast as it should grow, let's put it this way."

Consumers still love Zone Alarm, he says, but manageability concerns mean that the adoption of endpoint security software has been slow. He's confident, however, that it will pick up, and with Australia's AusCERT Computer Crime and Security survey showing enterprise desktops are now an attractive target, it's hard not to see his point.

Still, with 70 percent of Check Point's sales based on one product, its challenge now, as the self-proclaimed "last man standing" security vendor, is to grow through the right acquisitions. It must go big, or risk becoming the target of takeover itself.

Both the Zone Labs and Sourcefire acquisitions were great plays. Now the latter has been sunk, the challenge for Shwed, a truly technical CEO, will be finding the right technology to make his vision of Check Point a reality.

Patrick Gray travelled to Bangkok as a guest of Check Point.

Editorial standards