McAfee attacks Symantec's product launches

Release of Endpoint Protection and plans to run security software as a service have started a row between Symantec and McAfee
Written by Tom Espiner, Contributor

Security vendor McAfee has criticised Symantec's Endpoint Protection product, which was announced on Wednesday.

McAfee said that Endpoint Protection 11.0, which was code-named "Hamlet", did not deliver what customers want.

Greg Day, a security analyst at McAfee, compared Endpoint Protection unfavourably with McAfee's ePolicy Orchestrator (ePO), which also provides security-policy enforcement. "For some time, the competition has been playing catch-up on what customers have been asking for. With Hamlet, Symantec is delivering what customers were asking for two years ago," Day said in a statement. 

"McAfee has gone far beyond the single agent and single console for system security, by integrating multiple products and technologies to provide knowledge-driven security. This new level of security is automated, actionable, and empowers customers to be efficient and effective," Day said.

Enrique Salem, group president of worldwide sales and marketing for Symantec, said that Endpoint Protection has the capacity to integrate with multiple products at the perimeter, virtual, desktop and database layers. "While I won't name any names, one large company that's currently got a competitive product in beta is anxiously awaiting Endpoint Protection when it ships. They can't wait to get our product into their environment. [They are anxious that] we will displace them," Salem told ZDNet.co.uk.

Both McAfee and Symantec have security-policy management products in beta. McAfee says that ePO is in beta for version 4.0, rather than a first version beta like Symantec's product. Vimal Solanki, senior director of worldwide product marketing for McAfee, said: "Symantec is seven years behind McAfee — ePO version 1.0 came out in 2000."

Solanki said that McAfee was concerned that Symantec hasn't adequately addressed the problem of confidential data loss in Endpoint Protection, has not incorporated the ability to enforce policy on all devices in the network, and did not have a good track record of incorporating technology from acquisitions. He also said that McAfee was concerned about the functionality and stability of Symantec's Endpoint Protection product because it was only the first version.

Enrique Salem said that Symantec did have device and USB enforcement products that integrated with Endpoint Protection 11.0, and had IPS, IDS and behavioural analysis capabilities within Endpoint to monitor devices on the network. Salem added that one of the underlying strengths of Endpoint Protection is that it integrates different products from acquisitions. However, Salem said that, while he had heard no customers expressing concerns about the stability of Endpoint Protection, he fully expected customers would want to test the product before buying and deploying it.

McAfee has also laid into Symantec's plans to run security software as a service.

Symantec Protection Network, which is currently in beta, is due to ship in September with a product currently called "Online Backup", Salem told ZDNet.co.uk on Wednesday. Online Backup would be followed by Endpoint Protection as a service, and device and desktop monitoring, Salem said.

Lillian Wai, senior product marketing manager for McAfee, said: "McAfee has been running software as a service [SaaS] for the last seven years. Symantec is running seven years late. We still see Symantec focusing on back-up, not security, for its service platform. McAfee is a security play for customers of all sizes and won't get off course."

Jeffrey Hausman, a senior director of product management for Symantec, said that Symantec's aim is to bring all of its current products online. "Every three to six months, we will introduce new capabilities," Hausman said.

The software-as-a-service (SaaS) market is growing rapidly compared with traditional desktop security, according to Hausman — between 18 and 20 percent year on year, as opposed to approximately five percent for desktop security.

However, Symantec faces a number of challenges in instituting security SaaS, according to Jon Collins, an analyst at Freeform Dynamics.

Collins said that Symantec sees SaaS as a "global protection solution", and that it is building an online framework of support services and back-up related services. "We don't see any evidence that it's cheaper for companies to use SaaS; we would advise companies to look very carefully at online services from an economic perspective. The benefit is that it takes away the problem of management of [necessities like] back-up, particularly for smaller companies. The question is whether Symantec is taking SaaS far enough. Online Backup is good, but you can get online file management from companies like Xdrive. Email security is one thing, but why not just outsource email [completely]? The question is whether Symantec's range of services is good enough, rather than just going to a one-stop shop."

Collins said he expects to see the specialist SaaS providers acquired or forced out of business by the larger players in the security market.

Editorial standards