Microsoft's predatory pricing of security software

SunbeltBLOG has posted an analysis of Microsoft’s pricing for their new security products, One Care and Antigen, calling Microsoft on predatory pricing aimed at putting the rest of the security vendors out of business.

SunbeltBLOG has posted an analysis of Microsoft's pricing for their new security products, OneCare and Antigen, calling Microsoft on predatory pricing aimed at putting the rest of the security vendors out of business. Even though Sunbelt Software is in the security business, too, I don't think this is sour grapes. Others have written similar pieces, but SunbeltBLOG breaks down the numbers.

No one should feel "abused" by the big AV companies because there are free alternatives.

OneCare is aimed at home users and small businesses, combining firewall, anti-virus, anti-spyware and some utilities for disk and file management. OneCare is going for $49.95 for up to 3 machines and a one year subscription. I saw some sales for OneCare at $14.95 this weekend.  Antigen, acquired from Sybari last year, is an enterprise application for email, SMTP, and Exchange server protection from spam and viruses. Forefront is also in the wings, not released yet, called a "family of business security products" that includes anti-virus, anti-spyware and more, see description here. I saw a demo of Forefront running on a client machine at Tech Ed, and while it looks nice I wasn't so impressed that it uses the same definitions as Windows Defender for adware/grayware (they did not call it spyware), and the same definitions as the Malicious Software Removal Tool for viruses, worms and trojans.

SunbeltBLOG compares the numbers, pricing for the Microsoft products to comparable products from Symantec, Trend Micro and McAfee, showing how Microsoft is undercutting their prices by as much as 44% for OneCare and as much as 63% for Antigen.  Pricing is not available yet for Forefront. Should we be concerned?  Alex Eckelberry writes:

What should be disturbing about of this all is that we very well might see Microsoft owning a majority in the security space.  Despite what their PR flacks tell us, they are hell-bent on getting your business.  Look at the Forefront website for yourself.  These people mean business.   Maybe I’m jaded, as I’ve spent most of my career working for companies that got pummeled by Microsoft (Borland, Quarterdeck, etc.). 

Stifling innovation?  You bet.  What venture capitalist will invest in the next great security idea or product?  What entrepreneur will start a new company in the security space, given the risks of competing with Microsoft? 

Jupiter Research seems to be in agreement -- write up is here. Kevin Murphy of Computer Business Review Online wrote about similar concerns in February.

The other question about Microsoft's venture into the security business is this: Would you trust Microsoft alone to protect your network or your home computer against viruses and spyware? SunbeltBLOG has just posted a poll here. So far the results are not favorable to Microsoft.

While I applaud Microsoft's efforts to make Windows Vista a more secure operating system, it seems to me that security has been an afterthought with Microsoft. Remember, Microsoft became concerned with spyware after Bill Gates' home machines got infested. At any rate, I'm interested in readers' opinions about Microsoft's pricing of security products and whether or not you'd trust Microsoft's products to protect you from viruses, trojans and spyware.

Disclosures:  I'm a Microsoft Security MVP for 2005 - 2006 and I have a lot of respect for the folks I know there on the Windows Defender malware research team. I'm also a contract spyware researcher for Sunbelt Software. I use a firewalled router, Agnitum's Outpost Pro firewall (I've never used the XP firewall), and I run Kaspersky Anti-Virus on my home machines. I don't use real time spyware protection and don't get infected unless I'm in a virtual machine trolling for spyware.

Update June 21:  Alex Eckelberry's blog about Microsoft's predatory pricing has stirred the pot on both sides of the fence. Larry Seltzer disagrees with Eckelberry and makes the points that the cost of security services is too high and Microsoft's entry into the game will bring down the prices to a more affordable level. He also says, and I agree with this to a point, that too many computers are completely unprotected and Microsoft's OneCare will make it easier for more people to secure their machines.  Seltzer mentions the free anti-virus AVG but neglects to mention Avast and AntiVir, two other free programs. I scan a lot of newly discovered malware files at Jotti and VirusTotal and typically those companies are not among the first to have definitions. Since there are free AV programs, there's really no excuse for users not to have an AV program, so in that sense I wonder how many people that currently don't have an AV will use OneCare. But on the other hand, since it is from Microsoft, more people will likely become aware of it. 

Seltzer writes:

Similarly, even if OneCare is weak in some areas of coverage, I can see it being a good solution for lots of people who feel abused by the big anti-virus companies making them pay $40 per year per computer.

No one should feel "abused" by the big AV companies because there are free alternatives. Sometimes, too, it's a matter of quality -- getting what you pay for. My personal favorite, Kaspersky Anti-virus, is among the higher priced apps, but I don't mind paying a little more for what I consider to be the highest quality product.  KAV is often the first to have definitions of new malware and puts out hourly updates.  And, no, I don't work for them or sell their products.

Ryan Naraine's article here asks if Microsoft's pricing is predatory or correctional and quotes statements from others in the industry.

David Moll, CEO of privately held anti-spyware vendor Webroot Software, threw his weight behind Eckelberry's concerns, arguing that Microsoft's pricing policy is "consistently out of line with the rest of the industry."

Moll also brought up potential legal issues in Europe and here with Microsoft's entry into the security market.  Others disagreed with Eckelberry, including John Pescatore of Gartner, saying that Eckelberry's analysis and conclusions are incorrect, citing rebate programs and special offers from other companies. A Microsoft spokesperson stated "its entry into the market is driven by the fact that a segment of its customers remain unprotected."

A representative of Kaspersky says his company isn't worried because they target a different segment of the market.

"We're going after an educated, technical consumer. We will compete at the technological level and let the others fight over pricing," Orenberg said.

"Microsoft's moves really don't bother us. Someone who's buying OneCare is probably not going to buy Kaspersky. They'll take market share away from Symantec and McAfee. We've decided to play in a different space," he added.

I expect he is correct that someone buying OneCare isn't likely going to buy Kaspersky and I think the reverse is true as well. I may have more on this later. Keep in mind, I'm no expert on enterprise security applications or the enterprise security market and am looking at this more from the perspective of the home user.