Symantec takes Microsoft to task over security

John Thompson, Symantec's CEO, gives his views on Microsoft's security offerings, Red Hat, and his company's accidental deletion of users' XP files
Written by Tom Espiner, Contributor

Since Microsoft entered the security market last year with both enterprise and consumer products, Symantec has launched a number of scathing attacks on the Redmond giant. Speaking to ZDNet.co.uk at Symantec's Vision conference in Las Vegas last week, John Thompson, chief executive of Symantec, was critical of Microsoft's security management console, code-named "Stirling", and its enterprise security product, Forefront.

Symantec revealed a range of products at the conference, including its own security management console, Symantec Endpoint Protection 11.0.

Thompson also discussed Symantec's collaboration with Red Hat on Secure Server, and whether his company would compensate Chinese-language customers who had vital XP files deleted by a Symantec update.

Q: In your speech at the conference you said that Microsoft's "Stirling" project lacked innovation.
A: [Stirling] is not atypical for Microsoft. Early on, Microsoft had a lot of innovation, especially around the PC, but the innovation that comes from Microsoft has slowed. Stirling is an example of that; Forefront is an example of that. Microsoft imitates and emulates what others are already doing in the industry.

Is there no innovation in Forefront?
What is the innovation in Forefront? Where is it? Innovation is about being able to detect new and unknown threats. Microsoft has yet to show up [properly] in the VB100 [antivirus test]. They got the VB100 for the first time last week. We pride ourselves on 31 consecutive times in getting it. Microsoft thinks it has made advances, but we protect more people from more online threats than anyone in the world. We applaud what Microsoft is trying to do, but we don't think the public should be duped by their marketing.

You've just launched Symantec Endpoint Protection. What is the thinking behind that?
Our belief is that you need to understand what software is in your environment, what security device settings you have. If you discover problems, you need to know what impact they'll have on the enterprise.

There are reports that this product is aimed at small businesses. Are they correct?
Symantec Endpoint Protection is aimed at the full gamut of customers, large and small. There are advantages for both: Sonar behavioural analysis for small business; for large enterprise environments, a unified management console can run security technologies.

Is Endpoint Protection fully interoperable with other products?
Let's assume a customer made that incredible choice of picking another security solution. If that customer made the incredible error of deploying someone else's antivirus or firewall, it doesn't mean they can't choose our Endpoint solution.

Symantec announced a collaboration with Red Hat in June. What is the thinking behind the partnership?
Our partnership with Red Hat is reflective of the growing diversity of environments in enterprises. We can't say we support heterogeneity and not support Red Hat or Suse. Our technologies will run consistently and perform equally as well on all platforms.

Symantec's antivirus recently deleted vital Chinese-language XP files.
It was a horrible mistake.

Now various Chinese users are suing Symantec for compensation. Will Symantec compensate those affected?
We'd rather talk to customers directly about compensation, rather than in a public forum. This is not the first time this has happened to a security company, so we're not going to hyperventilate over the problem. We will work with customers and partners. We are deeply sorry, and we have changed our processes, but we're clearly not the first to have made this mistake — everyone has had problems like this before.

Editorial standards