Self-interested Rambling on Consolidation

Thomas Ptacek | February 27th, 2006 | Filed Under: Industry Punditry

Oh I do so love these posts by Richard Steinnon. They’ve got to be true. They’ve just got to be!

But:

  • Are there really more firewall vendors playing in the majors now than in 2000? Who am I missing:
    • Cisco
    • Checkpoint
    • Juniper/Netscreen
    • Sonicwall
    • Watchguard
    • F5
    • Microsoft doesn’t count.

    Which vendor entered the market after 2000 and, after 6 years of competing, established a viable niche? I’m guessing (irresponsibly) that you hit hand-rolled OpenBSD+pf in the Global2k before you hit anyone outside the shortlist here.

    And only a few of these vendors are viable exits for an entrant that took an A round.

  • On the other hand, if you draw a line at vendors who beat $1MM in trailing revenue, what happens to the number “1500” here? And, I assume (irresponsibly) that the overwhelming majority of serious novel entrants to the security market plan to primarily address North America. What happens to the list when you slice off APAC and products you can take to market just by double-byteing the UI of another product?
So I’m conflicted: on the one hand, the consolidation meme seems to have legs (it seems like it should be harder to bring an IPS to market now than in 2000 —- though given the margins you can command with one, maybe that’s a silly thought). On the other hand, the factoid about the thundering herd of security companies seems artificial too.

On the other other hand, the article Steinnon riffs off of is legitimately retarded. “If you met with two [of the 700] different vendors a day it would take a whole year including weekends”, says Toby Weiss of CA.

And, If you take the ~200 of those 700 who are viable and relevant, triage the 2/3rds of them that align with this years spending priorities, and divide them over all the IT security buying centers in a typical Global2K enterprise (Windows Server, Windows Desktop, Unix, Storage, Networking, IT Security) and scale by regional divisions, your architects and decision makers still have an awful lot of time to read ESPN, Slate, and Reddit.

1 Comment so far

  • blog

    April 8th, 2006 11:03 pm

    Here is another fun and a bit retarted paper on “consolidation” from Infosec Magazine

    http:// informationsecurity.techt…1162892,00.html
    Anton Chuvakin | Homepage | 02.28.06 - 9:17 pm | #

    Teros, V-Secure, Trustgenix, and Cyota. In that list, the only company I perceive as having any independent credibility is Teros. V-Secure’s funding and exit valuation suggests they had significantly less than $10MM In revenue. Cyota is on record making less than $10MM in ‘05.

    When a company with a left-field product and a tiny amount of revenue gets picked up by a major security player, is that consolidation, or simply the way the market works, a la Christensen?

    Put differently, if you’re an enterprise security buyer and you’re not going to purchase from anyone but the top 10 “diversified” security vendors (Cisco, Symantec, McAfee, Juniper, Checkpoint, CA, Microsoft, ISS, Citrix, RSA?), what you’re really saying is that you’re just not an early adopter. Which is fine, maybe even smart, but nothing about the dynamics of bringing a product to market has changed in the advent of “consolidation” to change the fact that new technology comes from startups.

    Broken record: the “1000+ security vendors” number includes god knows how many 10-person consultancies, and it includes Captus. The number of viable, serious product vendors is substantially lower. When you divide these vendors by the number of independent security buying centers in a large IT operation, it isn’t out of hand.
    Thomas Ptacek | Homepage | 03.01.06 - 11:42 am | #

    • Leave a reply