AON: Why the IBM and Cisco Relationship Is Headed For A Break-Up
Cisco’s long awaited announcement of its Applications Oriented Networking (AON) products a couple weeks ago foreshadows a coming battle that may rip apart the cozy and long standing strategic alliance between IBM and Cisco. Cisco and IBM have somehow defied the odds over the last few years to maintain a high-profile strategic alliance, one which many people felt would be over faster than Britney Spears' 1st marriage. The two companies have partnered together on a myriad of initiatives from data center management, to security, to storage networking, seemingly secure in the knowledge that neither firm had any intentions of getting into the other’s core business. However with the launch of AON it is now crystal clear that Cisco has designs on at least a portion of IBM’s core business and that IBM must respond before one of its crown jewels, its infrastructure software portfolio, is rapidly commoditized.
E Tu, Taf?
The primary architect of Cisco’s new AON strategy, Taf Anthias, is none other than the former head of IBM’s MQ Series middleware messaging platform. What Taf has done at Cisco is to try and create networking devices that are not packet aware, but message aware. As I have outlined before, message aware networking is one of the most important trends in software today. The focus of message aware networking is to migrate basic tasks such as security, transformation, and message routing away from application servers and message brokers and into network devices. This migration should not only theoretically increase performance and enhance flexibility but it should also create the foundation necessary to properly run complex, highly scaled, Service Oriented Architectures.
Same Problem, Different Perspective
The problem for networking companies, such as Cisco, has been that message aware networking is not a natural fit. While it looks a lot like networking in that it needs dedicated devices to process a large volume of standards based information quickly, it also looks a lot like application software in that it is message, not packet, based, and you therefore need to understand the context and content of the message in order to be able to process it. Cisco recognized this conundrum some time ago and instead of trying to turn some of its “packet heads” into application engineers, it hired Taf.
Infrastructure software vendors, such as IBM, face the reverse problem: message aware networking looks a lot like middleware message processing, but it requires a level of performance, security, flexibility and even dedicated hardware that makes it look a lot more like networking.
An Uneasy Truce Leads To A Long War
For the last couple years, both the networking companies and the infrastructure software companies have recognized message aware networking as a dangerous, but potentially lucrative “demilitarized zone” that separated their two industries. Up until now, both sides have been content to let a small cadre of start-ups fight it out as none of the big boys wanted to risk upsetting the global order by making a major move into the space.
However with the explosion of interest in Service Oriented Architectures and the rapid adoption of XML-based messaging, it was only a matter of time before one of the big players made a move. Now that Cisco has taken the first shot with AON, IBM, and other infrastructure software players such as BEA, HP, CA, and Microsoft, must respond or they risk ceding a significant portion of their “value add” to Cisco and other networking vendors.
While there are many battles left to fight in the war for control over message aware networking, the first casualty will likely be the previously cozy relationship between IBM and Cisco as it's hard to partner with someone that has clearly made a strategic decision to try to destroy part of your core business.
I Spy With My Little Eye $108MM
I have to admit, when I first read reports of Webroot's recent $108M VC round, I had a serious case of bubble "Deja Vu". "$108MM for a software company?!? What on god's earth are they going to do with that kind of money, paper the walls?" After all, the track record of $100M+ VC rounds for software companies has not exactly been a star-studded one.
A quick look at VentureSource shows that only 3 other Software deals have ever raised more than $90M in a single round of VC funding (Asera, Buildnet, Zaplet) and their track records weren't exactly encouraging: all three either went out of business or were basically sold for scrap.
It'll Be Different This Time
All that said, Webroot, does appear to be cut from a different cloth. First, the company has supposedly been cash flow positive for some time whereas the three other deals were all burning millions of dollars a month. Second, Webroot actually has a very well respected product (the anti-spyware product called Spy Sweeper)that is selling like hotcakes. Finally, I suspect that, given the cash flow positive nature of the company, a large chunk of the money went to buying secondary shares from the existing shareholders (perhaps a former founder or something like that). Buying secondary shares has its own risks, but it's often the only way to get a meaningful piece of an already successful business.
Given these factors, as well as the 1 million+ enterprise seats that Webroot has supposedly sold in just 6 months, I am prepared to say that the chances of Webroot ending up like the other companies in the $100M+ club are pretty remote at this point in time.
There Is This Small Matter of Microsoft Though...
However, one does have to wonder about the wisdom of sinking $108M into anti-spyware software especially given some recent developments in the space. Perhaps the most worrisome development in the space has got to be Microsoft's recent beta launch of its own anti-spyware software. For anyone that hasn't been paying attention to Microsoft in the past 2 years, they have made improving the security of their client operating system their #1 corporate priority. The only way for Microsoft to do this is to heavily integrate three technologies into its core platform: anti-virus, spam control, and anti-spywarre. Whereas in the past Microsoft was content to let 3rd parties (such as SYMC and MFE) deal with these seemingly minor nuisances, they are now not just committed, but almost compelled to enter these spaces with a vengance and deeply integrate these technologies into their platform.
While to date Microsoft's efforts have been underwhelming, they have been methodically laying the foundation necessary to enter the space and have made several acquisitions in addition the anti-spyware vendor, including a new one in the enterprise anti-virus space that they just announced today. Thus, it is clear that any player in the anti-spyware space is going to have to go mano-y-mano with Redmond at some point in the near future. Even though Microsoft's anti-trust handcuffs make it a somewhat less feared opponent than in the past, just ask Netscape about how unwise it is to underestimating the power bundling.
In addition to Microsoft, many of the other major players in the client security business have already made their moves in the spyware space including MFE which announced a product last year and CA which acquired Pestpatrol. Symantec hasn't made any major acquisitions in the space, but it claims to be close to launching its own internally developed platform shortly. With so many of the big players in the space already paired up, that doesn't leave a lot of "outlet receivers" available in the event that Webroot decides to sell out rather than try to go it alone.
Built to Sell
Of course selling out is pretty much the most likely option for Webroot, perhaps the only option. While Spyware is hot, it's not exactly the kind of core enterprise technology that you can hope to build a platform business on; it is simply a very hot niche product that would fit nicely into well established distribution channels, customer bases, and (in some cases, technical architectures) of established enterprise security firms.
I suspect the VCs are well aware of this situation. Indeed it comes as no surprise to see that two of the VCs that invested in Webroot (Accel and TCV), also invested in Brightmail. Brightmail was an anti-spam vendor that was sold to Symantec for $370M in 2004. It should also come as no surprise that these VCs invested in Webroot shortly after Brightmail's former CFO, Mike Irwin (who is great guy), joined Webroot. Thus, the most interesting thing to me about this investment is to speculate on when Webroot will attempt a similar exit and whether or not the founders of Webroot will willingly go along for the ride.
In terms of the founders, after reading their statements about the acquisition I wonder if they really believe that they are going to be able to take a stand alone anti-spyware company public or if they are just dutifully posturing. My guess is that they do believe it and who knows, they actually might be able to get the company public given its rapid growth, keeping it independent once it is public though is another matter. It's hard to comprehend that this company can or should stay independent over the long run given the industry dynamics it is facing and the fact that it is essentially limited to a single niche. Long term they stand no chance against the large integrated players as spyware is really just an extension of a bunch of other client "scanning" technologies to being with (anti-virus, intrusion detection, registry clean-ups, etc.).
Assuming the above is true, the really interesting question about this deal, is just who do the VCs expect that they will sell this company too? I have a few guesses:
1. Symantec: I have to imagine that the VCs have some pretty good intel on how the (already delayed) SYMC anti-spyware product is doing given that they recently sold Brightmail to SYMC. SYMC has shown that it is not afraid to pay up for companies that it thinks are market leaders, so perhaps the VC's figure that SYMC may abandon their internal efforts and simply buy-out Webroot in order to get their anti-spyware efforts back on track.
2. TrendMicro: Trend is the big anti-virus player in Asia (especially Japan) and it is behind the 8 ball when it comes to anti-spyware products having made no major acquisition in the space. Trend does not have the strong track record of acquisitions that SYMC and MFE does, so perhaps they will limit their interaction with Webroot to some kind of OEM deal, similar to what they did for anti-spam techniology with Postini.
3. Intrusion Detection Companies: Depending on the architecture (host or network), Intrusion detection looks a lot like the Enterprise version of Spy Sweeper. Not as much like anti-virus, but close enough. Besides, the Intrusion detection guys have got to figure out an avenue for growth and spyware is one of the better ones to come along in awhile. ISS is the main player here, but many of the other enterprise security players also have intrusion detection products.
If Webroot does not sell out and stubbornly tries to remain independent I suspect it may join the scrap heap of other $100M+ software rounds, but I suspect reason (and the VCs) will prevail and they will sell out, albeit only after the VCs can clearly justify a decent return on whatever price they paid.
P.S. If anyone has any bets on A) who will acquire Webroot B) when and C) for how much, please feel free to post a comment. I will reward the winner with laudatory praise for their investment accumen when the deal actually happens.
Shotgun Wedding: Is Symantec Afraid of Microsoft's Baby?
The investment bankers marrying off Symantec and Veritas had better not ask Wall Street to “speak now or forever hold its peace” because they are likely to get quite an earful. Indeed, with Symantec’s stock down almost 23% since the deal was first rumored The Street has already spoken, and from what it’s saying these two lovebirds are going to have a hard time formally exchanging vows.
Conventional wisdom holds that much of this sell-off has been driven by (mostly valid) concerns that Veritas’ relatively lower growth rates will drag down Symantec’s high flying multiple, but underneath these surface issues likely lies a more deep-seated fear that Symantec’s Cinderella story may soon be over thanks to the fact that Microsoft is finally fully pregnant with a new, security focused “baby”. Viewed from this perspective, Symantec’s surprise merger with Veritas is a shotgun wedding that implicitly acknowledges the fact that Microsoft may shortly make the consumer and SME security software marketplaces a very bloody battlefield leaving Symantec with no choice but to “go corporate” in a hurry.
Waiting For Godot
Waiting For Godot
Pundits, hedge funds, and Pollyannaish anti-trust types have long speculated that Microsoft intends to make security software one of its core business units. At first such desires were assumed to simply be motivated by Microsoft’s insatiable appetite for growth and their Conan the Barbarian-like desire to crush their enemies, see them driven before them, and to hear the lamentations of their women. However in the last couple years, thanks largely to Outlook and IE born viruses, Microsoft’s security software ambitions have been transformed from mere sport, into a critical business issue. With every widely publicized e-mail virus, Microsoft’s reputation takes a heavy hit and its customers become more and more perturbed. As a result, security software has gone from a “nice to have” to a “must have” for Microsoft.
With Windows XP Service Pack 2, Microsoft took its first tentative steps in this direction, but the company realizes that the only way to fully protect its software from security threats it to deeply integrate security technology into the core of operating systems and desktop applications. This realization set the stage for two small acquisitions by Microsoft. The first acquisition was of a small anti-virus software maker called GeCAD in June of 2003 and the second was of a small anti-spyware company called Giant in December of 2004.
Collapse of the Confident Facade
Collapse of the Confident Facade
Symantec has paid close attention to Microsoft’s moves and has gone to great pains to downplay them and insist that their anti-virus corporate accounts were not at risk even if Microsoft moved with full force into the anti-virus marketplace. Most investors have taken Symantec at its word assuming that the management team had reason to be confident and that Symantec, like Intuit, might be one of the few companies that could not only survive but thrive in the face of full fledged Microsoft assault.
Unfortunately for Symantec, actions often speak louder than words and in this vein its surprise acquisition of Veritas speaks volumes. If Symantec was so confident that it could survive Microsoft’s antivirus onslaught, why then are they suddenly purchasing a software company growing at half their rate and operating in sectors that have little if any synergy with Symantec’s current security-focused product lines? In fact, of all the potential companies that the street has theorized Symantec might buy (I actually had my own theory), Veritas was one of the last companies that people expected Symantec to buy. It’s almost as if Symantec is trying to move away from its core business as far and as fast as possible.
Thus Symantec’s acquisition of Veritas is an implicit admission of two key points: 1) that Microsoft’s entry into the security software market is making that market a much less attractive incremental investment space and 2) that SYMC can’t sustain the growth rates that were, until recently, supporting its lofty PE. In this light, the 23% decline in SYMC’s stock price is not only understandable, but probably less than one might otherwise expect. If Symantec and Veritas can’t counteract these concerns and convince the Street that their merger is the result of mutual love and respect for a viable long term growth strategy, then they had better cut short their romance as shotgun weddings don’t work when the real issue is another person’s baby.