06:17 PM
Connect Directly
Repost This

Symantec Drops Managed Firewall, Managed Endpoint Services

Managed Security Services portfolio trimmed by security vendor

In what Symantec describes as a consolidation of its existing managed security services, the security giant quietly shuttered its Managed Firewall Service and its Managed Endpoint Protection service this summer.

Symantec didn't make a public announcement of the change. The company said it discontinued the two services on July 1 and at that time contacted its customers and partners of the services. "Symantec MSS Managed Firewall and Managed Endpoint Protection were discontinued for sale and have not been available since July 1, 2013. We communicated the changes to impacted customers and partners in July," the company said in a statement in response to a Dark Reading inquiry about the possible sun-setting of the services.

"Symantec Managed Security Services (MSS) is a key component of Symantec's Information Security portfolio and we are committed to our MSS offerings moving forward," the company said. "As we align with our new offering strategy and efforts to streamline our product range to provide fewer, more integrated solutions for our customers, Symantec made the decision to retire the Managed Firewall and Managed Endpoint Protection service offerings from its Managed Protection Services portfolio. This decision does not include Intrusion Detection/Prevention solutions nor impact MSS Security Monitoring. Existing customers will have use of the retired Managed Firewall and Managed Endpoint Protection services until the end of their annual service period. We are firmly committed to helping our partners and customers successfully navigate this process."

Symantec's Managed Security Services Web page currently lists three offerings: Security Monitoring Service, Intrusion Detection/Prevention Solution with Sourcefire, and its DeepSight Intelligence Services.

The move appears to be a standard business decision, says Mike Rothman, president of Securosis. "It's a necessary pruning process as they focus their business. That means some offerings won't meet the threshold for installed base, growth, and/or strategic value to the bigger story, and are therefore either sold off, if possible, or shut down," Rothman says. "Standard stuff for companies doing a strategic review."

Word of this latest service offering retirement comes on the heels of Symantec's announcement last week that it was dropping its cloud-based backup and recovery service, Backup Meanwhile, Symantec's president of products and services, Francis deSouza, left the company earlier this month to take the helm as president of Illumina. Symantec's products and services leadership team currently reports to Symantec president and CEO Steve Bennett.

J.J. Thompson, managing director and CEO of Rook Security, an Indianapolis-based security process integration provider, says this could indicate signs of trouble for other Symantec managed security services. "I find it interesting that Symantec continues to pull key components of its security offering. First it was security consulting services. Now they are moving onto their MSS, shortly after killing cloud backup. Our shared clients are very concerned with the message this sends -- is Symantec able to sustain their MSS offering or are they having to cut off their foot to save their leg?"

He contends that the move by Symantec won't better integrate its services. "They're pulling a key component of security program management out of their client portfolio for clients who selected Symantec as a 'full service' security partner," Thompson says. "It's becoming more clear to end user companies that where some of these traditional brands succeeded in the past, they are not able to keep up with more agile competitors who have business models that fit in line with today's strategic business drivers."

Meantime, the MSS global market is looking healthy going forward, according to new data from Transparency Market Research: It's estimated to grow at a compound annual growth rate of 15.4 percent through 2019. The MSS market worldwide was valued at $9.24 billion in 2012, the research firm says.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is Senior Editor at She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Published: 2014-04-24
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer log...

Best of the Web