Symantec Buys Altiris for $830M

If you had any questions about whether Symantec is serious about taking on Microsoft for the right to secure and manage the desktop, you can put them to rest right now.

Symantec today made a statement about its enterprise directions by acquiring Altiris, one of the industry's best-known desktop management tool vendors, for $830 million. The deal is expected to close in the second quarter.

The deal sets up a new tier of security vendors that clearly are targeting the enterprise market. Both Cisco and Microsoft have moved into the security market over the past year -- Symantec wants to compete on that level.

"What customers have always wanted is a choice," says John Thompson, chairman and CEO of Symantec. "We're offering an alternative for managing heterogeneous environments. We'll be competitive on Windows, but we think we have an advantage in that Microsoft doesn't offer support on non-Windows systems, and we will."

"This acquisition puts Symantec in an incredibly strong position against Trend Micro and McAfee and nearly ensures its dominance in the corporate security market," says Rob Enderle, principal analyst at Enderle Group, an IT consultancy. "In the end, this comes closest to putting Symantec on an equal footing with Cisco and Microsoft and, while you can't really bid the companies against each other, there is a reasonable chance that each will help keep the others in line."

The company once known for its stand-alone PC antivirus products is now going after the largest enterprises, experts say.

"The secret to this deal is that almost half of Altiris's revenue -- more than $100 million per year -- derives from services," says Eric Ogren, security analyst at the Enterprise Strategy Group. "Symantec needs powerful service relationships to move from desktop antivirus solutions to selling information security and information storage systems into large enterprises. IBM, EMC, and Cisco have been very successful pulling products with strong services models -- the trick for Symantec will be to move quickly in the field to carve out new business."

Up to now, Symantec and Altiris have been fighting the same war, managing and securing desktops and remote devices, on two different fronts. Symantec's products can detect potential security problems on end points, but they can't always fix them. Altiris's products, on the other hand, can do remote desktop configuration and changes, but don't detect security problems.

Symantec's Thompson laid out an enterprise scenario in which the two products would work together. "Customers put Symantec Deepsight threat management system to work immediately analyzing new vulnerabilities as they are discovered," he says. "Any exposed end-point devices would be quickly identified by the Altiris Configuration Management Database to determine the extent of a vulnerability and possible corrective measures.

"Symantec then delivers updated threat signatures against an immediate attack," Thompson continues. "In the case of an infected end point, Symantec's security products repair the damage by disinfecting and quarantining the system. Furthermore, we will now be able to complete the remediation process using Altiris's technology to deploy the necessary patch.

"Moreover, once the assets are repaired and protected, the Altiris Configuration Management Database is updated, and compliance is recalibrated using the Symantec compliance solutions," Thompson adds. "This creates a true closed-loop system for managing the end-point environment."

Thompson's scenario could work, experts say. Both companies have security information management tools, and there is a growing trend toward integration of SIM with traditional network and systems management tools anyway, according to a report by the 451 Group. (See Report: SIM Market to Heat Up.)

Financially, the deal could provide a much-needed shot in the arm for Symantec, whose earnings fell short of expectations in its fiscal second quarter, resulting in the announcement of a $200 million cost cut. Altiris's revenues, about $230 million last year, are "growing at two to three times the rate of Symantec's core business," Thompson says. There also will be opportunities for the combined company to cut costs by consolidating facilities and redundant operations, he adds.

The two major areas of overlap between the partners' product lines are in PC imaging (where Symantec's Ghost competes with Altiris's Migration Suite) and compliance, where both companies offer tools for auditing. Executives acknowledged the overlaps but did not say how they will handle the consolidation in those areas.

Analysts also noted that the two companies have different licensing models -- Altiris's software is licensed on a perpetual basis, while Symantec makes much of its money from annual subscriptions. Thompson says because Altiris will operate initially as a separate subsidiary, there won't be need to normalize those pricing models, but the combined company will look at providing a "single pricing model" for customers that have both companies' software.

In general, analysts looked on the deal with favor. "Symantec is one of two companies that does acquisitions well in the tech market," Enderle says. "Cisco is the other."

— Tim Wilson, Site Editor, Dark Reading