$400 million deal will merge two top end-user monitoring tools

3 Min Read

Two of the industry's best-known end-user monitoring tool vendors -- Websense and SurfControl -- proposed a merger yesterday, putting an end to a storied rivalry and raising some questions about the future of the SurfControl line.

Websense said that its subsidiary, Websense SC Operations, has made a pre-conditional cash offer to acquire all shares of SurfControl, which makes on-demand Web and email security products. The deal is worth approximately $400 million.

The deal will let the two former rivals combine resources to compete with larger security software vendors, according to Gene Hodges, CEO of Websense. Websense, which makes software that detects spyware, phishing, and other malware, has leapfrogged SurfControl in recent years to become the market's biggest seller of Web filtering and end-user monitoring tools. It supports approximately 25 million PCs worldwide.

SurfControl, which was one of the first "parental control" tools for filtering unauthorized content from end users, now has some 16 million customers. While it has competed head-to-head with Websense for more than a decade, it has also developed some capabilities that Websense doesn't have, including an email filtering product and an on-demand filtering and security service called BlackSpider.

"Websense was the better product," says Rob Enderle, president of the Enderle Group, an IT consultancy. "SurfControl provided adequate coverage for a lot less money and was likely forcing Websense to drop prices. My sense is that, assuming they just don't do the Oracle/PeopleSoft thing and shut SurfControl down, they will position the SurfControl line as an entry level, value-based offering and Websense as their premium product."

"This looks more like a 'pooling of assets' type of acquisition than a 'we can do great things with this technology' type of acquisition," says Eric Ogren, principal analyst and founder of the Ogren Group, which specializes in consulting services for security vendors. "It perhaps signals the incorporation of email security into a broader application security portfolio, as evidenced by Cisco/IronPort and Secure Computing/CipherTrust purchases."

Hodges positioned SurfControl as a means of expanding Websense's prospects in the small- and medium-sized business market, and analysts said they expect the combined software company to continue to sell SurfControl as an entry-level product, then upsell the Websense line to companies that need more sophisticated content filtering tools.

"After the transaction closes, we are committed to supporting SurfControl's and Websense's customers and channel partners," Hodges said. "We plan to introduce a customer satisfaction and retention program and pledge to support SurfControl's layered software Web security solutions at least through 2010. We plan to enhance these products with data from the merged research databases of the two companies. We also plan to renew existing SurfControl subscriptions at competitive levels, similar to their historical prices."

The merger shortens the list of content filtering choices for users, and perhaps opens the door for competitors, analysts say. "If the SurfControl customers get the sense that their product will be crippled over time -- or worse, discontinued -- they will treat Websense like they did CA in the '90s and move to another vendor," Enderle says. "And this does seem rather likely."

Websense and SurfControl have very different corporate cultures, which could create problems, Ogren says. "It is very very difficult to integrate acquired organizations, and in this case, Websense and SurfControl are literally oceans apart," he notes, referring to Websense's U.K. headquarters. "Retaining star contributors and incenting the teams will be a challenge and a half."

The transaction, which has been approved unanimously by the boards of both companies, is expected to close approximately four months following regulatory approval by U.S. and U.K. agencies.

— Tim Wilson, Site Editor, Dark Reading

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading

Contributor

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights