SAN FRANCISCO — Everyone wants to tell (and sell) their security story at RSA Conference. But two in particular stood out, in part, for their business turnarounds: Juniper Networks and Symantec.
Both companies are betting big on an open, integrated platform approach to security. This approach isn’t unique to Juniper and Symantec — and indeed everyone from Google’s sister company Chronicle to the newly launched AT&T Cybersecurity division seemed to be preaching a similar message at RSA this year. What’t different about Juniper and Symantec is that they’ve been both steadily adding partners and integrations over the past few years. And now those investments appear to be paying off as the two legacy enterprise vendors look to have crossed the chasm from old school security to next-gen infrastructure.
Juniper rolled out its rebranded security architecture — Juniper Connected Security — this week at RSA. But Laurence Pitt, global security strategy director, said the company’s turnaround started about three and a half years ago.
“Juniper started to change how we messaged on security, and also started hiring people who didn’t just have technology conversations,” he said. “There’s a vendor tendency to want to talk about technology, and what it is that I have in my bag that you’d really like to buy from me, rather than understanding what companies’ challenges are.”
About a year later Juniper virtualized its SRX firewalls (and it has since containerized them), and it acquired security startup Cyphort. The vendor continues to integrate Cyphort’s technology across its portfolio. In 2017 it automated policy management and added one-touch mitigation to respond to threats. And a year ago Juniper added additional analytics and remediation capabilities from Cyphort to its security platform. It also integrates with non-Juniper gear including Cisco switches and partners with several other cloud, networking, and security vendors to extend workload protection across environments.
Changing the Conversation
The conversation has changed from a bottom-up conversation into a top-down conversation, Pitt said. “Juniper Connected Security is about our strength, [which] is in security: the ability to leverage intelligence across solutions to give people the best view on something that might be happening in their environment,” he said. “It’s all about having a lens in the right place.”
Juniper can do this because of where it sits in the networking stack, its endpoint protection and firewalls, and its focus on automation and open APIs, Pitt said.
All of these moves have helped Juniper move its security business back into the black after watching revenue fall since 2016. While other things including weak cloud and service provider sales continued to hurt Juniper’ bottom line in the fourth quarter of 2018, its security business shined, growing 34 percent quarter over quarter, and 18 percent compared to a year prior.
Security also surpassed $100 million in quarterly revenue for the first time in several years boosted, in part, by Juniper’s new high-end firewall line card. CEO Rami Rahim said this product “helped drive a high volume of deals greater than $1 million,” and added that the company expects to see continued security business growth in 2019.
After a rocky 2018 that included an executive team shakeup, an internal and SEC investigation related to financial disclosures, and global layoffs amid declining enterprise sales, Symantec started the new year with a strong quarter fueled by its enterprise sales.
The company’s enterprise security business generated $616 million in revenue for its third quarter of fiscal 2019, which was $31 million higher than its earlier guidance. “After a difficult first half of the year, we are pleased with a return to revenue growth in enterprise security, which grew 3 percent organically,” President and CEO Greg Clark told investors. The strong results also led Symantec to increase its enterprise security growth guidance for the full fiscal year.
Last month the company bought startup Luminate Security in a move that added software-defined perimeter technology to its cloud-native portfolio. And it also announced a massive collaboration with other leading security vendors joining its open ecosystem and integrating with its platform. More than 120 companies including Amazon Web Services (AWS), Box, IBM Security, Microsoft, Oracle, ServiceNow, and Splunk are building or have already built more than 250 products and services that integrate with Symantec’s Integrated Cyber Defense (ICD) Platform.
In an interview at RSA Conference, Art Gilliland, Symantec’s EVP and GM of enterprise products, credited the vendor’s turnaround to a change in its overall approach and its go-to-market strategy. This is driven by customers’ increasingly complex security infrastructure and growing number of products they employ to protect workloads across data centers and clouds.
Bridging Data Centers and Clouds
The threat landscape is also becoming sophisticated. “But that’s only part of the challenge I hear from customers,” Gilliland said. “It’s not the actual threat landscape they spend their energy on, it’s that they are having to secure their traditional data centers and environments, and they are being asked to extend that same security to new architectures and the cloud. And not all of the technologies that are good in the data center work as effectively in the cloud.”
Plus, companies are typically budget constrained. And even if they do have the budget, they can’t find enough people to do the work because of the shortage of security professionals in the field.
Symantec’s answer to this problem is its ICD Platform, Gilliland said. “ICD for us is the first step in the security industry to essentially do what happened in the financial systems when you went from individual billing and ledger to ERP, or the CRM space from contact management and marketing. All these elements, these big business processes, that customers spend an enormous amount of resources on ultimately come together and get integrated out of the box.”
The platform integrates Symantec’s traditional data center security products and its cloud-native tools that it has been steadily buying and building over the past few years.
Symantec started building ICD nearly three years ago after it acquired Blue Coat Systems and its cloud access security broker (CASB) technology — Symantec was the first legacy security vendor to scoop up a CASB startup back in 2016. Then it acquired Skycure a year later, and this integration uses Skycure’s technology to simplify CASB services for mobile apps.
Also in 2017 it bought Fireglass to add web isolation technologies to its portfolio. And late last year Symantec acquired Javelin Networks and Appthority to boost its endpoint security business.
These acquisitions, coupled with Symantec’s home-grown technology, provide a more comprehensive, unified security platform for customers across endpoints, networks, email, and cloud, which ultimately reduces complexity, the company claims.
The platform also integrates with hundreds of other security vendors and their products. Symantec opened its APIs and launched a partner program to do deeper integration work with key technology players. It now has more than 120 partners with more than 250 new applications and services that integrate with Symantec.
“The difference between CRM and security, though, is that we have an active adversary, so the workflow has to change to deal with these new threats,” Gilliland said. “It’s unlikely you will see a big monolithic platform for security that comes out and solves all of these problems. What you need is an open ecosystem with APIs. It has to be composable, and it has to be able to move and change. So that is the direction and the strategy that we are taking with ICD. And then we continue to invest in the integrations and the ecosystem.”
It’s too early to declare either company’s strategy a success after one solid security earnings quarter. But they both are making strides and appear to be on the right path. Future financials will tell if enterprises are buying Juniper and Symantec’s security stories. SDxCentral — and the industry at large — will be watching.