Microsoft Moves Forefront as Security Market Changes

Published: May 9, 2007

by Alex Woodie

Microsoft last week announced the availability of Forefront Client Security, its first foray into the market for desktop security software for businesses. With the clout of the world's largest software company behind it, analysts predict the new malware fighter could make a serious dent in what is becoming a commodity market for desktop security software. Microsoft also launched System Center Essentials 2007, a management console designed for mid size businesses.

Microsoft has had designs on the security software market for some time, and has made progress over the last three years. In December 2004, Microsoft bought Giant Software Company and then quickly offered that company's anti-spyware product as a free download, the Malicious Software Removal Tool, which it updates every month. In February 2005, Microsoft bought Sybari Software, a developer the antivirus software Antigen, which formed the basis of several antivirus packages, including Forefront Client Security.

Microsoft first ventured into desktop security last June when it rolled out OneCare, which was aimed at consumers. Meanwhile, the company continually updated its security offerings for servers, which are anchored by ISA Server 2006, Intelligent Application Gateway 2007 (acquired from Whale Communications last summer), and the Forefront Security for Exchange Server and Forefront Security for SharePoint, both of which stemmed from the Sybari-Antigen acquisition.

With the availability of Forefront Client Security, Microsoft has filled a major gap in its quest to provide a full range of IT security--the business desktop, quite possibly the most vulnerable component of any company's IT architecture, and feared by many system administrators who doesn't trust their users.

Forefront Client Security, which is largely based on OneCare and uses the same malware detection engine, provides protection against viruses, worms, Trojan horses, spyware, and rootkits, which are detected in real-time as well as through scheduled scans. The product has two parts. The first is a security agent that installs on business desktops, laptops, and server operating systems (including 32-bit and 64-bit versions of Windows 2000, Windows XP, Windows Server 2003, and Windows Vista). The second is a central management server used by administrators to configure and customize the agents, and to generate reports and alerts.

Bob Muglia, senior vice president of Microsoft's server and tools business, thinks Microsoft has a good shot at grabbing a bunch of market share in the desktop security space. "Obviously, there are other products in the marketplace, there are good products," he said during last week's Forefront launch event. "But we think that this product will provide a level of integration and simplicity that really differentiates it, and really enables a different kind of solution."

A big part of that simplicity is how Forefront Client Security integrates with other Microsoft products. With hooks into Active Directory, Windows Server Update Services (WSUS), Microsoft Update (MU), Microsoft Operations Manager (MOM) 2005, SQL Server, and compatibility with Windows Vista's network access protection (NAP) capability that will be activated when Windows Server "Longhorn" ships, administrators won't be as pressured to integrate the products themselves.

Others think Microsoft is on the verge of grabbing a share of the pie, too. According to a recent Enterprise Strategy Group report, the "Big 3" of the desktop security business--Symantec, McAfee, and Trend Micro--today account for 80 percent of the multibillion-dollar desktop security market. However, much like the "Big 3" automakers have suffered in the past decades, these vendors' clout in the desktop security space is diminishing as a result of the commoditization of "generic" desktop security capabilities.

A few years ago, having a desktop security product meant having antivirus software and a firewall. But today, security software vendors offer an array of capabilities, including intrusion prevention, anti-spyware, anti-spam, anti-phishing, URL filtering, rootkit detection, encryption, strong authentication, integrated backup, and network access control (NAC) (called NAP by Microsoft). As a result, basic malware protection has become a commodity.

Further fueling the fire is the considerable churn in the market. According to ESG, 40 percent of the responses to its survey said their organization was either "extremely likely" or "somewhat likely" to switch desktop security products when their current subscription runs out at the end of 12 months. Customer loyalty is flying out the window, and people are willing to try something new.

With the market undergoing so much change, ESG predicts Microsoft could take a significant chunk of market share from the incumbents with its new Forefront line. "With its Windows franchise, significant installed base, global reach, and unprecedented marketing muscle, Microsoft's entrance could have a profound impact on the desktop security status quo," ESG writes in its recent report "Desktop Security at a Crossroads." "Microsoft is already influencing desktop security today and will put its stamp on this market sooner rather than later."

Indeed, the shift is already happening, According to ESG's survey, nearly three-quarters of respondents have already evaluated Forefront, plan to in 2007, or would be open to evaluating the product. "This data indicates that Microsoft is already well on its way to establishing itself as a major desktop security vendor in the near future," ESG says.

Symantec--the biggest security software vendor--isn't taking the launch of Forefront lying down. While the security giant applauds Microsoft for raising awareness about security, it doesn't think Microsoft is up to the job of defending security, and so it's doing what anybody would do in this situation--it's talking some smack.

"From what Microsoft has said publicly, Forefront Client Security is based off the same antivirus and anti-spyware technology as its OneCare product," Symantec said in a written statement. "OneCare has failed multiple third-party antivirus tests, including the latest Virus Bulletin, which is widely considered the benchmark test for AV engines."

However, Symantec has had its own difficulties of late, according to Virus Bulletin. Its next generation "Hamlet" product, which combines traditional signature-based protection with "proactive protection from zero-day threats," has been delayed from the first quarter of 2007, and is now expected to be released in beta form in the next few months, the subscription-based antivirus newsletter says.

As the incumbent giant in the security space, Symantec is the target of numerous smaller security companies scrapping for a piece of the action. One such vendor is eEye Digital Security, a security research and product development organization that launched its free Windows security tool, called Blink Personal, a month ago.

As an indication of the competitiveness of this market, Ross Brown, eEye's then-CEO, wondered aloud "whether Symantec was still in the security business." Brown went on to say, "Right now there's an incredible backlash against them in particular. Recent viruses have gotten through because they weren't able to detect zero-days."

Microsoft also launched System Center Essentials 2007, which it describes as a management console designed to help IT professionals in mid size organizations manage their IT environments. The software provides a console where IT pros can view and manage servers, clients, hardware, software, and IT services.

Pricing for Forefront Client Security starts at $12.72 per user or device, per year for the security agent and at $2,468 per year for the management console. The software is available now through Microsoft Volume Licensing. It will be available as a standalone product in July.

Pricing for Microsoft System Center Essentials starts at $2,000 for a management server with built-in support for 50 clients and 10 servers. Customers can add up to 500 clients in increments of 20 users each for $400, and up to 30 servers in increments of five for $500. The product will be available in July via standard Microsoft volume licensing and retail channels.

RELATED STORIES

eEye Debuts Free Security Software for Windows

Microsoft Buys Security and Healthcare Companies

Microsoft Announces New Security Products and 'Forefront' Brand

Microsoft to Charge $50 Per Year for OneCare Live Security Solution

Antivirus, Anti-Spyware Strategy Moves Forward for Microsoft

Microsoft to Buy Antivirus Software Vendor Sybari

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot